Commit 039e4066 authored by Peter Maydell's avatar Peter Maydell
Browse files

Merge remote-tracking branch 'remotes/kraxel/tags/usb-20190220-pull-request' into staging 



usb: usb_ep_get() fixes

# gpg: Signature made Wed 20 Feb 2019 11:13:32 GMT
# gpg:                using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg:                 aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg:                 aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901  FE7D 4CB6 D8EE D3E8 7138

* remotes/kraxel/tags/usb-20190220-pull-request:
  usb: remove unnecessary NULL device check from usb_ep_get()
  usb: add device checks before redirector calls to usb_ep_get()
  usb: check device is not NULL before calling usb_ep_get()
  uhci: check device is not NULL before calling usb_ep_get()
  ohci: check device is not NULL before calling usb_ep_get()
  ehci: check device is not NULL before calling usb_ep_get()
  xhci: check device is not NULL before calling usb_ep_get()
  xhci: add asserts to help with static code analysis
  usb: rearrange usb_ep_get()

Signed-off-by: default avatarPeter Maydell <peter.maydell@linaro.org>
parents 2e68b862 7011baec

hw/usb/core.c

+2 −4
Original line number Diff line number Diff line
@@ -717,15 +717,13 @@ struct USBEndpoint *usb_ep_get(USBDevice *dev, int pid, int ep) 
{

    struct USBEndpoint *eps;



    if (dev == NULL) {

        return NULL;

    }

    eps = (pid == USB_TOKEN_IN) ? dev->ep_in : dev->ep_out;

    assert(dev != NULL);

    if (ep == 0) {

        return &dev->ep_ctl;

    }

    assert(pid == USB_TOKEN_IN || pid == USB_TOKEN_OUT);

    assert(ep > 0 && ep <= USB_MAX_ENDPOINTS);

    eps = (pid == USB_TOKEN_IN) ? dev->ep_in : dev->ep_out;

    return eps + ep - 1;

}

hw/usb/hcd-ehci.c

+5 −2
Original line number Diff line number Diff line
@@ -1439,9 +1439,12 @@ static int ehci_process_itd(EHCIState *ehci, 
                qemu_sglist_add(&ehci->isgl, ptr1 + off, len);

            }



            pid = dir ? USB_TOKEN_IN : USB_TOKEN_OUT;



            dev = ehci_find_device(ehci, devaddr);

            if (dev == NULL) {

                ehci_trace_guest_bug(ehci, "no device found");

                return -1;

            }

            pid = dir ? USB_TOKEN_IN : USB_TOKEN_OUT;

            ep = usb_ep_get(dev, pid, endp);

            if (ep && ep->type == USB_ENDPOINT_XFER_ISOC) {

                usb_packet_setup(&ehci->ipacket, pid, ep, 0, addr, false,

hw/usb/hcd-musb.c

+4 −4
Original line number Diff line number Diff line
@@ -628,11 +628,11 @@ static void musb_packet(MUSBState *s, MUSBEndPoint *ep, 


    /* A wild guess on the FADDR semantics... */

    dev = usb_find_device(&s->port, ep->faddr[idx]);

    uep = usb_ep_get(dev, pid, ep->type[idx] & 0xf);

    id = pid;

    if (uep) {

        id |= (dev->addr << 16) | (uep->nr << 8);

    if (dev == NULL) {

        return;

    }

    uep = usb_ep_get(dev, pid, ep->type[idx] & 0xf);

    id = pid | (dev->addr << 16) | (uep->nr << 8);

    usb_packet_setup(&ep->packey[dir].p, pid, uep, 0, id, false, true);

    usb_packet_addbuf(&ep->packey[dir].p, ep->buf[idx], len);

    ep->packey[dir].ep = ep;

hw/usb/hcd-ohci.c

+8 −0
Original line number Diff line number Diff line
@@ -848,6 +848,10 @@ static int ohci_service_iso_td(OHCIState *ohci, struct ohci_ed *ed, 
        bool int_req = relative_frame_number == frame_count &&

                       OHCI_BM(iso_td.flags, TD_DI) == 0;

        dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));

        if (dev == NULL) {

            trace_usb_ohci_td_dev_error();

            return 1;

        }

        ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));

        usb_packet_setup(&ohci->usb_packet, pid, ep, 0, addr, false, int_req);

        usb_packet_addbuf(&ohci->usb_packet, ohci->usb_buf, len);
@@ -1071,6 +1075,10 @@ static int ohci_service_td(OHCIState *ohci, struct ohci_ed *ed) 
            return 1;

        }

        dev = ohci_find_device(ohci, OHCI_BM(ed->flags, ED_FA));

        if (dev == NULL) {

            trace_usb_ohci_td_dev_error();

            return 1;

        }

        ep = usb_ep_get(dev, pid, OHCI_BM(ed->flags, ED_EN));

        usb_packet_setup(&ohci->usb_packet, pid, ep, 0, addr, !flag_r,

                         OHCI_BM(td.flags, TD_DI) == 0);

hw/usb/hcd-uhci.c

+5 −3
Original line number Diff line number Diff line
@@ -858,13 +858,15 @@ static int uhci_handle_td(UHCIState *s, UHCIQueue *q, uint32_t qh_addr, 


    /* Allocate new packet */

    if (q == NULL) {

        USBDevice *dev = uhci_find_device(s, (td->token >> 8) & 0x7f);

        USBEndpoint *ep = usb_ep_get(dev, pid, (td->token >> 15) & 0xf);

        USBDevice *dev;

        USBEndpoint *ep;



        if (ep == NULL) {

        dev = uhci_find_device(s, (td->token >> 8) & 0x7f);

        if (dev == NULL) {

            return uhci_handle_td_error(s, td, td_addr, USB_RET_NODEV,

                                        int_mask);

        }

        ep = usb_ep_get(dev, pid, (td->token >> 15) & 0xf);

        q = uhci_queue_new(s, qh_addr, td, ep);

    }

    async = uhci_async_alloc(q, td_addr);