From: Alan Stern <stern@rowland.harvard.edu>

Date: Tue, 31 Jan 2023 15:49:04 -0500

Subject: [PATCH] USB: core: Don't hold device lock while reading the

 "descriptors" sysfs file

References: bsc#1012628

Patch-mainline: 6.2.2

Git-commit: 45bf39f8df7f05efb83b302c65ae3b9bc92b7065

commit 45bf39f8df7f05efb83b302c65ae3b9bc92b7065 upstream.

Ever since commit 83e83ecb79a8 ("usb: core: get config and string

descriptors for unauthorized devices") was merged in 2013, there has

been no mechanism for reallocating the rawdescriptors buffers in

struct usb_device after the initial enumeration.  Before that commit,

the buffers would be deallocated when a device was deauthorized and

reallocated when it was authorized and enumerated.

This means that the locking in the read_descriptors() routine is not

needed, since the buffers it reads will never be reallocated while the

routine is running.  This locking can interfere with user programs

trying to read a hub's descriptors via sysfs while new child devices

of the hub are being initialized, since the hub is locked during this

procedure.

Since the locking in read_descriptors() hasn't been needed for over

nine years, we can remove it.

Reported-and-tested-by: Troels Liebe Bentsen <troels@connectedcars.dk>

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>

CC: stable@vger.kernel.org

Link: https://lore.kernel.org/r/Y9l+wDTRbuZABzsE@rowland.harvard.edu

Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Signed-off-by: Jiri Slaby <jslaby@suse.cz>

---

 drivers/usb/core/hub.c   | 5 ++---

 drivers/usb/core/sysfs.c | 5 -----

 2 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c

index 9eca403a..97a0f8fa 100644

--- a/drivers/usb/core/hub.c

+++ b/drivers/usb/core/hub.c

@@ -2389,9 +2389,8 @@ static int usb_enumerate_device_otg(struct usb_device *udev)

  * usb_enumerate_device - Read device configs/intfs/otg (usbcore-internal)

  * @udev: newly addressed device (in ADDRESS state)

  *

- * This is only called by usb_new_device() and usb_authorize_device()

- * and FIXME -- all comments that apply to them apply here wrt to

- * environment.

+ * This is only called by usb_new_device() -- all comments that apply there

+ * apply here wrt to environment.

  *

  * If the device is WUSB and not authorized, we don't attempt to read

  * the string descriptors, as they will be errored out by the device

diff --git a/drivers/usb/core/sysfs.c b/drivers/usb/core/sysfs.c

index 8217032d..b63f78e4 100644

--- a/drivers/usb/core/sysfs.c

+++ b/drivers/usb/core/sysfs.c

@@ -869,11 +869,7 @@ read_descriptors(struct file *filp, struct kobject *kobj,

 	size_t srclen, n;

 	int cfgno;

 	void *src;

-	int retval;

-	retval = usb_lock_device_interruptible(udev);

-	if (retval < 0)

-		return -EINTR;

 	/* The binary attribute begins with the device descriptor.

 	 * Following that are the raw descriptor entries for all the

 	 * configurations (config plus subsidiary descriptors).

@@ -898,7 +894,6 @@ read_descriptors(struct file *filp, struct kobject *kobj,

 			off -= srclen;

 		}

 	}

-	usb_unlock_device(udev);

 	return count - nleft;

 }

-- 

2.35.3