From e50a322e517731de5d1f6f3aad0a73f3b506c5ea Mon Sep 17 00:00:00 2001 From: Josef Gajdusek Date: Thu, 9 Oct 2014 15:47:54 +0200 Subject: usb: Do not re-read descriptors for wired devices in usb_authorize_device() This patch modifies the usb_authorize_device() function such as that it does not reload the device descriptor for wired devices. The reasons for this are as follows: * Some devices dislike the master requesting the descriptor from them twice, failing on the usb_get_device_descriptor() call with -ETIMEOUT. Observed this on my Pretec 16GB flash drive (4146:ba65). * Malicious device could send two different descriptors - one before authorization, used by userspace to determine whether to authorize it and second to be actually used by the kernel when determining which drivers to bind. Signed-off-by: Josef Gajdusek Signed-off-by: Greg Kroah-Hartman --- drivers/usb/core/hub.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'drivers/usb/core') diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c index 11e80ac..c096a1a 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -2543,11 +2543,14 @@ int usb_authorize_device(struct usb_device *usb_dev) "can't autoresume for authorization: %d\n", result); goto error_autoresume; } - result = usb_get_device_descriptor(usb_dev, sizeof(usb_dev->descriptor)); - if (result < 0) { - dev_err(&usb_dev->dev, "can't re-read device descriptor for " - "authorization: %d\n", result); - goto error_device_descriptor; + + if (usb_dev->wusb) { + result = usb_get_device_descriptor(usb_dev, sizeof(usb_dev->descriptor)); + if (result < 0) { + dev_err(&usb_dev->dev, "can't re-read device descriptor for " + "authorization: %d\n", result); + goto error_device_descriptor; + } } usb_dev->authorized = 1; -- cgit v1.1