[PATCH 0/1] usb: gadget: f_hid: fix report descriptor allocation
From: Konstantin Aladyshev
Date: Tue Dec 05 2023 - 03:54:16 EST
The commit "usb: gadget: f_hid: fix f_hidg lifetime vs cdev"
(89ff3dfac604614287ad5aad9370c3f984ea3f4b) has introduced a bug
that leads to hid device corruption after the replug operation.
The usb gadget driver bug was observed in the KVM functionality of the
OpenBMC distribution. In the test environment BMC provides KVM
functionality for the host (i.e. virtual USB keyboard) via the USB
gadget device.
The bug occurs when the KVM page is refreshed (i.e. USB device is
replugged).
Before the 89ff3dfac6 this opeartion was working without any issues.
Log messages from the host for this operation:
```
kernel: usb 1-7.4: USB disconnect, device number 3
kernel: usb 1-7.4: new high-speedUSB device number 4 using xhci_hcd
kernel: usb 1-7.4: New USB device found, idVendor=1d6b, idProduct=0104,
bcdDevice= 1.00
kernel: usb 1-7.4: New USB device strings: Mfr=1, Produt=2, SerialNumber=3
kernel: usb 1-7.4: Product: Virtual Keyboard and Mouse
kernel: usb 1-7.4: Manufacturer: OpenBMC
kernel: usb 1-7.4: SerialNumber: OBMC0001
kernel: input: OpenBMC Virtual Keyboard and Mouse as /devices/pci0000:
00/0000:00:140/usb1/1-7/1-7.4/1-7.4:1.0/0003:1D6B:0104.0003/input/input3
kernel: hid-generic 0003:1D6B:0104.0003: inputhidraw0: USB HID v1.01
Keyboard [OpenBMC Virtual Keyboard and Mouse] on usb-0000:00:14.0-7.4/input0
kernel: input: OpenBMC Virtual Keyboard and Mouse as /devices/pci0000:
00/0000:00:14.0/sb1/1-7/1-7.4/1-7.4:1.1/0003:1D6B:0104.0004/input/input4
kernel: hid-generic 0003:1D6B:0104.0004: input,hidraw1: USB HID v1.01
Mouse [OpenBMC Virtual Keyboard and Mouse] on usb-0000:00:14.0-7.4/input1
```
After the 89ff3dfac6 the KVM page refresh (i.e. USB device replug) results
to the USB device corruction and the following messages from the driver:
```
kernel: usb 1-7.4: USB disconnect, device number 3
hid-generic 0003:1D6B:0104.0003: item fetching failed at offset 18/63
hid-generic 0003:1D6B:01040004: item fetching failed at offset 32/76
kernel: usb 1-7.4: new high-speed USB device number 4 using xhci_hcd
kernel: usb 1-7.4: New USB device found, idVendor=1d6b, idProduct=0104,
bcdDevice= 1.00
kernel: usb 1-7.4:New USB device strings: Mfr=1, Product=2, SerialNumber=3
kernel: usb 1-7.4: Product: Virual Keyboard and Mouse
kernel: usb 1-7.4: Manufacturer: OpenBMC
kernel: usb 1-7.4: SerialNumber: OBMC0001
kernel: id-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item tag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: unknown main item ag 0x0
kernel: hid-generic 0003:1D6B:0104.0003: item fetching failed at offset 18/63
kernel: hid-eneric: probe of 0003:1D6B:0104.0003 failed with error -22
kernel: hid-generic 0003:1D6B:0104.0004: item fetching failed at offset 32/76
kernel hid-generic: probe of 0003:1D6B:0104.0004 failed with error -22
```
Reverse device managed memory allocation for the report descriptor
to fix the issue.
Konstantin Aladyshev (1):
usb: gadget: f_hid: fix report descriptor allocation
drivers/usb/gadget/function/f_hid.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
--
2.25.1