diff options
author | Sascha Hauer <s.hauer@pengutronix.de> | 2022-11-23 10:55:27 +0100 |
---|---|---|
committer | Alexandre Belloni <alexandre.belloni@bootlin.com> | 2023-02-09 23:01:49 +0100 |
commit | e5c594233fcf1a55a439dec103aa815cdbf392a7 (patch) | |
tree | 7050bb9d95aafa01a1bc374fa12efcacab588237 | |
parent | include/linux/bcd.h: provide bcd_is_valid() helper (diff) | |
download | linux-e5c594233fcf1a55a439dec103aa815cdbf392a7.tar.xz linux-e5c594233fcf1a55a439dec103aa815cdbf392a7.zip |
rtc: rv8803: invalidate date/time if alarm time is invalid
RTC core never calls rv8803_set_alarm with an invalid alarm time,
so if an invalid alarm time > 0 is set, external factors must have
corrupted the RTC's alarm time and possibly other registers.
Play it safe by marking the date/time invalid, so all registers are
reinitialized on a ->set_time.
This may cause existing setups to lose time if they so far set only
date/time, but ignored that the alarm registers had an invalid date
value, e.g.:
rtc rtc0: invalid alarm value: 2020-3-27 7:82:0
These systems will have their ->get_time return -EINVAL till
->set_time initializes the alarm value (and sets a new time).
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Link: https://lore.kernel.org/r/20221123095527.2771434-3-s.hauer@pengutronix.de
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
-rw-r--r-- | drivers/rtc/rtc-rv8803.c | 45 |
1 files changed, 38 insertions, 7 deletions
diff --git a/drivers/rtc/rtc-rv8803.c b/drivers/rtc/rtc-rv8803.c index 53d1de01b719..25c3b9e4f515 100644 --- a/drivers/rtc/rtc-rv8803.c +++ b/drivers/rtc/rtc-rv8803.c @@ -70,6 +70,7 @@ struct rv8803_data { struct mutex flags_lock; u8 ctrl; u8 backup; + u8 alarm_invalid:1; enum rv8803_type type; }; @@ -165,13 +166,13 @@ static int rv8803_regs_init(struct rv8803_data *rv8803) static int rv8803_regs_configure(struct rv8803_data *rv8803); -static int rv8803_regs_reset(struct rv8803_data *rv8803) +static int rv8803_regs_reset(struct rv8803_data *rv8803, bool full) { /* * The RV-8803 resets all registers to POR defaults after voltage-loss, * the Epson RTCs don't, so we manually reset the remainder here. */ - if (rv8803->type == rx_8803 || rv8803->type == rx_8900) { + if (full || rv8803->type == rx_8803 || rv8803->type == rx_8900) { int ret = rv8803_regs_init(rv8803); if (ret) return ret; @@ -238,6 +239,11 @@ static int rv8803_get_time(struct device *dev, struct rtc_time *tm) u8 *date = date1; int ret, flags; + if (rv8803->alarm_invalid) { + dev_warn(dev, "Corruption detected, data may be invalid.\n"); + return -EINVAL; + } + flags = rv8803_read_reg(rv8803->client, RV8803_FLAG); if (flags < 0) return flags; @@ -313,12 +319,19 @@ static int rv8803_set_time(struct device *dev, struct rtc_time *tm) return flags; } - if (flags & RV8803_FLAG_V2F) { - ret = rv8803_regs_reset(rv8803); + if ((flags & RV8803_FLAG_V2F) || rv8803->alarm_invalid) { + /* + * If we sense corruption in the alarm registers, but see no + * voltage loss flag, we can't rely on other registers having + * sensible values. Reset them fully. + */ + ret = rv8803_regs_reset(rv8803, rv8803->alarm_invalid); if (ret) { mutex_unlock(&rv8803->flags_lock); return ret; } + + rv8803->alarm_invalid = false; } ret = rv8803_write_reg(rv8803->client, RV8803_FLAG, @@ -344,15 +357,33 @@ static int rv8803_get_alarm(struct device *dev, struct rtc_wkalrm *alrm) if (flags < 0) return flags; + alarmvals[0] &= 0x7f; + alarmvals[1] &= 0x3f; + alarmvals[2] &= 0x3f; + + if (!bcd_is_valid(alarmvals[0]) || + !bcd_is_valid(alarmvals[1]) || + !bcd_is_valid(alarmvals[2])) + goto err_invalid; + alrm->time.tm_sec = 0; - alrm->time.tm_min = bcd2bin(alarmvals[0] & 0x7f); - alrm->time.tm_hour = bcd2bin(alarmvals[1] & 0x3f); - alrm->time.tm_mday = bcd2bin(alarmvals[2] & 0x3f); + alrm->time.tm_min = bcd2bin(alarmvals[0]); + alrm->time.tm_hour = bcd2bin(alarmvals[1]); + alrm->time.tm_mday = bcd2bin(alarmvals[2]); alrm->enabled = !!(rv8803->ctrl & RV8803_CTRL_AIE); alrm->pending = (flags & RV8803_FLAG_AF) && alrm->enabled; + if ((unsigned int)alrm->time.tm_mday > 31 || + (unsigned int)alrm->time.tm_hour >= 24 || + (unsigned int)alrm->time.tm_min >= 60) + goto err_invalid; + return 0; + +err_invalid: + rv8803->alarm_invalid = true; + return -EINVAL; } static int rv8803_set_alarm(struct device *dev, struct rtc_wkalrm *alrm) |