Android N adds os_desc_compat in v2_descriptor by init_functionfs() (system/core/adb/usb_linux_client.cpp) to support automatic install of MTP driver on Windows for USB device mode. Current __ffs_data_do_os_desc() of f_fs.c will check reserved1 field and return -EINVAL. This results in a second adb_write of usb_linux_client.cpp (system/core/adb/) which doesn't have ss_descriptors filled. Then later kernel_panic (composite.c) occurs when ss_descriptors as a pointer with NULL is being accessed. Fix is to ignore the checking on reserved1 field so that first adb_write goes successfully with v2_descriptor which has ss_descriptors filled. Signed-off-by: Jim Lin <jilin@xxxxxxxxxx> --- drivers/usb/gadget/function/f_fs.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/usb/gadget/function/f_fs.c b/drivers/usb/gadget/function/f_fs.c index 73515d5..f5ea3df 100644 --- a/drivers/usb/gadget/function/f_fs.c +++ b/drivers/usb/gadget/function/f_fs.c @@ -2050,8 +2050,7 @@ static int __ffs_data_do_os_desc(enum ffs_os_desc_type type, int i; if (len < sizeof(*d) || - d->bFirstInterfaceNumber >= ffs->interfaces_count || - d->Reserved1) + d->bFirstInterfaceNumber >= ffs->interfaces_count) return -EINVAL; for (i = 0; i < ARRAY_SIZE(d->Reserved2); ++i) if (d->Reserved2[i]) -- 1.9.1 -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
