All of lore.kernel.org
 help / color / mirror / Atom feed
From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
	"Aleksandar Rikalo" <aleksandar.rikalo@syrmia.com>,
	"Daniel P . Berrangé" <berrange@redhat.com>,
	"Michael S. Tsirkin" <mst@redhat.com>,
	"Christian Schoenebeck" <qemu_oss@crudebyte.com>,
	"Philippe Mathieu-Daudé" <f4bug@amsat.org>,
	"Markus Armbruster" <armbru@redhat.com>,
	"zhenwei pi" <pizhenwei@bytedance.com>,
	"Hervé Poussineau" <hpoussin@reactos.org>,
	"Gerd Hoffmann" <kraxel@redhat.com>,
	"Paolo Bonzini" <pbonzini@redhat.com>,
	"Marc-André Lureau" <marcandre.lureau@redhat.com>,
	"Eric Blake" <eblake@redhat.com>
Subject: [PULL 02/20] usb: allow max 8192 bytes for desc
Date: Fri, 14 Jan 2022 07:53:08 +0100	[thread overview]
Message-ID: <20220114065326.782420-3-kraxel@redhat.com> (raw)
In-Reply-To: <20220114065326.782420-1-kraxel@redhat.com>

From: zhenwei pi <pizhenwei@bytedance.com>

A device of USB video class usually uses larger desc structure, so
use larger buffer to avoid failure. (dev-video.c is ready)

This is an unlikely code path:
1, during guest startup, guest tries to probe device.
2, run 'lsusb' command in guest(or other similar commands).

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20220112015835.900619-1-pizhenwei@bytedance.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
 hw/usb/desc.h |  1 +
 hw/usb/desc.c | 15 ++++++++-------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/hw/usb/desc.h b/hw/usb/desc.h
index 3ac604ecfa17..35babdeff624 100644
--- a/hw/usb/desc.h
+++ b/hw/usb/desc.h
@@ -199,6 +199,7 @@ struct USBDesc {
     const USBDescMSOS         *msos;
 };
 
+#define USB_DESC_MAX_LEN    8192
 #define USB_DESC_FLAG_SUPER (1 << 1)
 
 /* little helpers */
diff --git a/hw/usb/desc.c b/hw/usb/desc.c
index 8b6eaea4079e..7f6cc2f99bd4 100644
--- a/hw/usb/desc.c
+++ b/hw/usb/desc.c
@@ -632,7 +632,8 @@ int usb_desc_get_descriptor(USBDevice *dev, USBPacket *p,
     bool msos = (dev->flags & (1 << USB_DEV_FLAG_MSOS_DESC_IN_USE));
     const USBDesc *desc = usb_device_get_usb_desc(dev);
     const USBDescDevice *other_dev;
-    uint8_t buf[256];
+    size_t buflen = USB_DESC_MAX_LEN;
+    g_autofree uint8_t *buf = g_malloc(buflen);
     uint8_t type = value >> 8;
     uint8_t index = value & 0xff;
     int flags, ret = -1;
@@ -650,36 +651,36 @@ int usb_desc_get_descriptor(USBDevice *dev, USBPacket *p,
 
     switch(type) {
     case USB_DT_DEVICE:
-        ret = usb_desc_device(&desc->id, dev->device, msos, buf, sizeof(buf));
+        ret = usb_desc_device(&desc->id, dev->device, msos, buf, buflen);
         trace_usb_desc_device(dev->addr, len, ret);
         break;
     case USB_DT_CONFIG:
         if (index < dev->device->bNumConfigurations) {
             ret = usb_desc_config(dev->device->confs + index, flags,
-                                  buf, sizeof(buf));
+                                  buf, buflen);
         }
         trace_usb_desc_config(dev->addr, index, len, ret);
         break;
     case USB_DT_STRING:
-        ret = usb_desc_string(dev, index, buf, sizeof(buf));
+        ret = usb_desc_string(dev, index, buf, buflen);
         trace_usb_desc_string(dev->addr, index, len, ret);
         break;
     case USB_DT_DEVICE_QUALIFIER:
         if (other_dev != NULL) {
-            ret = usb_desc_device_qualifier(other_dev, buf, sizeof(buf));
+            ret = usb_desc_device_qualifier(other_dev, buf, buflen);
         }
         trace_usb_desc_device_qualifier(dev->addr, len, ret);
         break;
     case USB_DT_OTHER_SPEED_CONFIG:
         if (other_dev != NULL && index < other_dev->bNumConfigurations) {
             ret = usb_desc_config(other_dev->confs + index, flags,
-                                  buf, sizeof(buf));
+                                  buf, buflen);
             buf[0x01] = USB_DT_OTHER_SPEED_CONFIG;
         }
         trace_usb_desc_other_speed_config(dev->addr, index, len, ret);
         break;
     case USB_DT_BOS:
-        ret = usb_desc_bos(desc, buf, sizeof(buf));
+        ret = usb_desc_bos(desc, buf, buflen);
         trace_usb_desc_bos(dev->addr, len, ret);
         break;
 
-- 
2.34.1



  parent reply	other threads:[~2022-01-14  7:22 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-14  6:53 [PULL 00/20] Kraxel 20220114 patches Gerd Hoffmann
2022-01-14  6:53 ` [PULL 01/20] hw/usb/dev-wacom: add missing HID descriptor Gerd Hoffmann
2022-01-14  6:53 ` Gerd Hoffmann [this message]
2022-01-14  6:53 ` [PULL 03/20] ui/vnc.c: Fixed a deadlock bug Gerd Hoffmann
2022-01-14  6:53 ` [PULL 04/20] jackaudio: use ifdefs to hide unavailable functions Gerd Hoffmann
2022-01-14  6:53 ` [PULL 05/20] dsoundaudio: fix crackling audio recordings Gerd Hoffmann
2022-01-14  6:53 ` [PULL 06/20] hw/audio/intel-hda: fix stream reset Gerd Hoffmann
2022-01-14  6:53 ` [PULL 07/20] ui/dbus: fix buffer-overflow detected by ASAN Gerd Hoffmann
2022-01-14  6:53 ` [PULL 08/20] ui: fix gtk clipboard clear assertion Gerd Hoffmann
2022-01-14  6:53 ` [PULL 09/20] uas: add missing return Gerd Hoffmann
2022-01-14  6:53 ` [PULL 10/20] hw/display: Rename VGA_ISA_MM -> VGA_MMIO Gerd Hoffmann
2022-01-14  6:53 ` [PULL 11/20] hw/display/vga-mmio: Inline vga_mm_init() Gerd Hoffmann
2022-01-14  6:53 ` [PULL 12/20] hw/display/vga-mmio: QOM'ify vga_mmio_init() as TYPE_VGA_MMIO Gerd Hoffmann
2022-01-14  6:53 ` [PULL 13/20] hw/mips/jazz: Inline vga_mmio_init() and remove it Gerd Hoffmann
2022-01-14  6:53 ` [PULL 14/20] edid: set default resolution to 1280x800 (WXGA) Gerd Hoffmann
2022-01-14  6:53 ` [PULL 15/20] edid: Added support for 4k@60 Hz monitor Gerd Hoffmann
2022-01-14  6:53 ` [PULL 16/20] ps2: Initial horizontal scroll support Gerd Hoffmann
2022-01-14  6:53 ` [PULL 17/20] ui/cocoa: pass horizontal scroll information to the device code Gerd Hoffmann
2022-01-14  6:53 ` [PULL 18/20] ui/gtk: " Gerd Hoffmann
2022-01-14  6:53 ` [PULL 19/20] ui/sdl2: " Gerd Hoffmann
2022-01-14  6:53 ` [PULL 20/20] ui/input-legacy: pass horizontal scroll information Gerd Hoffmann
2022-01-14 15:56 ` [PULL 00/20] Kraxel 20220114 patches Peter Maydell

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220114065326.782420-3-kraxel@redhat.com \
    --to=kraxel@redhat.com \
    --cc=aleksandar.rikalo@syrmia.com \
    --cc=armbru@redhat.com \
    --cc=berrange@redhat.com \
    --cc=eblake@redhat.com \
    --cc=f4bug@amsat.org \
    --cc=hpoussin@reactos.org \
    --cc=marcandre.lureau@redhat.com \
    --cc=mst@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=pizhenwei@bytedance.com \
    --cc=qemu-devel@nongnu.org \
    --cc=qemu_oss@crudebyte.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.