Gitiles
Code Review Sign In
review.evervolv.com / android_kernel_htc_msm8960 / 45008a696e561be8969a271a4bdb6d9be55563d8^! / . / arch / arm / mach-msm / ipc_router.c
commit45008a696e561be8969a271a4bdb6d9be55563d8[log] [tgz]
authorKarthikeyan Ramasubramanian <kramasub@codeaurora.org>Fri Jul 19 15:58:38 2013 -0600
committerKarthikeyan Ramasubramanian <kramasub@codeaurora.org>Fri Aug 09 11:22:16 2013 -0600
tree86e01096633f176bccdd4f731d8aeea5577c6073
parent0f73f43892bc2076b431fc499b29c1d3f8377485 [diff] [blame]
msm: ipc: Initialize unused elements of control message to 0

Initialize the entire control message to 0, so that unused elements of
a control message are initialized to 0. This will prevent any uninitialized
elements from leaking information to the remote subsystems.

Change-Id: I910f3956e8f282e614216c45f7af92d741d887f8
Signed-off-by: Karthikeyan Ramasubramanian <kramasub@codeaurora.org>

diff --git a/arch/arm/mach-msm/ipc_router.c b/arch/arm/mach-msm/ipc_router.c
index aeaab3b..37ba457 100644
--- a/arch/arm/mach-msm/ipc_router.c
+++ b/arch/arm/mach-msm/ipc_router.c

@@ -1013,6 +1013,7 @@
 		return -EINVAL;
 	}
 
+	memset(&ctl, 0, sizeof(ctl));
 	ctl.cmd = IPC_ROUTER_CTRL_CMD_NEW_SERVER;
 
 	for (i = 0; i < SRV_HASH_SIZE; i++) {
@@ -1241,6 +1242,7 @@
 	mode = mode_info->mode;
 	xprt_info = mode_info->xprt_info;
 
+	memset(&msg, 0, sizeof(msg));
 	msg.cmd = IPC_ROUTER_CTRL_CMD_REMOVE_CLIENT;
 	msg.cli.node_id = node_id;
 	msg.cli.port_id = port_id;
@@ -1295,6 +1297,7 @@
 	D("Remove server %08x:%08x - %08x:%08x",
 	   server->name.service, server->name.instance,
 	   rport_ptr->node_id, rport_ptr->port_id);
+	memset(&ctl, 0, sizeof(ctl));
 	ctl.cmd = IPC_ROUTER_CTRL_CMD_REMOVE_SERVER;
 	ctl.srv.service = server->name.service;
 	ctl.srv.instance = server->name.instance;
@@ -1313,6 +1316,7 @@
 	union rr_control_msg ctl;
 	int j;
 
+	memset(&ctl, 0, sizeof(ctl));
 	for (j = 0; j < RP_HASH_SIZE; j++) {
 		list_for_each_entry_safe(rport_ptr, tmp_rport_ptr,
 				&rt_entry->remote_port_list[j], list) {
@@ -1847,7 +1851,7 @@
 process_done:
 		if (resume_tx) {
 			union rr_control_msg msg;
-
+			memset(&msg, 0, sizeof(msg));
 			msg.cmd = IPC_ROUTER_CTRL_CMD_RESUME_TX;
 			msg.cli.node_id = resume_tx_node_id;
 			msg.cli.port_id = resume_tx_port_id;
@@ -1900,6 +1904,7 @@
 		return -EINVAL;
 	}
 
+	memset(&ctl, 0, sizeof(ctl));
 	ctl.cmd = IPC_ROUTER_CTRL_CMD_NEW_SERVER;
 	ctl.srv.service = server->name.service;
 	ctl.srv.instance = server->name.instance;
@@ -1948,6 +1953,7 @@
 		return -ENODEV;
 	}
 
+	memset(&ctl, 0, sizeof(ctl));
 	ctl.cmd = IPC_ROUTER_CTRL_CMD_REMOVE_SERVER;
 	ctl.srv.service = server->name.service;
 	ctl.srv.instance = server->name.instance;
@@ -2433,6 +2439,7 @@
 		up_write(&local_ports_lock_lha2);
 
 		if (port_ptr->type == SERVER_PORT) {
+			memset(&msg, 0, sizeof(msg));
 			msg.cmd = IPC_ROUTER_CTRL_CMD_REMOVE_SERVER;
 			msg.srv.service = port_ptr->port_name.service;
 			msg.srv.instance = port_ptr->port_name.instance;