2021-07-12 15:46:42 |
xcom |
bug |
|
|
added bug |
2021-07-15 18:50:45 |
Alex Hung |
description |
The hid-sony driver has custom DS4 connect/disconnect logic for the
DS4 dongle, which is a USB dongle acting as a proxy to Bluetooth
connected DS4.
The connect/disconnect logic works fine generally, however not in
conjunction with Steam. Steam implements its own DS4 driver using
hidraw. Both hid-sony and Steam are issuing their own HID requests
and are racing each other during DS4 dongle connect/disconnect
resulting in a kernel crash in hid-sony.
The problem is that upon a DS4 connect to the dongle, hid-sony kicks
of 'ds4_get_calibration_data' from within its dongle hotplug code.
The calibration code issues raw HID feature report for reportID 0x02.
When Steam is running, it issues a feature report for reportID 0x12
typically just prior to hid-sony requesting feature reportID 0x02.
The result is that 'ds4_get_calibration_data' receives the data Steam
requested as that's the HID report returing first. Currently this
results in it processing invalid data, which ultimately results in a
divide by zero upon a future 'dualshock4_parse_report'.
The solution for now is to check within 'ds4_get_calibration_data' to
check if we received data for the feature report we issued and if not
retry.
Please consider to add this patch to Ubuntu LTS kernels.
Commit:
https://github.com/torvalds/linux/commit/f5dc93b7875bcb8be77baa792cc9432aaf65365b |
[Impact]
Sony Dualshock 4 controller crashes systems. This is the result of a
divide by zero when the driver processes requests from Steam and returns
invalid data. More details are in the patch description.
[Fix]
Check whether data is valid and retry up to 3 times if needed.
[Test Case]
Tested by the bug reporter of LP:1935846. No more crashes after applying
this patch.
[Where problems could occur]
None. The patch checks whether data is valid and retry 3 times before
return -EILSEQ if it still fails.
== Original descriptions ==
The hid-sony driver has custom DS4 connect/disconnect logic for the
DS4 dongle, which is a USB dongle acting as a proxy to Bluetooth
connected DS4.
The connect/disconnect logic works fine generally, however not in
conjunction with Steam. Steam implements its own DS4 driver using
hidraw. Both hid-sony and Steam are issuing their own HID requests
and are racing each other during DS4 dongle connect/disconnect
resulting in a kernel crash in hid-sony.
The problem is that upon a DS4 connect to the dongle, hid-sony kicks
of 'ds4_get_calibration_data' from within its dongle hotplug code.
The calibration code issues raw HID feature report for reportID 0x02.
When Steam is running, it issues a feature report for reportID 0x12
typically just prior to hid-sony requesting feature reportID 0x02.
The result is that 'ds4_get_calibration_data' receives the data Steam
requested as that's the HID report returing first. Currently this
results in it processing invalid data, which ultimately results in a
divide by zero upon a future 'dualshock4_parse_report'.
The solution for now is to check within 'ds4_get_calibration_data' to
check if we received data for the feature report we issued and if not
retry.
Please consider to add this patch to Ubuntu LTS kernels.
Commit:
https://github.com/torvalds/linux/commit/f5dc93b7875bcb8be77baa792cc9432aaf65365b |
|
2021-07-19 14:16:05 |
Tim Gardner |
nominated for series |
|
Ubuntu Focal |
|
2021-07-19 14:16:05 |
Tim Gardner |
bug task added |
|
linux (Ubuntu Focal) |
|
2021-07-19 14:16:05 |
Tim Gardner |
nominated for series |
|
Ubuntu Groovy |
|
2021-07-19 14:16:05 |
Tim Gardner |
bug task added |
|
linux (Ubuntu Groovy) |
|
2021-07-19 14:16:13 |
Tim Gardner |
linux (Ubuntu Focal): status |
New |
In Progress |
|
2021-07-19 14:16:18 |
Tim Gardner |
linux (Ubuntu Groovy): status |
New |
Won't Fix |
|
2021-07-19 14:16:26 |
Tim Gardner |
linux (Ubuntu): status |
New |
Fix Released |
|
2021-07-27 20:26:31 |
Alex Hung |
linux (Ubuntu Focal): assignee |
|
Alex Hung (alexhung) |
|
2021-07-27 20:26:35 |
Alex Hung |
linux (Ubuntu Focal): assignee |
Alex Hung (alexhung) |
|
|
2021-07-27 20:26:37 |
Alex Hung |
linux (Ubuntu): assignee |
|
Alex Hung (alexhung) |
|
2021-07-27 20:26:41 |
Alex Hung |
linux (Ubuntu): assignee |
Alex Hung (alexhung) |
|
|
2021-07-27 20:26:43 |
Alex Hung |
linux (Ubuntu Focal): assignee |
|
Alex Hung (alexhung) |
|
2021-08-04 07:55:04 |
Stefan Bader |
linux (Ubuntu Focal): importance |
Undecided |
Medium |
|
2021-08-06 21:22:00 |
Kelsey Steele |
linux (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
2021-08-20 09:42:14 |
Ubuntu Kernel Bot |
tags |
|
verification-needed-focal |
|
2021-08-20 16:26:41 |
Alex Hung |
tags |
verification-needed-focal |
verification-done-focal |
|
2021-09-07 13:48:28 |
Launchpad Janitor |
linux (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
2021-09-07 13:48:28 |
Launchpad Janitor |
cve linked |
|
2021-3653 |
|
2021-09-07 13:48:28 |
Launchpad Janitor |
cve linked |
|
2021-3656 |
|