From: Gerd Hoffmann <kraxel@redhat.com>
Date: Fri, 12 Mar 2021 09:49:54 +0000 (+0100)
Subject: usb/storage: clear csw on reset
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=39912c14da07a2dbc73854addcfa0a42596340ac;p=qemu.git

usb/storage: clear csw on reset

Stale data in csw (specifically residue) can confuse the state machine
and allows the guest trigger an assert().  So clear csw on reset to
avoid this happening in case the guest resets the device in the middle
of a request.

Buglink: https://bugs.launchpad.net/qemu/+bug/1523811
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210312094954.796799-1-kraxel@redhat.com>
---

diff --git a/hw/usb/dev-storage.c b/hw/usb/dev-storage.c
index 7b587ad051..dca62d544f 100644
--- a/hw/usb/dev-storage.c
+++ b/hw/usb/dev-storage.c
@@ -313,6 +313,7 @@ void usb_msd_handle_reset(USBDevice *dev)
         usb_msd_packet_complete(s);
     }
 
+    memset(&s->csw, 0, sizeof(s->csw));
     s->mode = USB_MSDM_CBW;
 }