From nobody Tue Dec 16 14:52:41 2025 Received: from out-174.mta0.migadu.com (out-174.mta0.migadu.com [91.218.175.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 273C026980F for ; Tue, 21 Oct 2025 22:25:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761085558; cv=none; b=i7zLTOdwGuTgvFBs5fedtHzJsb3cIZe7GaLvC42GVmTJUCXqyscnlbmi3t8e0FU0BbGgSOzr4pVOSkSo7VmMsVLbC5jbp4Gcw3t7diXvi7l6VqVD8zcM7D6eiRwiWIAW+mJqVE4XoTpHOmjBP+mdCtKll3w/LV0uPJ2krVauym8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761085558; c=relaxed/simple; bh=L6pJCJRQlpGz4vRVZTttL4VLEPacbukwogeVseG1pvo=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=nksVyzbU1bOse3Vc5poGZMZASpKp+LGXmVbE2FOinSbVX7Rxyv8J5GeTfrPyQvPUozAGPSuLqNpEMW7SspQOGdy5SstHlGWQwRLytntlMTy4qa9wpqM1wLJbgtooUAC9HtFnqPy69zpfUaBT4gsOD4ltiWG1S4Wfzf+dpt6M6/s= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=q9nMATXD; arc=none smtp.client-ip=91.218.175.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="q9nMATXD" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1761085555; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=5OCK17bkD8uC3U/dYZyCUkvEyfsk5UZB3M9kPb7WAEA=; b=q9nMATXDZ0SuzSXKHJh3gEsQHW/85awbOp1eNT9X8/Ie8aSWzp2jf0HvMShu1tZX/xsdAW IeuFm61EY2+R2Kx6TqRLNhek1rNjW0KTjhkhhsIS9noTxZd+jui3XyheAZnBm+xrDvpRBN 8cbP/OzjUaHmYTBxwiB27ABfQ6CwTls= From: andrey.konovalov@linux.dev To: Greg Kroah-Hartman , Alan Stern Cc: Andrey Konovalov , linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH RESEND] usb: raw-gadget: do not limit transfer length Date: Wed, 22 Oct 2025 00:25:45 +0200 Message-ID: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Migadu-Flow: FLOW_OUT Content-Type: text/plain; charset="utf-8" From: Andrey Konovalov Drop the check on the maximum transfer length in Raw Gadget for both control and non-control transfers. Limiting the transfer length causes a problem with emulating USB devices whose full configuration descriptor exceeds PAGE_SIZE in length. Overall, there does not appear to be any reason to enforce any kind of transfer length limit on the Raw Gadget side for either control or non-control transfers, so let's just drop the related check. Cc: stable@vger.kernel.org Fixes: f2c2e717642c ("usb: gadget: add raw-gadget interface") Signed-off-by: Andrey Konovalov --- drivers/usb/gadget/legacy/raw_gadget.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/usb/gadget/legacy/raw_gadget.c b/drivers/usb/gadget/le= gacy/raw_gadget.c index 20165e1582d9..b71680c58de6 100644 --- a/drivers/usb/gadget/legacy/raw_gadget.c +++ b/drivers/usb/gadget/legacy/raw_gadget.c @@ -667,8 +667,6 @@ static void *raw_alloc_io_data(struct usb_raw_ep_io *io= , void __user *ptr, return ERR_PTR(-EINVAL); if (!usb_raw_io_flags_valid(io->flags)) return ERR_PTR(-EINVAL); - if (io->length > PAGE_SIZE) - return ERR_PTR(-EINVAL); if (get_from_user) data =3D memdup_user(ptr + sizeof(*io), io->length); else { --=20 2.43.0