<p>Julius Werner would like Nico Huber and Patrick Georgi to <strong>review</strong> this change.</p><p><a href="https://review.coreboot.org/23766">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">libpayload: usbhid: Zero-initialize all parts of usbhid instance struct<br><br>The USBHID driver zero-initializes some but not all of the fields in its<br>usbhid_inst_t structure. This is a problem because under some<br>circumstances, some of the uninitialized fields may be read and lead to<br>incorrect behavior. Some (broken) USB keyboards keep sending reports<br>that contain all zeroes even when they have no new keys... these usually<br>get silently ignored, but if the usbhid_inst_t structure is in an<br>inconsistent state where 'previous' is zeroed out but 'lastkeypress'<br>is non-zero because it wasn't properly initialized, these reports will<br>be interpreted as keyrepeats of the bogus 'lastkeypress'. This patch<br>changes the code to just xzalloc() the whole structure so we won't have<br>to worry about initialization issues anymore.<br><br>Change-Id: Ic987de2daaceaad2ae401a1e12b1bee397f802ee<br>Signed-off-by: Julius Werner <jwerner@chromium.org><br>---<br>M payloads/libpayload/drivers/usb/usbhid.c<br>1 file changed, 1 insertion(+), 5 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://review.coreboot.org:29418/coreboot refs/changes/66/23766/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/payloads/libpayload/drivers/usb/usbhid.c b/payloads/libpayload/drivers/usb/usbhid.c</span><br><span>index 3100d37..68130f8 100644</span><br><span>--- a/payloads/libpayload/drivers/usb/usbhid.c</span><br><span>+++ b/payloads/libpayload/drivers/usb/usbhid.c</span><br><span>@@ -439,11 +439,7 @@</span><br><span> boot_protos[interface->bInterfaceProtocol]);</span><br><span> switch (interface->bInterfaceProtocol) {</span><br><span> case hid_boot_proto_keyboard:</span><br><span style="color: hsl(0, 100%, 40%);">- dev->data = malloc (sizeof (usbhid_inst_t));</span><br><span style="color: hsl(0, 100%, 40%);">- if (!dev->data)</span><br><span style="color: hsl(0, 100%, 40%);">- fatal("Not enough memory for USB HID device.\n");</span><br><span style="color: hsl(0, 100%, 40%);">- memset(&HID_INST(dev)->previous, 0x00,</span><br><span style="color: hsl(0, 100%, 40%);">- sizeof(HID_INST(dev)->previous));</span><br><span style="color: hsl(120, 100%, 40%);">+ dev->data = xzalloc (sizeof (usbhid_inst_t));</span><br><span> usb_debug (" configuring...\n");</span><br><span> usb_hid_set_protocol(dev, interface, hid_proto_boot);</span><br><span> usb_hid_set_idle(dev, interface, KEYBOARD_REPEAT_MS);</span><br><span></span><br></pre><p>To view, visit <a href="https://review.coreboot.org/23766">change 23766</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://review.coreboot.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://review.coreboot.org/23766"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: coreboot </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: Ic987de2daaceaad2ae401a1e12b1bee397f802ee </div>
<div style="display:none"> Gerrit-Change-Number: 23766 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Julius Werner <jwerner@chromium.org> </div>
<div style="display:none"> Gerrit-Reviewer: Nico Huber <nico.h@gmx.de> </div>
<div style="display:none"> Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com> </div>