[PATCH V1] rtc: da9053: fix access ordering error during RTC interrupt at system power on

From: Steve Twiss
Date: Thu Apr 14 2016 - 07:10:38 EST


From: Steve Twiss <stwiss.opensource@xxxxxxxxxxx>

This fix alters the ordering of the IRQ and device registrations in the RTC
driver probe function. This change will apply to the RTC driver that supports
both DA9052 and DA9053 PMICs.

A problem could occur with the existing RTC driver if:

A system is started from a cold boot using the PMIC RTC IRQ to initiate a
power on operation. For instance, if an RTC alarm is used to start a
platform from power off.
The existing driver IRQ is requested before the device has been properly
registered.

i.e.
ret = da9052_request_irq()
comes before
rtc->rtc = devm_rtc_device_register();

In this case, an interrupt exists before the device has been registered and
the IRQ handler can be called immediately: this can happen be before the
memory for rtc->rtc has been allocated. The IRQ handler da9052_rtc_irq()
contains the function call:

rtc_update_irq(rtc->rtc, 1, RTC_IRQF | RTC_AF);

which in turn tries to access the unavailable rtc->rtc.

The fix is to reorder the functions inside the RTC probe. The IRQ is
requested after the RTC device resource has been registered so that
da9052_request_irq() is the last thing to happen.

Signed-off-by: Steve Twiss <stwiss.opensource@xxxxxxxxxxx>

---
This patch applies against linux-next and v4.6-rc3

This wake-up IRQ fault is similar to the one previously fixed in the
DA9063 and DA9062 driver code.

See reference:
commit 77535acedc26627f16a1a39c1471f942689fe11e
Author: Steve Twiss <stwiss.opensource@xxxxxxxxxxx>
Date: Tue Dec 8 16:28:39 2015 +0000

Regards,
Steve


drivers/rtc/rtc-da9052.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/drivers/rtc/rtc-da9052.c b/drivers/rtc/rtc-da9052.c
index 1ba4371..a20bcf0 100644
--- a/drivers/rtc/rtc-da9052.c
+++ b/drivers/rtc/rtc-da9052.c
@@ -302,6 +302,13 @@ static int da9052_rtc_probe(struct platform_device *pdev)
if (ret != 0)
rtc_err(rtc, "Failed to disable TICKS: %d\n", ret);

+ device_init_wakeup(&pdev->dev, true);
+ rtc->rtc = devm_rtc_device_register(&pdev->dev, pdev->name,
+ &da9052_rtc_ops, THIS_MODULE);
+
+ if (IS_ERR(rtc->rtc))
+ return PTR_ERR(rtc->rtc);
+
ret = da9052_request_irq(rtc->da9052, DA9052_IRQ_ALARM, "ALM",
da9052_rtc_irq, rtc);
if (ret != 0) {
@@ -309,11 +316,7 @@ static int da9052_rtc_probe(struct platform_device *pdev)
return ret;
}

- device_init_wakeup(&pdev->dev, true);
-
- rtc->rtc = devm_rtc_device_register(&pdev->dev, pdev->name,
- &da9052_rtc_ops, THIS_MODULE);
- return PTR_ERR_OR_ZERO(rtc->rtc);
+ return 0;
}

static struct platform_driver da9052_rtc_driver = {
--
end-of-patch for PATCH V1