Re: [PATCH] HID: usbhid: sanitize hid->uniq against non-printable bytes

[Eric Naim]

On 4/18/26 3:14 PM, Greg KH wrote:
> On Sat, Apr 18, 2026 at 02:58:23PM +1200, Taylor Hewetson wrote:
>> Some USB HID devices (observed on ASUS ROG Azoth via its 2.4GHz
>> dongle, USB ID 0b05:1a85) report an iSerialNumber string whose
>> USB string descriptor declares a longer length than the actual
>> serial, leaving uninitialized firmware memory - including control
>> characters such as 0x18 - appended to the returned string.
>>
>> These non-printable bytes propagate into hid->uniq, which in turn
>> populates /sys/class/input/inputN/uniq. Downstream userspace
>> components (systemd sd-device property_is_valid(), and by extension
>> mutter input enumeration on GNOME Wayland sessions) reject devices
>> with control characters in their uniq, rendering otherwise-
>> functional input devices unusable in graphical sessions despite
>> the kernel input layer correctly translating keypresses.
>>
>> Truncate hid->uniq at the first byte outside the printable ASCII
>> range (0x20..0x7e) after the serial is read.
> 
> Why aren't we doing this in the USB core instead of forcing all users of
> this to do it instead?

Should it be up to the kernel to do this as well? Currently this is only a
problem with systemd because they added this check, and it looks like they
have something in mind to fix it as well [1].

[1] https://github.com/systemd/systemd/issues/41339#issuecomment-4266429563

> 
> thanks,
> 
> greg k-h


-- 
Regards,
  Eric