On Sat, Oct 14, 2023 at 03:46:04PM +0800, Hongren Zheng wrote: > .data of platform_device_info will be copied into .platform_data of > struct device via platform_device_add_data. That is crazy. > However, vhcis[i] contains a spinlock, is dynamically allocated and > used by other code, so it is not meant to be copied. The workaround > was to use void *vhci as an agent, but it was removed in the commit > suggested below. Again, crazy, I'm amazed it works at all. > This patch adds back the workaround and changes the way of using > platform_data accordingly. > > Reported-by: syzbot+e0dbc33630a092ccf033@xxxxxxxxxxxxxxxxxxxxxxxxx > Closes: https://lore.kernel.org/r/00000000000029242706077f3145@xxxxxxxxxx/ > Reported-by: syzbot+6867a9777f4b8dc4e256@xxxxxxxxxxxxxxxxxxxxxxxxx > Closes: https://lore.kernel.org/r/0000000000007634c1060793197c@xxxxxxxxxx/ > Fixes: b8aaf639b403 ("usbip: Use platform_device_register_full()") > Tested-by: syzbot+6867a9777f4b8dc4e256@xxxxxxxxxxxxxxxxxxxxxxxxx > Link: https://lore.kernel.org/r/0000000000007ac87d0607979b6b@xxxxxxxxxx/ > Signed-off-by: Hongren Zheng <i@xxxxxxxxxxx> > --- > drivers/usb/usbip/vhci_hcd.c | 15 ++++++++------- > 1 file changed, 8 insertions(+), 7 deletions(-) I'll take this now, as it fixes a reported issue, but really, the root problem should be fixed instead. This is not how to treat platform data at all. thanks, greg k-h
