From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1LKXot-0005Y9-J2
	for qemu-devel@nongnu.org; Wed, 07 Jan 2009 07:47:35 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1LKXos-0005Xx-51
	for qemu-devel@nongnu.org; Wed, 07 Jan 2009 07:47:35 -0500
Received: from [199.232.76.173] (port=35896 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1LKXor-0005Xu-VC
	for qemu-devel@nongnu.org; Wed, 07 Jan 2009 07:47:34 -0500
Received: from smtp.eu.citrix.com ([62.200.22.115]:15799)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <Stefano.Stabellini@eu.citrix.com>)
	id 1LKXor-0007oh-IV
	for qemu-devel@nongnu.org; Wed, 07 Jan 2009 07:47:33 -0500
Message-ID: <4964A405.50801@eu.citrix.com>
Date: Wed, 07 Jan 2009 12:45:57 +0000
From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] [PATCH] fix usb-hid SET_IDLE behaviour
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>

Hi all,
the usb-hid spec states that the SET_IDLE request has a 16bit value,
where the upper byte specifies the idle rate (currently unimplemented,
we handle only the 0 case, meaning infinite duration) and the lower
byte specifies the report id (0 means all reports).
In our code we do idle = value, while it should be idle = "upper byte",
especially if the guest issues a GET_IDLE, we should return only the
idle rate while we are returning only the report id.
In practice it doesn't make much difference because I have only seen
SET_VALUE with both bytes set to 0 so far, but still it is wrong.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>

---

diff --git a/hw/usb-hid.c b/hw/usb-hid.c
index 972543f..76fdce6 100644
--- a/hw/usb-hid.c
+++ b/hw/usb-hid.c
@@ -65,7 +65,7 @@ typedef struct USBHIDState {
     };
     int kind;
     int protocol;
-    int idle;
+    uint8_t idle;
     int changed;
     void *datain_opaque;
     void (*datain)(void *);
@@ -794,7 +794,7 @@ static int usb_hid_handle_control(USBDevice *dev, int request, int value,
         data[0] = s->idle;
         break;
     case SET_IDLE:
-        s->idle = value;
+        s->idle = (uint8_t) (value >> 8);
         ret = 0;
         break;
     default: