• Alan Stern's avatar
    ehci-hcd: Bug fix: don't set a QH's Halt bit · b5a3b3d9
    Alan Stern authored
    This patch (as1453) fixes a long-standing bug in the ehci-hcd driver.
    
    There is no need to set the Halt bit in the overlay region for an
    unlinked or blocked QH.  Contrary to what the comment says, setting
    the Halt bit does not cause the QH to be patched later; that decision
    (made in qh_refresh()) depends only on whether the QH is currently
    pointing to a valid qTD.  Likewise, setting the Halt bit does not
    prevent completions from activating the QH while it is "stopped"; they
    are prevented by the fact that qh_completions() temporarily changes
    qh->qh_state to QH_STATE_COMPLETING.
    
    On the other hand, there are circumstances in which the QH will be
    reactivated _without_ being patched; this happens after an URB beyond
    the head of the queue is unlinked.  Setting the Halt bit will then
    cause the hardware to see the QH with both the Active and Halt bits
    set, an invalid combination that will prevent the queue from
    advancing and may even crash some controllers.
    
    Apparently the only reason this hasn't been reported before is that
    unlinking URBs from the middle of a running queue is quite uncommon.
    However Test 17, recently added to the usbtest driver, does exactly
    this, and it confirms the presence of the bug.
    
    In short, there is no reason to set the Halt bit for an unlinked or
    blocked QH, and there is a very good reason not to set it.  Therefore
    the code that sets it is removed.
    Signed-off-by: default avatarAlan Stern <stern@rowland.harvard.edu>
    Tested-by: default avatarAndiry Xu <andiry.xu@amd.com>
    CC: David Brownell <david-b@pacbell.net>
    CC: <stable@kernel.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@suse.de>
    b5a3b3d9
ehci-q.c 36.1 KB