From b3e40fc85735b787ce65909619fcd173107113c2 Mon Sep 17 00:00:00 2001 From: Oliver Neukum Date: Thu, 2 May 2024 13:51:40 +0200 Subject: [PATCH] USB: usb_parse_endpoint: ignore reserved bits Reading bEndpointAddress the spec tells is that: b7 is direction, which must be ignored b6:4 are reserved which are to be set to zero b3:0 are the endpoint address In order to be backwards compatible with possible future versions of USB we have to be ready with devices using those bits. That means that we also have to ignore them like we do with the direction bit. In consequence the only illegal address you can encoding in four bits is endpoint zero, for which no descriptor must exist. Hence the check for exceeding the upper limit on endpoint addresses is removed. Signed-off-by: Oliver Neukum Reviewed-by: Alan Stern Link: https://lore.kernel.org/r/20240502115259.31076-1-oneukum@suse.com Signed-off-by: Greg Kroah-Hartman --- drivers/usb/core/config.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/usb/core/config.c b/drivers/usb/core/config.c index 7f8d33f92ddb5..3362af165ef5a 100644 --- a/drivers/usb/core/config.c +++ b/drivers/usb/core/config.c @@ -279,11 +279,11 @@ static int usb_parse_endpoint(struct device *ddev, int cfgno, goto skip_to_next_endpoint_or_interface_descriptor; } - i = d->bEndpointAddress & ~USB_ENDPOINT_DIR_MASK; - if (i >= 16 || i == 0) { + i = d->bEndpointAddress & USB_ENDPOINT_NUMBER_MASK; + if (i == 0) { dev_notice(ddev, "config %d interface %d altsetting %d has an " - "invalid endpoint with address 0x%X, skipping\n", - cfgno, inum, asnum, d->bEndpointAddress); + "invalid descriptor for endpoint zero, skipping\n", + cfgno, inum, asnum); goto skip_to_next_endpoint_or_interface_descriptor; } -- 2.30.2