NothingOSS/android_kernel_msm-6.1_nothing_sm7635
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_msm-6.1_noth.../drivers
History
Elson Roy Serrao 03285557de usb: dwc3: gadget: Reset num TRBs before giving back the request 
commit 00f8205ffcf112dcef14f8151d78075d38d22c08 upstream.

Consider a scenario where cable disconnect happens when there is an active
usb reqest queued to the UDC. As part of the disconnect we would issue an
end transfer with no interrupt-on-completion before giving back this
request. Since we are giving back the request without skipping TRBs the
num_trbs field of dwc3_request still holds the stale value previously used.
Function drivers re-use same request for a given bind-unbind session and
hence their dwc3_request context gets preserved across cable
disconnect/connect. When such a request gets re-queued after cable connect,
we would increase the num_trbs field on top of the previous stale value
thus incorrectly representing the number of TRBs used. Fix this by
resetting num_trbs field before giving back the request.

Fixes: 09fe1f8d7e ("usb: dwc3: gadget: track number of TRBs per request")
Cc: stable <stable@kernel.org>
Signed-off-by: Elson Roy Serrao <quic_eserrao@quicinc.com>
Acked-by: Thinh Nguyen <Thinh.Nguyen@synopsys.com>
Message-ID: <1685654850-8468-1-git-send-email-quic_eserrao@quicinc.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-21 16:00:57 +02:00
..
accessibility tty: fix possible null-ptr-defer in spk_ttyio_release 2023-01-24 07:24:37 +01:00
acpi ACPI: resource: Add IRQ override quirk for LG UltraPC 17U70P 2023-06-09 10:34:14 +02:00
amba
android binder: fix UAF of alloc->vma in race with munmap() 2023-05-30 14:03:19 +01:00
ata ata: libata-scsi: Use correct device no in ata_find_dev() 2023-06-09 10:34:21 +02:00
atm atm: idt77252: fix kmemleak when rmmod idt77252 2023-03-30 12:49:09 +02:00
auxdisplay auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() 2023-03-11 13:55:16 +01:00
base regmap: Account for register length when chunking 2023-06-09 10:34:28 +02:00
bcma
block xen/blkfront: Only check REQ_FUA for writes 2023-06-21 16:00:53 +02:00
bluetooth Bluetooth: hci_qca: fix debugfs registration 2023-06-14 11:15:28 +02:00
bus bus: mhi: host: Range check CHDBOFF and ERDBOFF 2023-05-11 23:03:05 +09:00
cdrom
char parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory() 2023-06-21 16:00:53 +02:00
clk clk: pxa: fix NULL pointer dereference in pxa3xx_clk_update_accr 2023-06-21 16:00:57 +02:00
clocksource clocksource/drivers/davinci: Fix memory leak in davinci_timer_register when init fails 2023-05-11 23:03:35 +09:00
comedi comedi: adv_pci1760: Fix PWM instruction handling 2023-01-24 07:24:35 +01:00
connector
counter counter: 104-quad-8: Fix Synapse action reported for Index signals 2023-04-13 16:55:31 +02:00
cpufreq cpufreq: amd-pstate: Add ->fast_switch() callback 2023-06-05 09:26:21 +02:00
cpuidle RISC-V: Align SBI probe implementation with spec 2023-05-11 23:03:04 +09:00
crypto crypto: sun8i-ss - Fix a test in sun8i_ss_setup_ivs() 2023-05-17 11:53:40 +02:00
cxl cxl: Wait Memory_Info_Valid before access memory related info 2023-05-30 14:03:32 +01:00
dax dax/kmem: Fix leak of memory-hotplug resources 2023-03-10 09:34:25 +01:00
dca
devfreq
dio
dma dmaengine: pl330: rename _start to prevent build error 2023-06-09 10:34:00 +02:00
dma-buf dma-buf: actually set signaling bit for private stub fences 2023-02-09 11:28:23 +01:00
edac EDAC/qcom: Get rid of hardcoded register offsets 2023-06-21 16:00:51 +02:00
eisa
extcon
firewire firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region 2023-02-09 11:27:59 +01:00
firmware firmware: arm_ffa: Set handle field to zero in memory descriptor 2023-06-14 11:15:31 +02:00
fpga fpga: bridge: fix kernel-doc parameter description 2023-05-11 23:03:27 +09:00
fsi use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
gnss
gpio gpio: sim: fix memory corruption when adding named lines and unnamed hogs 2023-06-14 11:15:31 +02:00
gpu drm/amdgpu: add missing radeon secondary PCI ID 2023-06-21 16:00:56 +02:00
greybus
hid HID: wacom: avoid integer overflow in wacom_intuos_inout() 2023-06-09 10:34:18 +02:00
hsi
hte hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id() 2023-05-11 23:03:38 +09:00
hv Drivers: vmbus: Check for channel allocation before looking up relids 2023-04-13 16:55:18 +02:00
hwmon hwmon: (k10temp) Add PCI ID for family 19, model 78h 2023-06-09 10:34:08 +02:00
hwspinlock
hwtracing coresight: Fix signedness bug in tmc_etr_buf_insert_barrier_packet() 2023-05-30 14:03:22 +01:00
i2c i2c: sprd: Delete i2c adapter in .remove's error path 2023-06-14 11:15:32 +02:00
i3c
idle Revert "cpuidle, intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE *again*" 2023-04-06 12:10:58 +02:00
iio iio: dac: build ad5758 driver when AD5758 is selected 2023-06-09 10:34:19 +02:00
infiniband RDMA/uverbs: Restrict usage of privileged QKEYs 2023-06-21 16:00:56 +02:00
input Input: fix open count when closing inhibited device 2023-06-14 11:15:23 +02:00
interconnect interconnect: qcom: rpm: drop bogus pm domain attach 2023-05-11 23:03:28 +09:00
iommu iommu/amd/pgtbl_v2: Fix domain max address 2023-06-09 10:34:28 +02:00
ipack
irqchip irqchip/gic: Correctly validate OF quirk descriptors 2023-06-21 16:00:54 +02:00
isdn use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
leds leds: tca6507: Fix error handling of using fwnode_property_read_string 2023-05-11 23:03:36 +09:00
macintosh macintosh: via-pmu-led: requires ATA to be set 2023-05-11 23:03:31 +09:00
mailbox mailbox: mailbox-test: fix a locking issue in mbox_test_message_write() 2023-06-09 10:34:17 +02:00
mcb mcb-pci: Reallocate memory region to avoid memory overlapping 2023-05-24 17:32:41 +01:00
md dm thin: fix issue_discard to pass GFP_NOIO to __blkdev_issue_discard 2023-06-21 16:00:55 +02:00
media media: uvcvideo: Don't expose unsupported formats to userspace 2023-06-09 10:34:18 +02:00
memory memory: tegra30-emc: fix interconnect registration race 2023-03-22 13:33:56 +01:00
memstick memstick: r592: Fix UAF bug in r592_remove due to race condition 2023-05-24 17:32:35 +01:00
message scsi: message: mptlan: Fix use after free bug in mptlan_remove() due to race condition 2023-05-24 17:32:37 +01:00
mfd mfd: intel-lpss: Add Intel Meteor Lake PCH-S LPSS PCI IDs 2023-05-24 17:32:42 +01:00
misc eeprom: at24: also select REGMAP 2023-06-14 11:15:32 +02:00
mmc mmc: pwrseq: sd8787: Fix WILC CHIP_EN and RESETN toggling order 2023-06-09 10:34:22 +02:00
most
mtd mtdchar: mark bits of ioctl handler noinline 2023-06-09 10:34:24 +02:00
mux
net net: usb: qmi_wwan: add support for Compal RXM-G1 2023-06-21 16:00:56 +02:00
nfc nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition 2023-03-22 13:33:46 +01:00
ntb
nubus
nvdimm cxl/pmem: Fix nvdimm registration races 2023-03-10 09:34:20 +01:00
nvme NVMe: Add MAXIO 1602 to bogus nid list. 2023-06-21 16:00:54 +02:00
nvmem nvmem: core: fix return value 2023-02-09 11:28:25 +01:00
of of: overlay: Fix missing of_node_put() in error case of init_overlay_changeset() 2023-06-21 16:00:51 +02:00
opp OPP: fix error checking in opp_migrate_dentry() 2023-03-10 09:33:01 +01:00
parisc parisc: Replace regular spinlock with spin_trylock on panic path 2023-05-24 17:32:42 +01:00
parport
pci PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports 2023-06-21 16:00:52 +02:00
pcmcia
peci
perf perf/arm-cmn: Fix port detection for CMN-700 2023-05-11 23:03:16 +09:00
phy phy: qcom-qmp-pcie-msm8996: fix init-count imbalance 2023-06-09 10:34:23 +02:00
pinctrl pinctrl: meson-axg: add missing GPIOA_18 gpio group 2023-06-14 11:15:28 +02:00
platform platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0 2023-06-21 16:00:52 +02:00
pnp
power power: supply: Fix logic checking if system is running from battery 2023-06-21 16:00:52 +02:00
powercap powercap: fix possible name leak in powercap_register_zone() 2023-03-10 09:32:56 +01:00
pps
ps3
ptp ptp_qoriq: fix memory leak in probe() 2023-04-06 12:10:44 +02:00
pwm pwm: mtk-disp: Configure double buffering before reading in .get_state() 2023-05-11 23:03:37 +09:00
rapidio
ras
regulator regulator: Fix error checking for debugfs_create_dir 2023-06-21 16:00:52 +02:00
remoteproc remoteproc: imx_dsp_rproc: Fix kernel test robot sparse warning 2023-05-24 17:32:53 +01:00
reset reset: uniphier-glue: Fix possible null-ptr-deref 2023-02-01 08:34:05 +01:00
rpmsg rpmsg: glink: Propagate TX failures in intentless mode as well 2023-05-11 23:03:16 +09:00
rtc rtc: k3: handle errors while enabling wake irq 2023-05-11 23:03:33 +09:00
s390 s390/dasd: Use correct lock while counting channel queue length 2023-06-14 11:15:27 +02:00
sbus
scsi scsi: megaraid_sas: Add flexible array member for SGLs 2023-06-14 11:15:15 +02:00
sh
siox
slimbus
soc qcom: llcc/edac: Fix the base address used for accessing LLCC banks 2023-06-21 16:00:51 +02:00
soundwire soundwire: stream: Add missing clear of alloc_slave_rt 2023-06-14 11:15:32 +02:00
spi spi: qup: Request DMA before enabling clocks 2023-06-14 11:15:15 +02:00
spmi spmi: Add a check for remove callback when removing a SPMI driver 2023-05-11 23:03:31 +09:00
ssb
staging Revert "staging: rtl8192e: Replace macro RTL_PCI_DEVICE with PCI_DEVICE" 2023-06-14 11:15:34 +02:00
target scsi: target: iscsit: Free cmds before session free 2023-05-24 17:32:37 +01:00
tc
tee tee: amdtee: Add return_origin to 'struct tee_cmd_load_ta' 2023-06-14 11:15:28 +02:00
thermal thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe 2023-05-11 23:03:37 +09:00
thunderbolt thunderbolt: Mask ring interrupt on Intel hardware as well 2023-06-21 16:00:56 +02:00
tty serial: lantiq: add missing interrupt ack 2023-06-21 16:00:57 +02:00
ufs scsi: ufs: ufs-pci: Add support for Intel Lunar Lake 2023-05-24 17:32:37 +01:00
uio
usb usb: dwc3: gadget: Reset num TRBs before giving back the request 2023-06-21 16:00:57 +02:00
vdpa vduse: avoid empty string for dev name 2023-06-14 11:15:32 +02:00
vfio vfio/type1: check pfn valid before converting to struct page 2023-06-05 09:26:19 +02:00
vhost vhost_vdpa: support PACKED when setting-getting vring_base 2023-06-14 11:15:33 +02:00
video fbcon: Fix null-ptr-deref in soft_cursor 2023-06-09 10:34:26 +02:00
virt virt/coco/sev-guest: Double-buffer messages 2023-05-11 23:03:10 +09:00
virtio virtio_ring: don't update event idx on get_buf 2023-05-11 23:03:31 +09:00
vlynq
w1 w1: fix WARNING after calling w1_process() 2023-02-01 08:34:26 +01:00
watchdog watchdog: menz069_wdt: fix watchdog initialisation 2023-06-09 10:34:07 +02:00
xen xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() 2023-05-30 14:03:32 +01:00
zorro
Kconfig
Makefile