Forgot to cc linux-usb. Sorry. ----- Forwarded message from Johan Hovold <jhovold@xxxxxxxxx> ----- From: Johan Hovold <jhovold@xxxxxxxxx> To: gregkh@xxxxxxx, error27@xxxxxxxxx Cc: jhovold@xxxxxxxxx Date: Sun, 24 Jan 2010 22:47:34 +0100 Subject: Re: patch usb-serial-fix-dma-buffers-on-stack-for-io_edgeport.c.patch added to gregkh-2.6 tree On Fri, Jan 15, 2010 at 12:15:54PM -0800, gregkh@xxxxxxx wrote: > > This is a note to let you know that I've just added the patch titled > > Subject: USB: serial: fix DMA buffers on stack for io_edgeport.c > > to my gregkh-2.6 tree. Its filename is > > usb-serial-fix-dma-buffers-on-stack-for-io_edgeport.c.patch > > This tree can be found at > http://www.kernel.org/pub/linux/kernel/people/gregkh/gregkh-2.6/patches/ > > > >From error27@xxxxxxxxx Fri Jan 15 10:46:46 2010 > From: Dan Carpenter <error27@xxxxxxxxx> > Date: Thu, 31 Dec 2009 17:42:55 +0200 > Subject: USB: serial: fix DMA buffers on stack for io_edgeport.c > To: Johan Hovold <jhovold@xxxxxxxxx> > Cc: Greg Kroah-Hartman <gregkh@xxxxxxx>, linux-usb@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx > Message-ID: <20091231154255.GC21362@bicker> > > > The original code was passing a stack variable as a dma buffer, so I > made it an allocated variable. Instead of adding a bunch of kfree() > calls, I changed all the error return paths to gotos. > > Also I noticed that the error checking wasn't correct because > usb_get_descriptor() can return negative values. > > While I was at it, I made an unrelated white space change by moving > the unicode_to_ascii() on to one line. > > Signed-off-by: Dan Carpenter <error27@xxxxxxxxx> > Cc: Johan Hovold <jhovold@xxxxxxxxx> > Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx> > > --- > drivers/usb/serial/io_edgeport.c | 35 ++++++++++++++++++----------------- > 1 file changed, 18 insertions(+), 17 deletions(-) > > --- a/drivers/usb/serial/io_edgeport.c > +++ b/drivers/usb/serial/io_edgeport.c > @@ -372,31 +372,32 @@ static void update_edgeport_E2PROM(struc > ************************************************************************/ > static int get_string(struct usb_device *dev, int Id, char *string, int buflen) > { > - struct usb_string_descriptor StringDesc; > - struct usb_string_descriptor *pStringDesc; > + struct usb_string_descriptor *StringDesc = NULL; > + struct usb_string_descriptor *pStringDesc = NULL; > + int ret = 0; > > dbg("%s - USB String ID = %d", __func__, Id); > > - if (!usb_get_descriptor(dev, USB_DT_STRING, Id, > - &StringDesc, sizeof(StringDesc))) > - return 0; > + StringDesc = kmalloc(sizeof(*StringDesc), GFP_KERNEL); > + if (!StringDesc) > + goto free; > + if (usb_get_descriptor(dev, USB_DT_STRING, Id, StringDesc, sizeof(*StringDesc)) <= 0) > + goto free; > > - pStringDesc = kmalloc(StringDesc.bLength, GFP_KERNEL); > + pStringDesc = kmalloc(StringDesc->bLength, GFP_KERNEL); > if (!pStringDesc) > - return 0; > + goto free; > > - if (!usb_get_descriptor(dev, USB_DT_STRING, Id, > - pStringDesc, StringDesc.bLength)) { > - kfree(pStringDesc); > - return 0; > - } > - > - unicode_to_ascii(string, buflen, > - pStringDesc->wData, pStringDesc->bLength/2); > + if (usb_get_descriptor(dev, USB_DT_STRING, Id, pStringDesc, StringDesc->bLength) <= 0) > + goto free; > > - kfree(pStringDesc); > + unicode_to_ascii(string, buflen, pStringDesc->wData, pStringDesc->bLength/2); > + ret = strlen(string); > dbg("%s - USB String %s", __func__, string); > - return strlen(string); > +free: > + kfree(StringDesc); > + kfree(pStringDesc); > + return ret; > } I finally got around to having a look at what was going on here. Seems a bit unnecessary to do two allocations just to retrieve the string length before the actual string (could reuse one buffer). But why reinvent the wheel when we have usb_string already? I'm responding to this mail with a patch which replaces the custom string retrieval implementation with usb_string. Both issues found by Dan are solved as a consequence. What do you think? Thanks, Johan ----- End forwarded message ----- -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
