[PATCH v7 4/5] usb: f_fs: check quirk to pad epout buf size when not aligned to maxpacketsize

Mon, 09 Dec 2013 15:51:30 -0800 

From: Michal Nazarewicz <min...@mina86.com>

Check gadget.quirk_ep_out_aligned_size to decide if buffer size requires
to be aligned to maxpacketsize of an out endpoint.  ffs_epfile_io() needs
to pad epout buffer to match above condition if quirk is found.

Signed-off-by: Michal Nazarewicz <min...@mina86.com>
Signed-off-by: David Cohen <david.a.co...@linux.intel.com>
---
 drivers/usb/gadget/f_fs.c | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/drivers/usb/gadget/f_fs.c b/drivers/usb/gadget/f_fs.c
index efa1152a4c15..918c21885d49 100644
--- a/drivers/usb/gadget/f_fs.c
+++ b/drivers/usb/gadget/f_fs.c
@@ -755,9 +755,10 @@ static ssize_t ffs_epfile_io(struct file *file,
                             char __user *buf, size_t len, int read)
 {
        struct ffs_epfile *epfile = file->private_data;
+       struct usb_gadget *gadget = epfile->ffs->gadget;
        struct ffs_ep *ep;
        char *data = NULL;
-       ssize_t ret;
+       ssize_t ret, data_len;
        int halt;
 
        /* Are we still active? */
@@ -790,7 +791,13 @@ static ssize_t ffs_epfile_io(struct file *file,
 
        /* Allocate & copy */
        if (!halt) {
-               data = kmalloc(len, GFP_KERNEL);
+               /*
+                * Controller may require buffer size to be aligned to
+                * maxpacketsize of an out endpoint.
+                */
+               data_len = read ? usb_ep_align_maybe(gadget, ep->ep, len) : len;
+
+               data = kmalloc(data_len, GFP_KERNEL);
                if (unlikely(!data))
                        return -ENOMEM;
 
@@ -825,7 +832,7 @@ static ssize_t ffs_epfile_io(struct file *file,
                req->context  = &done;
                req->complete = ffs_epfile_io_complete;
                req->buf      = data;
-               req->length   = len;
+               req->length   = data_len;
 
                ret = usb_ep_queue(ep->ep, req, GFP_ATOMIC);
 
@@ -837,9 +844,17 @@ static ssize_t ffs_epfile_io(struct file *file,
                        ret = -EINTR;
                        usb_ep_dequeue(ep->ep, req);
                } else {
+                       /*
+                        * XXX We may end up silently droping data here.
+                        * Since data_len (i.e. req->length) may be bigger
+                        * than len (after being rounded up to maxpacketsize),
+                        * we may end up with more data then user space has
+                        * space for.
+                        */
                        ret = ep->status;
                        if (read && ret > 0 &&
-                           unlikely(copy_to_user(buf, data, ret)))
+                           unlikely(copy_to_user(buf, data,
+                                                 min_t(size_t, ret, len))))
                                ret = -EFAULT;
                }
        }
-- 
1.8.4.2

--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to