diff options
author | Julius Werner <jwerner@chromium.org> | 2019-07-22 11:06:40 -0700 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-08-22 10:36:48 +0000 |
commit | 182fea717e413bf3c0920920da13a98aa8fe890c (patch) | |
tree | 99e7e206ac8d080aeaa48b4a191016ddadc5688c /payloads/libpayload/drivers/usb/ehci_rh.c | |
parent | c788ae328eb3708923623ff15a8aa27f686c84f8 (diff) |
libpayload: usbmsc: Skip zero-length packets at end of data
Some broken USB mass storage devices send another zero-length packet at
the end of the data part of a transfer if the amount of data was evenly
divisible by the packet size (which is pretty much always the case for
block reads). This packet will get interpreted as the CSW and screw up
the MSC state machine.
This patch works around this issue by retrying the CSW transfer when it
was received as exactly 0 bytes. This is the same mitigation the Linux
kernel uses and harmless for correctly behaving devices. Also tighten
validation of the CSW a little, making sure we verify the length before
we read any fields and checking the signature in addition to the tag.
Change-Id: I24f183f27b2c4f0142ba6c4b35b490c5798d0d21
Signed-off-by: Julius Werner <jwerner@chromium.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/34485
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Diffstat (limited to 'payloads/libpayload/drivers/usb/ehci_rh.c')
0 files changed, 0 insertions, 0 deletions