From linux-kernel@vger.kernel.org Thu Dec 18 21:54:39 2003 Date: Wed, 10 Dec 2003 20:30:50 +0000 From: Linux Kernel Mailing List To: bk-commits-24@vger.kernel.org Subject: [PATCH] Fix rtc leak ChangeSet 1.1273, 2003/12/10 18:30:50-02:00, trini@mvista.com [PATCH] Fix rtc leak ===== arch/cris/drivers/ds1302.c 1.6 vs edited ===== # This patch includes the following deltas: # ChangeSet 1.1272 -> 1.1273 # arch/m68k/bvme6000/rtc.c 1.6 -> 1.7 # drivers/char/mips_rtc.c 1.1 -> 1.2 # drivers/sbus/char/rtc.c 1.8 -> 1.9 # drivers/char/ds1286.c 1.9 -> 1.10 # drivers/char/rtc.c 1.14 -> 1.15 # drivers/char/ip27-rtc.c 1.5 -> 1.6 # arch/cris/drivers/pcf8563.c 1.3 -> 1.4 # drivers/hil/hp_sdc_rtc.c 1.2 -> 1.3 # drivers/char/efirtc.c 1.5 -> 1.6 # arch/cris/drivers/ds1302.c 1.6 -> 1.7 # drivers/macintosh/rtc.c 1.6 -> 1.7 # drivers/acorn/char/i2c.c 1.3 -> 1.4 # arch/ppc64/kernel/rtc.c 1.2 -> 1.3 # arch/m68k/mvme16x/rtc.c 1.4 -> 1.5 # arch/cris/drivers/ds1302.c | 1 + arch/cris/drivers/pcf8563.c | 1 + arch/m68k/bvme6000/rtc.c | 1 + arch/m68k/mvme16x/rtc.c | 1 + arch/ppc64/kernel/rtc.c | 1 + drivers/acorn/char/i2c.c | 1 + drivers/char/ds1286.c | 3 ++- drivers/char/efirtc.c | 1 + drivers/char/ip27-rtc.c | 1 + drivers/char/mips_rtc.c | 1 + drivers/char/rtc.c | 3 ++- drivers/hil/hp_sdc_rtc.c | 2 ++ drivers/macintosh/rtc.c | 1 + drivers/sbus/char/rtc.c | 1 + 14 files changed, 17 insertions(+), 2 deletions(-) diff -ruN linux-2.4.23/arch/cris/drivers/ds1302.c linux-2.4.23.patched/arch/cris/drivers/ds1302.c --- linux-2.4.23/arch/cris/drivers/ds1302.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/arch/cris/drivers/ds1302.c Thu Dec 18 23:53:32 2003 @@ -346,6 +346,7 @@ { struct rtc_time rtc_tm; + memset(&rtc_tm, 0, sizeof (struct rtc_time)); get_rtc_time(&rtc_tm); if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time))) return -EFAULT; diff -ruN linux-2.4.23/arch/cris/drivers/pcf8563.c linux-2.4.23.patched/arch/cris/drivers/pcf8563.c --- linux-2.4.23/arch/cris/drivers/pcf8563.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/arch/cris/drivers/pcf8563.c Thu Dec 18 23:53:32 2003 @@ -220,6 +220,7 @@ { struct rtc_time tm; + memset(&tm, 0, sizeof (struct rtc_time)); get_rtc_time(&tm); if (copy_to_user((struct rtc_time *) arg, &tm, sizeof tm)) { diff -ruN linux-2.4.23/arch/m68k/bvme6000/rtc.c linux-2.4.23.patched/arch/m68k/bvme6000/rtc.c --- linux-2.4.23/arch/m68k/bvme6000/rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/arch/m68k/bvme6000/rtc.c Thu Dec 18 23:53:32 2003 @@ -54,6 +54,7 @@ /* Ensure clock and real-time-mode-register are accessible */ msr = rtc->msr & 0xc0; rtc->msr = 0x40; + memset(&wtime, 0, sizeof(struct rtc_time)); do { wtime.tm_sec = BCD2BIN(rtc->bcd_sec); wtime.tm_min = BCD2BIN(rtc->bcd_min); diff -ruN linux-2.4.23/arch/m68k/mvme16x/rtc.c linux-2.4.23.patched/arch/m68k/mvme16x/rtc.c --- linux-2.4.23/arch/m68k/mvme16x/rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/arch/m68k/mvme16x/rtc.c Thu Dec 18 23:53:32 2003 @@ -52,6 +52,7 @@ cli(); /* Ensure clock and real-time-mode-register are accessible */ rtc->ctrl = RTC_READ; + memset(&wtime, 0, sizeof(struct rtc_time)); wtime.tm_sec = BCD2BIN(rtc->bcd_sec); wtime.tm_min = BCD2BIN(rtc->bcd_min); wtime.tm_hour = BCD2BIN(rtc->bcd_hr); diff -ruN linux-2.4.23/arch/ppc64/kernel/rtc.c linux-2.4.23.patched/arch/ppc64/kernel/rtc.c --- linux-2.4.23/arch/ppc64/kernel/rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/arch/ppc64/kernel/rtc.c Thu Dec 18 23:53:32 2003 @@ -96,6 +96,7 @@ switch (cmd) { case RTC_RD_TIME: /* Read the time/date from RTC */ { + memset(&wtime, 0, sizeof(struct rtc_time)); ppc_md.get_rtc_time(&wtime); break; } diff -ruN linux-2.4.23/drivers/acorn/char/i2c.c linux-2.4.23.patched/drivers/acorn/char/i2c.c --- linux-2.4.23/drivers/acorn/char/i2c.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/acorn/char/i2c.c Thu Dec 18 23:53:32 2003 @@ -166,6 +166,7 @@ break; case RTC_RD_TIME: + memset(&rtctm, 0, sizeof(struct rtc_time)); get_rtc_time(&rtc_raw, &year); rtctm.tm_sec = rtc_raw.secs; rtctm.tm_min = rtc_raw.mins; diff -ruN linux-2.4.23/drivers/char/ds1286.c linux-2.4.23.patched/drivers/char/ds1286.c --- linux-2.4.23/drivers/char/ds1286.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/char/ds1286.c Thu Dec 18 23:53:32 2003 @@ -173,7 +173,7 @@ * means "don't care" or "match all". Only the tm_hour, * tm_min, and tm_sec values are filled in. */ - + memset(&wtime, 0, sizeof(struct rtc_time)); ds1286_get_alm_time(&wtime); break; } @@ -216,6 +216,7 @@ } case RTC_RD_TIME: /* Read the time/date from RTC */ { + memset(&wtime, 0, sizeof(struct rtc_time)); ds1286_get_time(&wtime); break; } diff -ruN linux-2.4.23/drivers/char/efirtc.c linux-2.4.23.patched/drivers/char/efirtc.c --- linux-2.4.23/drivers/char/efirtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/char/efirtc.c Thu Dec 18 23:53:32 2003 @@ -118,6 +118,7 @@ static void convert_from_efi_time(efi_time_t *eft, struct rtc_time *wtime) { + memset(&wtime, 0, sizeof(struct rtc_time)); wtime->tm_sec = eft->second; wtime->tm_min = eft->minute; wtime->tm_hour = eft->hour; diff -ruN linux-2.4.23/drivers/char/ip27-rtc.c linux-2.4.23.patched/drivers/char/ip27-rtc.c --- linux-2.4.23/drivers/char/ip27-rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/char/ip27-rtc.c Thu Dec 18 23:53:32 2003 @@ -83,6 +83,7 @@ switch (cmd) { case RTC_RD_TIME: /* Read the time/date from RTC */ { + memset(&wtime, 0, sizeof(struct rtc_time)); get_rtc_time(&wtime); break; } diff -ruN linux-2.4.23/drivers/char/mips_rtc.c linux-2.4.23.patched/drivers/char/mips_rtc.c --- linux-2.4.23/drivers/char/mips_rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/char/mips_rtc.c Thu Dec 18 23:53:32 2003 @@ -82,6 +82,7 @@ switch (cmd) { case RTC_RD_TIME: /* Read the time/date from RTC */ + memset(&rtc_tm, 0, sizeof(struct rtc_time)); curr_time = rtc_get_time(); to_tm(curr_time, &rtc_tm); rtc_tm.tm_year -= 1900; diff -ruN linux-2.4.23/drivers/char/rtc.c linux-2.4.23.patched/drivers/char/rtc.c --- linux-2.4.23/drivers/char/rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/char/rtc.c Thu Dec 18 23:53:32 2003 @@ -362,7 +362,7 @@ * means "don't care" or "match all". Only the tm_hour, * tm_min, and tm_sec values are filled in. */ - + memset(&wtime, 0, sizeof(struct rtc_time)); get_rtc_alm_time(&wtime); break; } @@ -406,6 +406,7 @@ } case RTC_RD_TIME: /* Read the time/date from RTC */ { + memset(&wtime, 0, sizeof(struct rtc_time)); get_rtc_time(&wtime); break; } diff -ruN linux-2.4.23/drivers/hil/hp_sdc_rtc.c linux-2.4.23.patched/drivers/hil/hp_sdc_rtc.c --- linux-2.4.23/drivers/hil/hp_sdc_rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/hil/hp_sdc_rtc.c Thu Dec 18 23:53:32 2003 @@ -561,6 +561,7 @@ } case RTC_ALM_READ: /* Read the present alarm time */ { + memset(&ttime, 0, sizeof(struct timeval)); if (hp_sdc_rtc_read_mt(&ttime)) return -EFAULT; break; } @@ -609,6 +610,7 @@ } case RTC_RD_TIME: /* Read the time/date from RTC */ { + memset(&wtime, 0, sizeof(struct rtc_time)); if (hp_sdc_rtc_read_bbrtc(&wtime)) return -EFAULT; break; } diff -ruN linux-2.4.23/drivers/macintosh/rtc.c linux-2.4.23.patched/drivers/macintosh/rtc.c --- linux-2.4.23/drivers/macintosh/rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/macintosh/rtc.c Thu Dec 18 23:53:32 2003 @@ -64,6 +64,7 @@ case RTC_RD_TIME: if (ppc_md.get_rtc_time) { + memset(&rtc_tm, 0, sizeof(struct rtc_time)); get_rtc_time(&rtc_tm); if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time))) diff -ruN linux-2.4.23/drivers/sbus/char/rtc.c linux-2.4.23.patched/drivers/sbus/char/rtc.c --- linux-2.4.23/drivers/sbus/char/rtc.c Thu Dec 18 23:52:46 2003 +++ linux-2.4.23.patched/drivers/sbus/char/rtc.c Thu Dec 18 23:53:32 2003 @@ -89,6 +89,7 @@ switch (cmd) { case RTCGET: + memset(&rtc_tm, 0, sizeof(struct rtc_time)); get_rtc_time(&rtc_tm); if (copy_to_user((struct rtc_time*)arg, &rtc_tm, sizeof(struct rtc_time))) From bjorn.helgaas@hp.com Wed Dec 17 23:08:00 2003 Date: Wed, 17 Dec 2003 15:02:37 -0700 From: Bjorn Helgaas To: Marcelo Tosatti Cc: trini@mvista.com, linux-kernel@vger.kernel.org Subject: [PATCH] Fix 2.4 EFI RTC oops This recent change to 2.4: ChangeSet@1.1069.155.3, 2003-12-10 18:30:50-02:00, trini@mvista.com [PATCH] Fix rtc leak ===== arch/cris/drivers/ds1302.c 1.6 vs edited ===== broke efirtc.c (it causes a null pointer dereference on ia64). The fix is below. Please apply. Bjorn P.S. The changeset above doesn't appear to be in 2.6 yet. If/when you submit it for 2.6, you might consider using this style: memset(&wtime, 0, sizeof(wtime)); memset(wtime, 0, sizeof(*wtime)); which is more obviously correct than: memset(&wtime, 0, sizeof(struct rtc_time)); memset(wtime, 0, sizeof(struct rtc_time)); ===== drivers/char/efirtc.c 1.6 vs edited ===== --- 1.6/drivers/char/efirtc.c Fri Oct 24 04:35:10 2003 +++ edited/drivers/char/efirtc.c Wed Dec 17 14:33:08 2003 @@ -118,7 +118,7 @@ static void convert_from_efi_time(efi_time_t *eft, struct rtc_time *wtime) { - memset(&wtime, 0, sizeof(struct rtc_time)); + memset(wtime, 0, sizeof(struct rtc_time)); wtime->tm_sec = eft->second; wtime->tm_min = eft->minute; wtime->tm_hour = eft->hour; - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/