linux/drivers/usb
Jon Hunter 0b987032f8 usb: tegra: Fix allocation for the FPCI context
Commit 5c4e8d3781 ("usb: host: xhci-tegra: Add support for XUSB
context save/restore") is using the IPFS 'num_offsets' value when
allocating memory for FPCI context instead of the FPCI 'num_offsets'.

After commit cad064f1bd ("devres: handle zero size in devm_kmalloc()")
was added system suspend started failing on Tegra186. The kernel log
showed that the Tegra XHCI driver was crashing on entry to suspend when
attempting the save the USB context. On Tegra186, the IPFS context has a
zero length but the FPCI content has a non-zero length, and because of
the bug in the Tegra XHCI driver we are incorrectly allocating a zero
length array for the FPCI context. The crash seen on entering suspend
when we attempt to save the FPCI context and following commit
cad064f1bd ("devres: handle zero size in devm_kmalloc()") this now
causes a NULL pointer deference when we access the memory. Fix this by
correcting the amount of memory we are allocating for FPCI contexts.

Cc: stable@vger.kernel.org

Fixes: 5c4e8d3781 ("usb: host: xhci-tegra: Add support for XUSB context save/restore")

Signed-off-by: Jon Hunter <jonathanh@nvidia.com>
Acked-by: Thierry Reding <treding@nvidia.com>
Link: https://lore.kernel.org/r/20200715113842.30680-1-jonathanh@nvidia.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-07-23 13:21:01 +02:00
..
atm USB: atm: Use the correct style for SPDX License Identifier 2020-03-17 20:03:28 +01:00
c67x00 USB: c67x00: fix use after free in c67x00_giveback_urb 2020-07-10 09:01:41 +02:00
cdns3 usb: cdns3: trace: fix some endian issues 2020-07-09 10:13:07 +03:00
chipidea usb: chipidea: core: add wakeup support for extcon 2020-07-07 19:57:21 +02:00
class cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip 2020-06-18 10:42:52 +02:00
common
core usb: add USB_QUIRK_DELAY_INIT for Logitech C922 2020-06-18 10:42:18 +02:00
dwc2 usb: dwc2: Fix shutdown callback in platform 2020-07-09 10:13:07 +03:00
dwc3 usb: dwc3: pci: add support for the Intel Jasper Lake 2020-07-09 10:13:07 +03:00
early kdb: Switch to use safer dbg_io_ops over console APIs 2020-06-26 15:40:16 +01:00
gadget usb: gadget: function: fix missing spinlock in f_uac1_legacy 2020-07-09 10:13:07 +03:00
host usb: tegra: Fix allocation for the FPCI context 2020-07-23 13:21:01 +02:00
image treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
isp1760 USB: isp1760: Use the correct style for SPDX License Identifier 2020-04-16 14:32:47 +02:00
misc usb: usbtest: fix missing kfree(dev->buf) in usbtest_disconnect 2020-06-18 10:42:52 +02:00
mon USB: mon: Use scnprintf() for avoiding potential buffer overflow 2020-03-12 09:49:28 +01:00
mtu3 USB: mtu3: Use the correct style for SPDX License Identifier 2020-05-25 11:09:37 +03:00
musb usb: musb: Fix runtime PM imbalance on error 2020-05-25 13:36:31 +02:00
phy usb: phy: tegra: Fix unnecessary check in tegra_usb_phy_probe() 2020-06-24 09:43:16 +03:00
renesas_usbhs usb: renesas_usbhs: getting residue from callback_result 2020-06-24 17:14:44 +02:00
roles usb: roles: Switch on role-switch uevent reporting 2020-05-13 14:20:49 +02:00
serial USB: serial: iuu_phoenix: fix memory corruption 2020-07-16 10:20:21 +02:00
storage treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
typec usb: typec: tcpci_rt1711h: avoid screaming irq causing boot hangs 2020-06-18 10:42:53 +02:00
usbip treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Kconfig treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Makefile
usb-skeleton.c