From owner-freebsd-current@FreeBSD.ORG Wed Jul 18 22:03:59 2012 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3B1431065670; Wed, 18 Jul 2012 22:03:59 +0000 (UTC) (envelope-from yanegomi@gmail.com) Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id E8B548FC12; Wed, 18 Jul 2012 22:03:58 +0000 (UTC) Received: by obbun3 with SMTP id un3so3575095obb.13 for ; Wed, 18 Jul 2012 15:03:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8W4cpiXgeLv4EM5xmCmbHGo5Lkqc+2M0b1JgGPo4MAo=; b=wP5gd7LDiDqBNGzaRidj8iv3Ou3SXYtX/BsQ3NooRedHEr0YIWGRRBcSG2Wjnv8QS6 sH6V9gDJX0PfaAdpWsMon4TZxEq3tbC4+r4iELGuwfWC1/WmEe/2o9STiIiomJ8Kj7Kn BoqAkxAjtGXC6/iwIdPqWNN8uDjAO7ekUDMYlLS+9Nj4YqMUp6qvmc0io1OomIeVoMc9 EY2Q0BRUmxfieRx/GNoOwHgum87MlRtVN42gSAiDJwbLCRATWprdE9zbgcL9Q3WZZpcR DeqtGHnJpU721jbB2heS1eH/tohUEYoqMj2fYiYoPLbfeN14nStQhmILbo3E6OFz8LFY Hm0Q== MIME-Version: 1.0 Received: by 10.60.3.194 with SMTP id e2mr3768057oee.1.1342649038307; Wed, 18 Jul 2012 15:03:58 -0700 (PDT) Received: by 10.76.84.7 with HTTP; Wed, 18 Jul 2012 15:03:58 -0700 (PDT) In-Reply-To: <201207182322.50655.hselasky@c2i.net> References: <201207182322.50655.hselasky@c2i.net> Date: Wed, 18 Jul 2012 15:03:58 -0700 Message-ID: From: Garrett Cooper To: Hans Petter Selasky Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-multimedia@freebsd.org, freebsd-current@freebsd.org Subject: Re: IPod crash seen with FreeBSD only X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jul 2012 22:03:59 -0000 On Wed, Jul 18, 2012 at 2:22 PM, Hans Petter Selasky wrote: > Hi, > > I have one of those locked down silvery IPod's, and wanted to try out gnupod > to get some MP3's transferred to the device. I made it once, but then my luck > ended :-) Anyway I found what looks like a remote crash vulnerability in the > IPod firmware. How to make it crash: > > 1) Plug USB cable and wait for /dev/daX device to appear. > 2) mount -t msdosfs /dev/daX /mnt > 3) rm -rf /mnt/* > 4) umount /mnt > 5) Now unplug the USB cable and wait for the device to boot into menu mode. > Don't press any keys. > 6) Then plug the USB cable again into the PC/Lapop running FreeBSD 8/9. > > 7) Observation: The device goes into an infinite reboot loop until the USB > cable is unplugged. > > 8) How to recover your device: > 9) Add this quirk: > > usbconfig add_dev_quirk_vplh 0x05ac 0x1262 0 65535 UQ_MSC_NO_SYNC_CACHE > ^^ vendor ^^ product > > Please write down the iProduct and iVendor before testing this, else you will > have to plug your device into a Linux/Mac box to get it back. You can do this > by running the following command before executing any of the steps above: > > usbconfig -d X.Y dump_device_desc > > 10) Plug your device. > 11) /dev/daX should appear again :-) Puuuuhhh :-) > > This is the dmesg you see when the device is crashing. > > usbd_req_re_enumerate: addr=3, set address failed! (USB_ERR_STALLED, ignored) > usbd_req_re_enumerate: addr=3, set address failed! (USB_ERR_STALLED, ignored) > usb_alloc_device: Failure selecting configuration index 0:USB_ERR_STALLED, > port 2, addr 3 (ignored) > ugen7.3: at usbus7 > ugen7.3: at usbus7 (disconnected) > > If Apple could explain this, would be great! I believe some Apple people are > hanging around on these lists :-) Been meaning to mention this... I run into this regularly as of a couple months ago with my iPod classic as well (I used to use my FreeBSD workstation as a "charger" for my iPod). I'll provide more details if I get a chance. Thanks, -Garrett