From patchwork Thu Jun 24 18:33:05 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: TJ <dimitry.ishenko@gmail.com>
X-Patchwork-Id: 56816
Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from lists.gnu.org (lists.gnu.org [199.232.76.165])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 94E20B6EED
	for <incoming@patchwork.ozlabs.org>;
	Fri, 25 Jun 2010 04:34:42 +1000 (EST)
Received: from localhost ([127.0.0.1]:40906 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1ORrG3-00010l-5S
	for incoming@patchwork.ozlabs.org; Thu, 24 Jun 2010 14:34:39 -0400
Received: from [140.186.70.92] (port=40546 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1ORrEG-0000RA-8u
	for qemu-devel@nongnu.org; Thu, 24 Jun 2010 14:32:49 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69)
	(envelope-from <dimitry.ishenko@gmail.com>) id 1ORrED-0006Dw-MI
	for qemu-devel@nongnu.org; Thu, 24 Jun 2010 14:32:48 -0400
Received: from mail-gx0-f173.google.com ([209.85.161.173]:46383)
	by eggs.gnu.org with esmtp (Exim 4.69)
	(envelope-from <dimitry.ishenko@gmail.com>) id 1ORrED-0006Dq-K1
	for qemu-devel@nongnu.org; Thu, 24 Jun 2010 14:32:45 -0400
Received: by gxk25 with SMTP id 25so934192gxk.4
	for <qemu-devel@nongnu.org>; Thu, 24 Jun 2010 11:32:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:message-id:date:from
	:user-agent:mime-version:to:subject:content-type
	:content-transfer-encoding;
	bh=4/K6l+TBiaUQmMv/FjIUZJ72oLtaTRZs6aiUsG0r3Jo=;
	b=A/xzwanZmna+N0ADmfsV4027ba6Ld8Ejr5BTyP9Ma5zlqaFMfwL7BjimvMlWYHBt61
	W2llI60qs/MTmv7K0MBFdhHSyalJQ0xC1akOLuxyL5KZ4Bh4MpCEKgn40DO8CmRkIsn5
	dQHpqdiIe2cmkceK0JlSy3QMmOBkWp6D1ISws=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=message-id:date:from:user-agent:mime-version:to:subject
	:content-type:content-transfer-encoding;
	b=LZm+6+zh2+2HvyYTAi98naaQF3R5ARIOlIf2BTuwDMFnDRe0t6JJ4oxcH38+BJRlUt
	J2CtEaXQ0TDe6nb0Oc5IENefyEnd/VBRPPXW6wfE089PgZYq7TnQI1ghfqF8dlA46ihA
	7933748qPKenqzJitbJTPzEHQojqBWg8br4to=
Received: by 10.229.235.208 with SMTP id kh16mr5518729qcb.285.1277404361799;
	Thu, 24 Jun 2010 11:32:41 -0700 (PDT)
Received: from [192.168.0.110] ([216.7.150.90])
	by mx.google.com with ESMTPS id
	e16sm5474040qcg.35.2010.06.24.11.32.39
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Thu, 24 Jun 2010 11:32:41 -0700 (PDT)
Message-ID: <4C23A4E1.3080806@gmail.com>
Date: Thu, 24 Jun 2010 14:33:05 -0400
From: TJ <dimitry.ishenko@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.1.9) Gecko/20100524 Thunderbird/3.0.4 ThunderBrowse/3.2.8.1
MIME-Version: 1.0
To: qemu-devel@nongnu.org
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2)
Subject: [Qemu-devel] Fwd: [PATCH] Guest OS hangs on usb_add
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

This is a small patch to sligtly "intelligentify" usb device and
config descriptor parsing and to handle bug with certain usb
device reporting device desriptor length as 0x18 (instead of 18)
---
 hw/usb.h    |    5 +++++
 usb-linux.c |   36 +++++++++++++++++++++---------------
 2 files changed, 26 insertions(+), 15 deletions(-)

     }

     if (i >= dev->descr_len) {

diff --git a/hw/usb.h b/hw/usb.h
index 00d2802..5c3528f 100644
--- a/hw/usb.h
+++ b/hw/usb.h
@@ -117,6 +117,11 @@
 #define USB_DT_INTERFACE		0x04
 #define USB_DT_ENDPOINT			0x05

+#define USB_DT_DEVICE_LEN		18
+#define USB_DT_CONFIG_LEN		9
+#define USB_DT_INTERFACE_LEN		9
+#define USB_DT_ENDPOINT_LEN		7
+
 #define USB_ENDPOINT_XFER_CONTROL	0
 #define USB_ENDPOINT_XFER_ISOC		1
 #define USB_ENDPOINT_XFER_BULK		2
diff --git a/usb-linux.c b/usb-linux.c
index 88273ff..3ff0856 100644
--- a/usb-linux.c
+++ b/usb-linux.c
@@ -288,7 +288,7 @@ static void async_cancel(USBPacket *unused, void *opaque)

 static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration)
 {
-    int dev_descr_len, config_descr_len;
+    int dev_descr_len, config_descr_total_len;
     int interface, nb_interfaces;
     int ret, i;

@@ -297,32 +297,38 @@ static int usb_host_claim_interfaces(USBHostDevice *dev,
int configuration)

     DPRINTF("husb: claiming interfaces. config %d\n", configuration);

-    i = 0;
     dev_descr_len = dev->descr[0];
-    if (dev_descr_len > dev->descr_len) {
+    if (dev_descr_len == 0x18)
+        dev_descr_len = USB_DT_DEVICE_LEN; /* for buggy device(s) reporting len
in hex */
+
+    if (dev_descr_len > dev->descr_len || dev_descr_len < USB_DT_DEVICE_LEN ||
dev->descr[1] != USB_DT_DEVICE) {
+        fprintf(stderr, "husb: invalid device descriptor\n");
         goto fail;
     }

-    i += dev_descr_len;
-    while (i < dev->descr_len) {
+    for (i = dev_descr_len; i < dev->descr_len; ) {
         DPRINTF("husb: i is %d, descr_len is %d, dl %d, dt %d\n",
                 i, dev->descr_len,
                dev->descr[i], dev->descr[i+1]);

-        if (dev->descr[i+1] != USB_DT_CONFIG) {
-            i += dev->descr[i];
-            continue;
+        if (dev->descr[i] < 2) {
+            fprintf(stderr, "husb: invalid descriptor\n");
+            goto fail;
         }
-        config_descr_len = dev->descr[i];
+        if (dev->descr[i+1] == USB_DT_CONFIG) {
+            config_descr_total_len = dev->descr[i+2] + (dev->descr[i+3] << 8);

-        printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);
+            printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration);

-        if (configuration < 0 || configuration == dev->descr[i + 5]) {
-            configuration = dev->descr[i + 5];
-            break;
-        }
+            if (configuration < 0 || configuration == dev->descr[i + 5]) {
+                configuration = dev->descr[i + 5];
+                break;
+            }

-        i += config_descr_len;
+            i += config_descr_total_len;
+        }
+        else
+            i += dev->descr[i];