Sorry for late response. Ok, I see. I'm trying to understand the code, please correct me where I am wrong. (It's my first time of some low level USB programming.)
So there are two similar structures, `struct keyevent` and `struct usbkeyinfo` (if omit `u64 data` field in the latter): { u8 modifiers; u8 reserved; u8 keys[6]; }; I guess they represent data that is being memcpy'ed from `pipe->buf` in `usb_poll_intr` function. These structures are 8 bytes in size. Earlier all keyboards with wMaxPacketSize != 8 had been ignored, so there was no overflow, because this 8 bytes limit was sort of hardcoded. Now when we allow 10 bytes packets, I guess `u8 keys[6]` should become `u8 keys[8]` to allocate enough memory. I guess we also need to memset the structure to zero before copying to it. Is that right? If so then I'll send corrected patch. On 6/10/19 4:07 PM, Kevin O'Connor wrote: > On Sun, Jun 09, 2019 at 06:52:34PM +0300, Evgeny Zinoviev wrote: >> So here's the patch for MacBooks, I hope it doesn't break anything. > Unfortunately, the call to usb_poll_intr() in usb_check_key() will > memcpy maxPacketSize bytes. That would overflow 'struct usbkeyinfo'. > > -Kevin > > >> On 6/2/19 9:01 PM, Kevin O'Connor wrote: >>> On Sun, Jun 02, 2019 at 05:39:11PM +0300, Evgeny Zinoviev wrote: >>>> Hi folks. >>>> >>>> I've recently ported coreboot on MBA 5,2 (13'' mid 2012 model) and MBP >>>> 10,1 (15'' mid 2012 retina model). The integrated keyboard on these >>>> models is connected as a USB device, not PS/2. I have tested GRUB, >>>> SeaBIOS and Tianocore payloads, and the keyboard works in GRUB and >>>> Tianocore but not in SeaBIOS. >>>> >>>> I was advised to send a log to this mailing list. It was created with >>>> SEABIOS_DEBUG_LEVEL=9. I'm not yet familiar with SeaBIOS code, but with >>>> your help perhaps I can debug and fix this. >>>> >>> At a quick glance, it appears multiple USB keyboards/mice were found. >>> SeaBIOS just chooses one randomly in that case. As a guess, it chose >>> the wrong one. If you want to try and debug it, you could look at >>> src/hw/usb-hid.c:usb_kbd_setup(). >>> >>> -Kevin >>> _______________________________________________ >>> SeaBIOS mailing list -- seabios@seabios.org >>> To unsubscribe send an email to seabios-le...@seabios.org >> diff --git a/src/hw/usb-hid.c b/src/hw/usb-hid.c >> index fa4d9a2..7d3561c 100644 >> --- a/src/hw/usb-hid.c >> +++ b/src/hw/usb-hid.c >> @@ -59,7 +59,7 @@ usb_kbd_setup(struct usbdevice_s *usbdev >> // XXX - this enables the first found keyboard (could be random) >> return -1; >> >> - if (epdesc->wMaxPacketSize != 8) >> + if (epdesc->wMaxPacketSize != 8 && epdesc->wMaxPacketSize != 10) >> return -1; >> >> // Enable "boot" protocol. >> _______________________________________________ >> SeaBIOS mailing list -- seabios@seabios.org >> To unsubscribe send an email to seabios-le...@seabios.org > _______________________________________________ > SeaBIOS mailing list -- seabios@seabios.org > To unsubscribe send an email to seabios-le...@seabios.org _______________________________________________ SeaBIOS mailing list -- seabios@seabios.org To unsubscribe send an email to seabios-le...@seabios.org