ec/google/chromeec: Fix uninitialized buffer in cbi_get_uint32()

Commit e59c5abd13 ("ec/google/chromeec: Add
EC_GOOGLE_CHROMEEC_FW_CONFIG_FROM_UFSC") refactored cbi_get_uint32() to
write directly to the caller's buffer instead of using a local variable.
This caused uninitialized memory (containing garbage addresses) to be
passed to the EC as the return buffer during CBI reads.

In the case of google/zork, the call to
google_chromeec_cbi_get_board_version() returned garbage data (e.g.,
0xae6ccd05 vs 0x5)  which caused incorrect code paths to be taken:

- variant_override_gpio_table() selected wrong GPIO tables based on
  invalid board version comparisons
- variant_touchscreen_update() skipped touchscreen GPIO configuration
  because variant_uses_v3_6_schematics() returned true for garbage
  values
- variant_uses_codec_gpi() returned wrong value, preventing
  headphone jack interrupt setup

These misconfigurations caused input devices (touchpad, touchscreen,
trackpoint) to be non-functional, despite being detected by the OS.

The fix restores the original behavior by using a local variable
initialized to 0, ensuring a clean buffer is always passed to the EC.

TEST=build/boot google/zork, verify board version is read correctly,
all input devices functional under Linux/Windows.

Change-Id: Ia7be0bcc588075ab5c994edc3d68e979cc01ac79
Signed-off-by: Matt DeVillier <matt.devillier@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/90761
Reviewed-by: Yu-Ping Wu <yupingso@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>

src/ec/google/chromeec/ec.c

@@ -841,7 +841,12 @@ static int cbi_read(void *buf, size_t bufsize, uint32_t tag, bool check_size)
 
 static int cbi_get_uint32(uint32_t *id, uint32_t tag)
 {
-	return cbi_read(id, sizeof(*id), tag, true);
+	uint32_t r = 0;
+	int rv = cbi_read(&r, sizeof(r), tag, true);
+	if (rv)
+		return rv;
+	*id = r;
+	return 0;
 }
 
 int google_chromeec_cbi_get_sku_id(uint32_t *id)