Hi,
On Mon, Feb 03, 2003 at 06:04:03PM -0800, Greg KH wrote:
> > Also you seem to have applied the maintainer change (scanner.h +
> > scanner.c) only for 2.4 and not for 2.5?
> >
> > While I'm talking about scanner.h: Is the separated include file for
> > the ioctls also necessary in 2.5?
>
> I don't think so, you will be deleting the scanner driver in 2.5 soon,
> right? :)
The only thing that stops me from removing it yet is that I don't know
what to do with interrupt endpoints. It's rumored that some scanners
only work when the interrupt endpoints are used but I don't have
details. I don't think that's possible with userspace drivers that
access /proc/bus/usb/XXX/YYY? The scanner driver provides just a dummy
for them currently, but I guess that could be changed.
> > What about the fix for crashes when someone writes to a disconnected
> > scanner? Are there fundamental problems with the patch or should I
> > just resend it?
>
> I don't know, I didn't like the patch the last time I saw it. How about
> a 2.5 version first?
The latest version of this patch was for 2.5 and you didn't comment on
that one. That's why I ask :-)
I'll attach a rediffed version to this mail.
Bye,
Henning
------------------------------snip -------------------------------
This is another try to fix the crashes that occur when a USB scanner
is disconnected while open and write/read/ioctl is called after the
disconnect. This time I've kept all the cleanup bur kfree(scn) in
disconnect_scanner() and only the kfree(scn) is done in close_scanner,
if the device was disconnected in the meantime.
That one (close_scanner()) looks a bit funny:
if (scn->present) {
up(&(scn->sem));
} else {
up(&(scn->sem));
kfree (scn);
}
But if I up the semaphore before the test for scn->present, I guess
that would be a race with disconnect_scanner.
Bye,
Henning
[PATCH 2.5.59] USB scanner.c: Avoid crashes when using read/write/ioctl on
disconnected device
Avoid crashing when read/write/ioctl is called after disconnecting the
device. Keep scn until the device is closed and check scn->present in
read/write/ioctl.
--- linux-2.5.59-newids4/drivers/usb/image/scanner.c 2003-01-20 21:15:24.000000000
+0100
+++ linux-2.5.59-nocrash2/drivers/usb/image/scanner.c 2003-02-04 10:32:41.000000000
++0100
@@ -345,7 +345,10 @@
* - New maintainer: Henning Meier-Geinitz.
* - Print ids and device number when a device was detected.
* - Don't print errors when the device is busy.
- *
+ * - Avoid crashing when read/write/ioctl is called after disconnecting the
+ * device. Keep scn until the device is closed and check scn->present in
+ * read/write/ioctl.
+ *
* TODO
* - Performance
* - Select/poll methods
@@ -514,7 +517,12 @@
file->private_data = NULL;
up(&scn_mutex);
- up(&(scn->sem));
+ if (scn->present) {
+ up(&(scn->sem));
+ } else {
+ up(&(scn->sem));
+ kfree (scn);
+ }
return 0;
}
@@ -541,6 +549,12 @@
down(&(scn->sem));
+ if (!scn->present) {
+ /* Disconnected */
+ up(&(scn->sem));
+ return -EINVAL;
+ }
+
if (!scn->bulk_out_ep) {
/* This scanner does not have a bulk-out endpoint */
up(&(scn->sem));
@@ -634,6 +648,12 @@
down(&(scn->sem));
+ if (!scn->present) {
+ /* Disconnected */
+ up(&(scn->sem));
+ return -EINVAL;
+ }
+
scn_minor = scn->scn_minor;
ibuf = scn->ibuf;
@@ -742,6 +762,12 @@
scn_minor = USB_SCN_MINOR(inode);
down(&(scn->sem));
+ if (!scn->present) {
+ /* Disconnected */
+ up(&(scn->sem));
+ return -EINVAL;
+ }
+
dev = scn->scn_dev;
switch (cmd)
@@ -1102,8 +1128,13 @@
devfs_unregister(scn->devfs);
usb_deregister_dev(1, scn->scn_minor);
usb_free_urb(scn->scn_irq);
- up (&(scn->sem));
- kfree (scn);
+ if (scn->isopen) {
+ scn->present = 0;
+ up (&(scn->sem));
+ } else {
+ up (&(scn->sem));
+ kfree (scn);
+ }
up (&scn_mutex);
}
}
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
_______________________________________________
[EMAIL PROTECTED]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
