On Fri, Feb 26, 2010 at 09:17:37PM -0800, Greg KH wrote: > On Sat, Feb 27, 2010 at 05:34:27AM +0100, Markus Rechberger wrote: > > On Sat, Feb 27, 2010 at 5:29 AM, Linus Torvalds > > <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > > > > > > > > On Fri, 26 Feb 2010, Greg KH wrote: > > >> > > >> Yes, and that patch didn't touch the iso frames. ?That happens later on > > >> in the functions that were modified. ?The patch should not have had any > > >> affect on iso transfers. ?Unless I'm missing something? > > > > > > Hmm. What seems to happen is that for an isochronous transfer, the buffer > > > is split for each microframe. No? > > > > > > > exactly. and each microframe has its own buffer length identifier. > > > > the current behaviour breaks VMware, QEMU and virtualbox .. probably > > other things too. > > > > > > > So the total length may be in 'urb->actual_length', but the actual data in > > > the buffer may not be contiguous, because it's created from multiple > > > smaller frames, some of which might not be full length? > > > > > > > yes, it's only contiguous for BULK. > > > > > I dunno. That would explain the problem - actual_length is correct, but > > > the 'copy_to_user()' still doesn't copy all the data, because it's > > > fragmented. > > > > > > > no you got it, but your patch does not work. The best way would be to > > revert it if someone wants to speed up BULK it should go down another > > path, leaving the old working implementation untouched. > > Hm, so it's back to the original idea of just doing a kzalloc of the > initial buffer, that should solve the problem that Marcus found. > > I'll go dig that back up and if you could test it, that would be most > appreciated. Here, can you try this on top of everything? thanks, greg k-h diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c index a678186..252d3b4 100644 --- a/drivers/usb/core/devio.c +++ b/drivers/usb/core/devio.c @@ -1168,7 +1168,7 @@ static int proc_do_submiturb(struct dev_state *ps, struct usbdevfs_urb *uurb, return -ENOMEM; } if (uurb->buffer_length > 0) { - as->urb->transfer_buffer = kmalloc(uurb->buffer_length, + as->urb->transfer_buffer = kzalloc(uurb->buffer_length, GFP_KERNEL); if (!as->urb->transfer_buffer) { kfree(isopkt); @@ -1312,9 +1312,9 @@ static int processcompl(struct async *as, void __user * __user *arg) void __user *addr = as->userurb; unsigned int i; - if (as->userbuffer && urb->actual_length) + if (as->userbuffer) if (copy_to_user(as->userbuffer, urb->transfer_buffer, - urb->actual_length)) + urb->transfer_buffer_length)) goto err_out; if (put_user(as->status, &userurb->status)) goto err_out; @@ -1480,9 +1480,9 @@ static int processcompl_compat(struct async *as, void __user * __user *arg) void __user *addr = as->userurb; unsigned int i; - if (as->userbuffer && urb->actual_length) + if (as->userbuffer) if (copy_to_user(as->userbuffer, urb->transfer_buffer, - urb->actual_length)) + urb->transfer_buffer_length)) return -EFAULT; if (put_user(as->status, &userurb->status)) return -EFAULT; -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html