un-register kbd driver in case of USB kbd unplug.

If a USB keyboard is unplugged, the keyboard eventhandler is never removed, and events will continue to be passed through to the device, causing crashes or memory corruption. Signed-off-by: Jes Sorensen <Jes.Sorensen@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-06-08 15:12:18 +02:00 · 2010-06-08 15:12:18 +02:00 · 46aaebff40
parent 55541c8afc
commit 46aaebff40
3 changed files with 13 additions and 2 deletions
--- a/console.h
+++ b/console.h
@ -42,6 +42,7 @@ typedef struct QEMUPutLEDEntry {
 } QEMUPutLEDEntry;

 void qemu_add_kbd_event_handler(QEMUPutKBDEvent *func, void *opaque);
+void qemu_remove_kbd_event_handler(void);
 QEMUPutMouseEntry *qemu_add_mouse_event_handler(QEMUPutMouseEvent *func,
                                                void *opaque, int absolute,
                                                const char *name);
--- a/hw/usb-hid.c
+++ b/hw/usb-hid.c
@ -855,9 +855,13 @@ static void usb_hid_handle_destroy(USBDevice *dev)
 {
    USBHIDState *s = (USBHIDState *)dev;

-    if (s->kind != USB_KEYBOARD)
+    switch(s->kind) {
+    case USB_KEYBOARD:
+        qemu_remove_kbd_event_handler();
+        break;
+    default:
        qemu_remove_mouse_event_handler(s->ptr.eh_entry);
-    /* TODO: else */
+    }
 }

 static int usb_hid_initfn(USBDevice *dev, int kind)
--- a/input.c
+++ b/input.c
@ -42,6 +42,12 @@ void qemu_add_kbd_event_handler(QEMUPutKBDEvent *func, void *opaque)
    qemu_put_kbd_event = func;
 }

+void qemu_remove_kbd_event_handler(void)
+{
+    qemu_put_kbd_event_opaque = NULL;
+    qemu_put_kbd_event = NULL;
+}
+
 static void check_mode_change(void)
 {
    static int current_is_absolute, current_has_absolute;