We see a large number of fixes to several drivers to remove the usage of on-stack buffers feeding into USB transfer functions. Make it easier to spot the offenders by adding a warning in usb_start_wait_urb() for urb->transfer_buffer to be located on the stack. Signed-off-by: Florian Fainelli <f.fainelli@xxxxxxxxx> --- drivers/usb/core/message.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c index 2184ef40a82a..abefddbe9243 100644 --- a/drivers/usb/core/message.c +++ b/drivers/usb/core/message.c @@ -8,6 +8,7 @@ #include <linux/pci.h> /* for scatterlist macros */ #include <linux/usb.h> #include <linux/module.h> +#include <linux/sched/task_stack.h> /* for object_is_on_stack */ #include <linux/slab.h> #include <linux/mm.h> #include <linux/timer.h> @@ -50,6 +51,8 @@ static int usb_start_wait_urb(struct urb *urb, int timeout, int *actual_length) unsigned long expire; int retval; + WARN_ON(object_is_on_stack(urb->transfer_buffer)); + init_completion(&ctx.done); urb->context = &ctx; urb->actual_length = 0; -- 2.11.0 -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
