diff options
| author | Michal Kubecek <mkubecek@suse.cz> | 2021-09-01 19:35:49 +0300 |
|---|---|---|
| committer | Jiri Kosina <jkosina@suse.cz> | 2021-09-01 21:52:31 +0300 |
| commit | 5049307d37a760e304ad191c5dc7c6851266d2f8 (patch) | |
| tree | 4af4171393ff400db57d42c29b6458562b15d8da /scripts/gdb/linux/utils.py | |
| parent | f7744fa16b96da57187dc8e5634152d3b63d72de (diff) | |
| download | linux-5049307d37a760e304ad191c5dc7c6851266d2f8.tar.xz | |
HID: usbhid: Fix flood of "control queue full" messages
[patch description by Alan Stern]
Commit 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength
for control transfers") causes control URB submissions to fail if the
transfer_buffer_length value disagrees with the setup packet's wLength
valuel. Unfortunately, it turns out that the usbhid can trigger this
failure mode when it submits a control request for an input report: It
pads the transfer buffer size to a multiple of the maxpacket value but
does not increase wLength correspondingly.
These failures have caused problems for people using an APS UPC, in
the form of a flood of log messages resembling:
hid-generic 0003:051D:0002.0002: control queue full
This patch fixes the problem by setting the wLength value equal to the
padded transfer_buffer_length value in hid_submit_ctrl(). As a nice
bonus, the code which stores the transfer_buffer_length value is now
shared between the two branches of an "if" statement, so it can be
de-duplicated.
Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Fixes: 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength for control transfers")
Tested-by: Oleksandr Natalenko <oleksandr@natalenko.name>
Tested-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Acked-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Cc: stable@vger.kernel.org
Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Diffstat (limited to 'scripts/gdb/linux/utils.py')
0 files changed, 0 insertions, 0 deletions