Skip to content

usb: enhance verification of the class control requests #36694

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 18 commits into from
Aug 3, 2021
Merged

usb: enhance verification of the class control requests #36694

merged 18 commits into from
Aug 3, 2021

Conversation

jfischer-no
Copy link
Contributor

@jfischer-no jfischer-no commented Jul 2, 2021
edited
Loading

Set data stage length variable to zero as a precaution
so that no trouble happens if control request handler
does not check the request values sufficiently.

Check the control transfer direction in CDC classes, bluetooth, audio, and DFU.

@jfischer-no jfischer-no added the area: USB Universal Serial Bus label Jul 2, 2021
@jfischer-no jfischer-no force-pushed the pr-usb-fix-cdcacm-request-handling branch from 394e842 to 4401e94 Compare July 2, 2021 14:35
@jfischer-no jfischer-no changed the title usb: cdc_acm: enhance verification of the class control requests usb: enhance verification of the class control requests Jul 6, 2021
@jfischer-no jfischer-no force-pushed the pr-usb-fix-cdcacm-request-handling branch from 4b2670d to f2172ef Compare July 6, 2021 09:56
@zephyrbot zephyrbot requested a review from mengxianglinx July 6, 2021 13:53
@jfischer-no jfischer-no added this to the v2.7.0 milestone Jul 13, 2021
@carlescufi
Copy link
Member

CC @szymonh

cfriedt
cfriedt reviewed Jul 19, 2021
View reviewed changes
subsys/usb/usb_device.c Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest changing /** to /* here just so it isn't picked up by doxygen.

cfriedt
cfriedt reviewed Jul 19, 2021
View reviewed changes
subsys/usb/usb_device.c Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would suggest changing /** to /* here just so it isn't picked up by doxygen

@cfriedt
Copy link
Member

cfriedt commented Jul 19, 2021

@jfischer-no - do we have test coverage for most of these changes?

@jfischer-no
Copy link
Contributor Author

@jfischer-no - do we have test coverage for most of these changes?

No, there is no testbench for current USB device stack. I test such changes manually with testusb and USBCV3. For overhauled USB device stack I plan to implement test based on USBIP.

@cfriedt
Copy link
Member

cfriedt commented Jul 19, 2021
edited
Loading

@jfischer-no - do we have test coverage for most of these changes?

No, there is no testbench for current USB device stack. I test such changes manually with testusb and USBCV3. For overhauled USB device stack I plan to implement test based on USBIP.

Ah, ok. As long as you're testing ;-) Is there someone in particular you would like to review this?

As an alternative to USBIP, there are a few other emulated peripheral drivers that are fairly invaluable to CI / automated testing.

drivers/adc/adc_emul.c
drivers/espi/espi_emul.c
drivers/gpio/gpio_emul.c
drivers/i2c/i2c_emul.c
drivers/spi/spi_emul.c

USB would be great to have on that list.

Kind of surprised it hasn't grown beyond that yet. UART would be an obvious candidate too.

@jfischer-no
Copy link
Contributor Author

@jfischer-no - do we have test coverage for most of these changes?

No, there is no testbench for current USB device stack. I test such changes manually with testusb and USBCV3. For overhauled USB device stack I plan to implement test based on USBIP.

Ah, ok. As long as you're testing ;-) Is there someone in particular you would like to review this?

These are in the review list 😄

As an alternative to USBIP, there are a few other emulated peripheral drivers that are fairly invaluable to CI / automated testing.

drivers/adc/adc_emul.c
drivers/espi/espi_emul.c
drivers/gpio/gpio_emul.c
drivers/i2c/i2c_emul.c
drivers/spi/spi_emul.c

USB would be great to have on that list.

Kind of surprised it hasn't grown beyond that yet. UART would be an obvious candidate too.

It is not that simple. It is not just the driver API (btw, there is simple CI test for USB driver API), it is also the stack that needs to be tested. However, it makes no sense to waste resources on current implementation.

@pfalcon pfalcon removed their request for review July 19, 2021 14:27
@cfriedt
Copy link
Member

cfriedt commented Jul 19, 2021

It is not that simple. It is not just the driver API (btw, there is simple CI test for USB driver API), it is also the stack that needs to be tested. However, it makes no sense to waste resources on current implementation.

The emulated peripherals aren't simple per se - the intent is to use them to achieve 100% test coverage for driver APIs along with the stack.

Would definitely be something worthwhile to consider if we ever do reimplement the USB stack ;-)

@cfriedt
Copy link
Member

cfriedt commented Jul 22, 2021

@d3zd3z - can you please take a look at this?

eobalski
eobalski suggested changes Jul 22, 2021
View reviewed changes
Copy link

@eobalski eobalski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

NACK just because of missing -ENOTSUP the rest are clarification questions rather than nack

@cfriedt
Copy link
Member

cfriedt commented Jul 27, 2021

@jfischer-no - could you address the comments by @emob-nordic ?

@jfischer-no jfischer-no force-pushed the pr-usb-fix-cdcacm-request-handling branch from 4007f5d to 88521bf Compare August 2, 2021 13:51
@jfischer-no jfischer-no requested a review from eobalski August 2, 2021 13:51
@jfischer-no
usb: set data stage length variable to zero by default
b9c5a17 
Set data stage length variable to zero as a precaution
so that no trouble happens if control request handler
does not check the request values sufficiently.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: cdc_acm: enhance verification of the class control requests
070227f 
Rework CDC ACM class control request handling and
check the control transfer direction.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: loopback: use class internal buffer to store request data
6c304da 
Use internal buffer to store request data and not
the data OUT stage buffer.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: cdc_ecm: return error on incorrect/unsupported request
b501c9f 
Control request handler from CDC ECM implementation does not
care at all about returning errors when a request is not supported.
Return EINVAL/ENOTSUP if request is incorrect/unsupported.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: rndis: return error on incorrect/unsupported request
67b2616 
Return ENOTSUP if request is unsupported and pass on the error
from encapsulated command/response functions.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: audio: additionally check control request direction
94b255f 
Rework mute request handling and add checks for
control request direction.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: bluetooth: additionally check control request direction
54616f6 
HCI commands are always directed to controller and should be
host-to-device class control requests.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: bt_h4: return -ENOTSUP on vendor requests
daedafa 
This class does not handle any vendor request,
therefore just return -ENOTSUP on any vendor request.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: msc: additionally check control request direction
8132579 
Rework class control request handler and add control
request direction check.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
samples: webusb: return -ENOTSUP on host-to-device control requests
cc48574 
The sample only supports device-to-host control requests.
Return -ENOTSUP on host-to-device control requests.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
samples: wpanusb: return -ENOTSUP on unsupported device-to-host requests
a118cc7 
Control pipe in wpanusb is used only for host-to-device requests.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: dfu: check control request direction
9a0c74d 
Check control request direction and split class request handler
by request direction.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: dfu: halt endpoint on flash API error or block mismatch
ee75e07 
Halt endpoint on flash API error or block mismatch.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: hid: obtain the requested length from wLength
d301872 
Obtain the requested length from wLength and assign the
possible length to len argument.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: cleanup standard device request handler
287b098 
Cleanup standard device request handler.
Pass pointer to setup packet as argument where
it is reasonable.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: cleanup standard endpoing request handler
414e5eb 
Cleanup standard endpoint request handler.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: cleanup standard interfave request handler
577f902 
Cleanup standard device request handler.
Pass pointer to setup packet as argument where
it is reasonable.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no
usb: check request direction in request handlers
dbfd641 
Check request direction in standard device,
interface, and endpoint request handlers.

Signed-off-by: Johann Fischer <[email protected]>
@jfischer-no jfischer-no force-pushed the pr-usb-fix-cdcacm-request-handling branch from 88521bf to dbfd641 Compare August 3, 2021 15:31
@nashif nashif merged commit 4b79912 into zephyrproject-rtos:main Aug 3, 2021
@jfischer-no jfischer-no deleted the pr-usb-fix-cdcacm-request-handling branch August 4, 2021 07:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cfriedt cfriedt cfriedt approved these changes

@d3zd3z d3zd3z Awaiting requested review from d3zd3z

@nashif nashif Awaiting requested review from nashif

@anangl anangl Awaiting requested review from anangl

@nvlsianpu nvlsianpu Awaiting requested review from nvlsianpu

@rlubos rlubos Awaiting requested review from rlubos

@tbursztyka tbursztyka Awaiting requested review from tbursztyka

@mengxianglinx mengxianglinx Awaiting requested review from mengxianglinx

+1 more reviewer

@eobalski eobalski eobalski approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@jfischer-no jfischer-no

Labels
area: Bluetooth area: Networking area: Samples Samples area: USB Universal Serial Bus
Projects
None yet
Milestone
v2.7.0
Development

Successfully merging this pull request may close these issues.
5 participants
@jfischer-no @carlescufi @cfriedt @eobalski @nashif