Blame 0301-usb-controllers-do-not-need-to-check-for-babble-them.patch

Hans de Goede c8dfc6
From d69c3f589874de55e2eae03110a0c696485b8fa7 Mon Sep 17 00:00:00 2001
Hans de Goede c8dfc6
From: Hans de Goede <hdegoede@redhat.com>
Hans de Goede c8dfc6
Date: Fri, 17 Aug 2012 11:39:16 +0200
Hans de Goede c8dfc6
Subject: [PATCH 301/366] usb: controllers do not need to check for babble
Hans de Goede c8dfc6
 themselves
Hans de Goede c8dfc6
Hans de Goede c8dfc6
If an (emulated) usb-device tries to write more data to a packet then
Hans de Goede c8dfc6
its iov len, this will trigger an assert in usb_packet_copy(), and if
Hans de Goede c8dfc6
a driver somehow circumvents that check and writes more data to the
Hans de Goede c8dfc6
iov then there is space, we have a much bigger problem then not correctly
Hans de Goede c8dfc6
reporting babble to the guest.
Hans de Goede c8dfc6
Hans de Goede c8dfc6
In practice babble will only happen with (real) redirected devices, and there
Hans de Goede c8dfc6
both the usb-host os and the qemu usb-device code already check for it.
Hans de Goede c8dfc6
Hans de Goede c8dfc6
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Hans de Goede c8dfc6
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Hans de Goede c8dfc6
---
Hans de Goede c8dfc6
 hw/usb/hcd-ehci.c | 4 ----
Hans de Goede c8dfc6
 hw/usb/hcd-uhci.c | 5 -----
Hans de Goede c8dfc6
 2 files changed, 9 deletions(-)
Hans de Goede c8dfc6
Hans de Goede c8dfc6
diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c
Hans de Goede c8dfc6
index 017342b..9523247 100644
Hans de Goede c8dfc6
--- a/hw/usb/hcd-ehci.c
Hans de Goede c8dfc6
+++ b/hw/usb/hcd-ehci.c
Hans de Goede c8dfc6
@@ -1481,10 +1481,6 @@ static void ehci_execute_complete(EHCIQueue *q)
Hans de Goede c8dfc6
             assert(0);
Hans de Goede c8dfc6
             break;
Hans de Goede c8dfc6
         }
Hans de Goede c8dfc6
-    } else if ((p->usb_status > p->tbytes) && (p->pid == USB_TOKEN_IN)) {
Hans de Goede c8dfc6
-        p->usb_status = USB_RET_BABBLE;
Hans de Goede c8dfc6
-        q->qh.token |= (QTD_TOKEN_HALT | QTD_TOKEN_BABBLE);
Hans de Goede c8dfc6
-        ehci_raise_irq(q->ehci, USBSTS_ERRINT);
Hans de Goede c8dfc6
     } else {
Hans de Goede c8dfc6
         // TODO check 4.12 for splits
Hans de Goede c8dfc6
 
Hans de Goede c8dfc6
diff --git a/hw/usb/hcd-uhci.c b/hw/usb/hcd-uhci.c
Hans de Goede c8dfc6
index b0db921..c7c8786 100644
Hans de Goede c8dfc6
--- a/hw/usb/hcd-uhci.c
Hans de Goede c8dfc6
+++ b/hw/usb/hcd-uhci.c
Hans de Goede c8dfc6
@@ -729,11 +729,6 @@ static int uhci_complete_td(UHCIState *s, UHCI_TD *td, UHCIAsync *async, uint32_
Hans de Goede c8dfc6
         *int_mask |= 0x01;
Hans de Goede c8dfc6
 
Hans de Goede c8dfc6
     if (pid == USB_TOKEN_IN) {
Hans de Goede c8dfc6
-        if (len > max_len) {
Hans de Goede c8dfc6
-            ret = USB_RET_BABBLE;
Hans de Goede c8dfc6
-            goto out;
Hans de Goede c8dfc6
-        }
Hans de Goede c8dfc6
-
Hans de Goede c8dfc6
         if ((td->ctrl & TD_CTRL_SPD) && len < max_len) {
Hans de Goede c8dfc6
             *int_mask |= 0x02;
Hans de Goede c8dfc6
             /* short packet: do not update QH */
Hans de Goede c8dfc6
-- 
Hans de Goede c8dfc6
1.7.12
Hans de Goede c8dfc6