From: Benjamin Tissoires <bentiss@kernel.org>
To: Oleksandr Natalenko <oleksandr@natalenko.name>
Cc: linux-input@vger.kernel.org, Anj Duvnjak <avian@extremenerds.net>,
benjamin.tissoires@redhat.com, lee@kernel.org, jikos@kernel.org
Subject: Re: [PATCH] HID: core: downgrade short report warning to debug level
Date: Wed, 15 Apr 2026 10:24:33 +0200 [thread overview]
Message-ID: <ad9LBakFHEHD-K9C@beelink> (raw)
In-Reply-To: <5062517.GXAFRqVoOG@natalenko.name>
On Apr 14 2026, Oleksandr Natalenko wrote:
> Hello.
>
> Thank you for the submission. Please see comments inline.
>
> On úterý 14. dubna 2026 23:41:43, středoevropský letní čas Anj Duvnjak wrote:
> > Commit 0a3fe972a7cb ("HID: core: Mitigate potential OOB by removing bogus
> > memset()") replaced the silent memset() with hid_warn_ratelimited(), which
> > causes dmesg flooding on devices that legitimately send short reports,
> > such as the APC UPS (051D:0002).
> >
> > Downgrade to dbg_hid() to restore the previous behaviour of only
> > reporting under HID_DEBUG, while preserving the security fix of
> > removing the bogus memset().
> >
> > Reported-by: Anj Duvnjak <avian@extremenerds.net>
> > Closes: https://lore.kernel.org/linux-input/MW5PR84MB135613E7947113897DD9FDA4C7272@MW5PR84MB1356.NAMPRD84.PROD.OUTLOOK.COM/
> > Reported-by: Oleksandr Natalenko <oleksandr@natalenko.name>
> > Closes: https://lore.kernel.org/linux-input/6256259.lOV4Wx5bFT@natalenko.name/
>
> I think these Closes: should be Link: instead. And probably Fixes: should be added as follows:
>
> Fixes: 0a3fe972a7cb14 ("HID: core: Mitigate potential OOB by removing bogus memset()")
>
> > Signed-off-by: Anj Duvnjak <avian@extremenerds.net>
> > ---
> > drivers/hid/hid-core.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c
> > index 833df14ef68f..de8a179347ec 100644
> > --- a/drivers/hid/hid-core.c
> > +++ b/drivers/hid/hid-core.c
> > @@ -2057,8 +2057,8 @@ int hid_report_raw_event(struct hid_device *hid, enum hid_report_type type, u8 *
> > rsize = max_buffer_size;
> >
> > if (csize < rsize) {
> > - hid_warn_ratelimited(hid, "Event data for report %d was too short (%d vs %d)\n",
> > - report->id, rsize, csize);
> > + dbg_hid("Event data for report %d was too short (%d vs %d)\n",
> > + report->id, rsize, csize);
>
> Ratelimiting is good to keep, IMO. There's a separate macro for that, hid_dbg_ratelimited(), which is surprisingly not used anywhere at the moment as far as I can grep, but it should do the job.
Thanks for the bug and the review.
However, I've got a proper fix which restores the original behavior
while still preventing the OOWM write. It should be out today or
tomorrow.
Cheers,
Benjamin
>
> > ret = -EINVAL;
> > goto out;
> > }
> >
>
>
> --
> Oleksandr Natalenko, MSE
prev parent reply other threads:[~2026-04-15 8:24 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-14 21:41 [PATCH] HID: core: downgrade short report warning to debug level Anj Duvnjak
2026-04-14 21:50 ` Oleksandr Natalenko
2026-04-15 8:24 ` Benjamin Tissoires [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ad9LBakFHEHD-K9C@beelink \
--to=bentiss@kernel.org \
--cc=avian@extremenerds.net \
--cc=benjamin.tissoires@redhat.com \
--cc=jikos@kernel.org \
--cc=lee@kernel.org \
--cc=linux-input@vger.kernel.org \
--cc=oleksandr@natalenko.name \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.