From: Thomas Gleixner <[email protected]> The code checks the correctness of the parameters, but unconditionally arms/disarms the hrtimer.
The result is that a random task might arm/disarm rtc timer and surprise the real owner by either generating events or by stopping them. Signed-off-by: Thomas Gleixner <[email protected]> Cc: John Stultz <[email protected]> Cc: Ingo Molnar <[email protected]> Cc: Ben Greear <[email protected]> Cc: <[email protected]> Signed-off-by: Andrew Morton <[email protected]> --- drivers/rtc/interface.c | 3 +++ 1 file changed, 3 insertions(+) diff -puN drivers/rtc/interface.c~rtc-handle-errors-correctly-in-rtc_irq_set_state drivers/rtc/interface.c --- a/drivers/rtc/interface.c~rtc-handle-errors-correctly-in-rtc_irq_set_state +++ a/drivers/rtc/interface.c @@ -656,6 +656,8 @@ int rtc_irq_set_state(struct rtc_device err = -EBUSY; if (rtc->irq_task != task) err = -EACCES; + if (err) + goto out; if (enabled) { ktime_t period = ktime_set(0, NSEC_PER_SEC/rtc->irq_freq); @@ -664,6 +666,7 @@ int rtc_irq_set_state(struct rtc_device hrtimer_cancel(&rtc->pie_timer); } rtc->pie_enabled = enabled; +out: spin_unlock_irqrestore(&rtc->irq_task_lock, flags); return err; _ _______________________________________________ stable mailing list [email protected] http://linux.kernel.org/mailman/listinfo/stable
