review.tizen.org Git - platform/kernel/linux-amlogic.git/commit

author	Yue Wang <yue.wang@amlogic.com>
	Mon, 24 Jul 2017 08:08:25 +0000 (16:08 +0800)
committer	Jianxin Pan <jianxin.pan@amlogic.com>
	Fri, 28 Jul 2017 02:21:44 +0000 (19:21 -0700)
commit	817c44f524419bc3e7a4a1f257f89dd68ad7a3f7
tree	1538f7ca3f5edc05078771d3ae7604467272f15a	tree \| snapshot
parent	cae7e74f50982203799fe9cd6bcd1827981142db	commit \| diff

usb: fix adb reboot panic.

PD#146539: usb: fix adb reboot panic.

Avoid kernel panic caused by race condition. For example,
1. In the ffs_epfile_io function, data buffer is allocated
for non-halt requests and the address of this buffer is
writed to usb controller registers.
2. After adb process be killed, data buffer is freed and
this memory is allocated for the other. But the address
is hold by the controller.
3. Adbd in PC is running. So, the controller receive the
data and write to this memory.
4. The value of this memory is modified by the controller.
This could cause the kernel panic.

To avoid this, during FunctionFS mount, we allocated the
data buffer for requests. And the memory resources has
been released in kill_sb.

Change-Id: Ie06fae8ce18ea553d71f4841458c3c3af096ff4b
Signed-off-by: Yue Wang <yue.wang@amlogic.com>

drivers/usb/gadget/function/f_fs.c		diff \| blob \| history
drivers/usb/gadget/function/u_fs.h		diff \| blob \| history