From f8245c26886c912627ebc49f714e4491261224c4 Mon Sep 17 00:00:00 2001 From: David Brownell Date: Tue, 8 May 2007 00:34:07 -0700 Subject: [PATCH] rtc: remove "RTC_ALM_SET mode" bugs This fixes a common glitch in how RTC drivers handle two "set alarm" modes, by getting rid of the surprising/hidden one that was rarely implemented correctly (and which could expose nonportable hardware-specific behavior). The glitch comes from the /dev/rtcX logic implementing the legacy RTC_ALM_SET (limited to 24 hours, needing RTC_AIE_ON) ioctl on top of the RTC driver call providing access to the newer RTC_WKALM_SET (without those limitations) by initializing the day/month/year fields to be invalid ... that second mode. Now, since few RTC drivers check those fields, and most hardware misbehaves when faced with invalid date fields, many RTC drivers will set bogus alarm times on those RTC_ALM_SET code paths. (Several in-tree drivers have that issue, and I also noticed it with code reviews on several new RTC drivers.) This patch ensures that RTC drivers never see such invalid alarm fields, by moving some logic out of rtc-omap into the RTC_ALM_SET code and adding an explicit check (which will prevent the issue on other code paths). Signed-off-by: David Brownell Cc: Scott Wood Cc: Alessandro Zummo Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- Documentation/rtc.txt | 7 ++----- drivers/rtc/interface.c | 4 ++++ drivers/rtc/rtc-dev.c | 42 +++++++++++++++++++++++++++++++++++++++--- drivers/rtc/rtc-omap.c | 28 ---------------------------- 4 files changed, 45 insertions(+), 36 deletions(-) diff --git a/Documentation/rtc.txt b/Documentation/rtc.txt index 1ef6bb8..7c701b8 100644 --- a/Documentation/rtc.txt +++ b/Documentation/rtc.txt @@ -147,7 +147,7 @@ RTC class framework, but can't be supported by the older driver. * RTC_AIE_ON, RTC_AIE_OFF, RTC_ALM_SET, RTC_ALM_READ ... when the RTC is connected to an IRQ line, it can often issue an alarm IRQ up to - 24 hours in the future. + 24 hours in the future. (Use RTC_WKALM_* by preference.) * RTC_WKALM_SET, RTC_WKALM_RD ... RTCs that can issue alarms beyond the next 24 hours use a slightly more powerful API, which supports @@ -175,10 +175,7 @@ driver returns ENOIOCTLCMD. Some common examples: called with appropriate values. * RTC_ALM_SET, RTC_ALM_READ, RTC_WKALM_SET, RTC_WKALM_RD: the - set_alarm/read_alarm functions will be called. To differentiate - between the ALM and WKALM, check the larger fields of the rtc_wkalrm - struct (like tm_year). These will be set to -1 when using ALM and - will be set to proper values when using WKALM. + set_alarm/read_alarm functions will be called. * RTC_IRQP_SET, RTC_IRQP_READ: the irq_set_freq function will be called to set the frequency while the framework will handle the read for you diff --git a/drivers/rtc/interface.c b/drivers/rtc/interface.c index b5cc5f8..ad66c6e 100644 --- a/drivers/rtc/interface.c +++ b/drivers/rtc/interface.c @@ -125,6 +125,10 @@ int rtc_set_alarm(struct rtc_device *rtc, struct rtc_wkalrm *alarm) { int err; + err = rtc_valid_tm(&alarm->time); + if (err != 0) + return err; + err = mutex_lock_interruptible(&rtc->ops_lock); if (err) return -EBUSY; diff --git a/drivers/rtc/rtc-dev.c b/drivers/rtc/rtc-dev.c index 671b14e..f4e5f00 100644 --- a/drivers/rtc/rtc-dev.c +++ b/drivers/rtc/rtc-dev.c @@ -277,12 +277,48 @@ static int rtc_dev_ioctl(struct inode *inode, struct file *file, alarm.enabled = 0; alarm.pending = 0; - alarm.time.tm_mday = -1; - alarm.time.tm_mon = -1; - alarm.time.tm_year = -1; alarm.time.tm_wday = -1; alarm.time.tm_yday = -1; alarm.time.tm_isdst = -1; + + /* RTC_ALM_SET alarms may be up to 24 hours in the future. + * Rather than expecting every RTC to implement "don't care" + * for day/month/year fields, just force the alarm to have + * the right values for those fields. + * + * RTC_WKALM_SET should be used instead. Not only does it + * eliminate the need for a separate RTC_AIE_ON call, it + * doesn't have the "alarm 23:59:59 in the future" race. + * + * NOTE: some legacy code may have used invalid fields as + * wildcards, exposing hardware "periodic alarm" capabilities. + * Not supported here. + */ + { + unsigned long now, then; + + err = rtc_read_time(rtc, &tm); + if (err < 0) + return err; + rtc_tm_to_time(&tm, &now); + + alarm.time.tm_mday = tm.tm_mday; + alarm.time.tm_mon = tm.tm_mon; + alarm.time.tm_year = tm.tm_year; + err = rtc_valid_tm(&alarm.time); + if (err < 0) + return err; + rtc_tm_to_time(&alarm.time, &then); + + /* alarm may need to wrap into tomorrow */ + if (then < now) { + rtc_time_to_tm(now + 24 * 60 * 60, &tm); + alarm.time.tm_mday = tm.tm_mday; + alarm.time.tm_mon = tm.tm_mon; + alarm.time.tm_year = tm.tm_year; + } + } + err = rtc_set_alarm(rtc, &alarm); break; diff --git a/drivers/rtc/rtc-omap.c b/drivers/rtc/rtc-omap.c index e6c7b01..60a8a4b 100644 --- a/drivers/rtc/rtc-omap.c +++ b/drivers/rtc/rtc-omap.c @@ -289,34 +289,6 @@ static int omap_rtc_set_alarm(struct device *dev, struct rtc_wkalrm *alm) { u8 reg; - /* Much userspace code uses RTC_ALM_SET, thus "don't care" for - * day/month/year specifies alarms up to 24 hours in the future. - * So we need to handle that ... but let's ignore the "don't care" - * values for hours/minutes/seconds. - */ - if (alm->time.tm_mday <= 0 - && alm->time.tm_mon < 0 - && alm->time.tm_year < 0) { - struct rtc_time tm; - unsigned long now, then; - - omap_rtc_read_time(dev, &tm); - rtc_tm_to_time(&tm, &now); - - alm->time.tm_mday = tm.tm_mday; - alm->time.tm_mon = tm.tm_mon; - alm->time.tm_year = tm.tm_year; - rtc_tm_to_time(&alm->time, &then); - - /* sometimes the alarm wraps into tomorrow */ - if (then < now) { - rtc_time_to_tm(now + 24 * 60 * 60, &tm); - alm->time.tm_mday = tm.tm_mday; - alm->time.tm_mon = tm.tm_mon; - alm->time.tm_year = tm.tm_year; - } - } - if (tm2bcd(&alm->time) < 0) return -EINVAL; -- 2.7.4