--- zzzz-none-000/linux-4.1.38/drivers/mtd/mtdchar.c	2017-01-18 18:48:06.000000000 +0000
+++ bcm63-7582-715/linux-4.1.38/drivers/mtd/mtdchar.c	2020-11-25 10:06:48.000000000 +0000
@@ -185,6 +185,9 @@
 		case MTD_FILE_MODE_RAW:
 		{
 			struct mtd_oob_ops ops;
+#if defined(CONFIG_BCM_KF_MTD_IOCTL_FIX)
+			memset(&ops, 0x00, sizeof(ops));
+#endif
 
 			ops.mode = MTD_OPS_RAW;
 			ops.datbuf = kbuf;
@@ -279,6 +282,9 @@
 		case MTD_FILE_MODE_RAW:
 		{
 			struct mtd_oob_ops ops;
+#if defined(CONFIG_BCM_KF_MTD_IOCTL_FIX)
+			memset(&ops, 0x00, sizeof(ops));
+#endif
 
 			ops.mode = MTD_OPS_RAW;
 			ops.datbuf = kbuf;
@@ -387,7 +393,6 @@
 	ops.datbuf = NULL;
 	ops.mode = (mfi->mode == MTD_FILE_MODE_RAW) ? MTD_OPS_RAW :
 		MTD_OPS_PLACE_OOB;
-
 	if (ops.ooboffs && ops.ooblen > (mtd->oobsize - ops.ooboffs))
 		return -EINVAL;
 
@@ -427,7 +432,6 @@
 	ops.datbuf = NULL;
 	ops.mode = (mfi->mode == MTD_FILE_MODE_RAW) ? MTD_OPS_RAW :
 		MTD_OPS_PLACE_OOB;
-
 	if (ops.ooboffs && ops.ooblen > (mtd->oobsize - ops.ooboffs))
 		return -EINVAL;
 
@@ -723,6 +727,9 @@
 		struct mtd_oob_buf buf;
 		struct mtd_oob_buf __user *buf_user = argp;
 
+#if defined(CONFIG_BCM_KF_MTD_IOCTL_FIX)
+		memset(&buf, 0x00, sizeof(buf));
+#endif
 		/* NOTE: writes return length to buf_user->length */
 		if (copy_from_user(&buf, argp, sizeof(buf)))
 			ret = -EFAULT;
@@ -737,6 +744,9 @@
 		struct mtd_oob_buf buf;
 		struct mtd_oob_buf __user *buf_user = argp;
 
+#if defined(CONFIG_BCM_KF_MTD_IOCTL_FIX)
+		memset(&buf, 0x00, sizeof(buf));
+#endif
 		/* NOTE: writes return length to buf_user->start */
 		if (copy_from_user(&buf, argp, sizeof(buf)))
 			ret = -EFAULT;