| Message ID | 20200929104239.7214-1-johan@kernel.org |
|---|---|
| State | New |
| Headers | show |
| Series | USB: serial: qcserial: fix altsetting probing | expand |
On Tue, Sep 29, 2020 at 12:42:39PM +0200, Johan Hovold wrote: > Drivers should not assume that interface descriptors have been parsed in > any particular order so use the interface number to look up the second > alternate setting. That number is also what the driver later use to > switch setting. > > Note that although the driver could end up verifying the existence of > the expected endpoints on the wrong interface, a later sanity check in > usb_wwan_port_probe() would have caught this before it could cause any > real damage. > > Fixes: a78b42824dd7 ("USB: serial: add qualcomm wireless modem driver") > Signed-off-by: Johan Hovold <johan@kernel.org> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
diff --git a/drivers/usb/serial/qcserial.c b/drivers/usb/serial/qcserial.c index c8d1ea0e6e6f..83da8236e3c8 100644 --- a/drivers/usb/serial/qcserial.c +++ b/drivers/usb/serial/qcserial.c @@ -243,11 +243,11 @@ static int qcprobe(struct usb_serial *serial, const struct usb_device_id *id) /* QDL mode */ /* Gobi 2000 has a single altsetting, older ones have two */ if (serial->interface->num_altsetting == 2) - intf = &serial->interface->altsetting[1]; + intf = usb_altnum_to_altsetting(serial->interface, 1); else if (serial->interface->num_altsetting > 2) goto done; - if (intf->desc.bNumEndpoints == 2 && + if (intf && intf->desc.bNumEndpoints == 2 && usb_endpoint_is_bulk_in(&intf->endpoint[0].desc) && usb_endpoint_is_bulk_out(&intf->endpoint[1].desc)) { dev_dbg(dev, "QDL port found\n");
Drivers should not assume that interface descriptors have been parsed in any particular order so use the interface number to look up the second alternate setting. That number is also what the driver later use to switch setting. Note that although the driver could end up verifying the existence of the expected endpoints on the wrong interface, a later sanity check in usb_wwan_port_probe() would have caught this before it could cause any real damage. Fixes: a78b42824dd7 ("USB: serial: add qualcomm wireless modem driver") Signed-off-by: Johan Hovold <johan@kernel.org> --- drivers/usb/serial/qcserial.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)