usb: Do not re-read descriptors for wired devices in usb_authorize_de…

…vice() This patch modifies the usb_authorize_device() function such as that it does not reload the device descriptor for wired devices. The reasons for this are as follows: * Some devices dislike the master requesting the descriptor from them twice, failing on the usb_get_device_descriptor() call with -ETIMEOUT. Observed this on my Pretec 16GB flash drive (4146:ba65). * Malicious device could send two different descriptors - one before authorization, used by userspace to determine whether to authorize it and second to be actually used by the kernel when determining which drivers to bind. Signed-off-by: Josef Gajdusek <atx@atx.name> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
mariux64 · Nov 3, 2014 · e50a322 · e50a322
1 parent dd3cf17
commit e50a322
Showing 1 changed file with 8 additions and 5 deletions.
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
@@ -2543,11 +2543,14 @@ int usb_authorize_device(struct usb_device *usb_dev)
 			"can't autoresume for authorization: %d\n", result);
 		goto error_autoresume;
 	}
-	result = usb_get_device_descriptor(usb_dev, sizeof(usb_dev->descriptor));
-	if (result < 0) {
-		dev_err(&usb_dev->dev, "can't re-read device descriptor for "
-			"authorization: %d\n", result);
-		goto error_device_descriptor;
+
+	if (usb_dev->wusb) {
+		result = usb_get_device_descriptor(usb_dev, sizeof(usb_dev->descriptor));
+		if (result < 0) {
+			dev_err(&usb_dev->dev, "can't re-read device descriptor for "
+				"authorization: %d\n", result);
+			goto error_device_descriptor;
+		}
 	}
 
 	usb_dev->authorized = 1;