Hello, I saw this problem when modifying Rockbox to support basic CDC ACM, so this is clearly some advanced hacking. I initially tried without the notification endpoint and got a nice kernel null dereference :) Indeed, I missed the ResponseAvailable required notification in the spec. Amaury Pouly 2010/9/13 Oliver Neukum <oneukum@xxxxxxx>: > Am Sonntag, 12. September 2010, 20:15:18 schrieb Amaury Pouly: >> Hello, >> The cdc-acm driver (drivers/usb/class/cdc-acm.c) expects, when the control >> interface is different from the data interface, the following things: >> * one notification endpoint in control interface >> * two data endpoints (bulk/iso) in data interface > > Depends. In core CDC it is clearly optional. For ACM the PSTN spec > states that a device must support the ResponseAvailable notification. > That notification goes over the notification endpoint. > >> The problem is that the first requirement is not in the spec as far as I >> understand it (it's optional). Furthermore, the driver doesn't check if there >> actually is an endpoint but makes a pointer from it: >> >> epctrl = &control_interface->cur_altsetting->endpoint[0].desc; >> >> If there is no notification endpoint, this will result in a NULL pointer >> dereference. Notice that there are two problems out there: >> * it should do the check anyway, for safety reason > > Yes. > >> * it shouldn't assume an endpoint if the spec doesn't require it (but I'm >> unsure about this point) > > Which devices do you see this problem with? > > Regards > Oliver > -- To unsubscribe from this list: send the line "unsubscribe linux-usb" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
