<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/drivers/of/fdt.c, branch linux-3.16.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>of: fdt: Fix return with value in void function</title>
<updated>2018-03-03T15:52:29+00:00</updated>
<author>
<name>Ben Hutchings</name>
<email>ben@decadent.org.uk</email>
</author>
<published>2018-02-26T16:32:31+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=52f0b4f11aab0854fc31b83296d816d3d78c0892'/>
<id>52f0b4f11aab0854fc31b83296d816d3d78c0892</id>
<content type='text'>
Commit 49e67dd17649 "of: fdt: add missing allocation-failure check"
added a "return NULL" statement in __unflatten_device_tree().  When
applied to the 3.16-stable branch, this introduced a compiler warning
(not an error!) because the function returns void here.

Signed-off-by: Ben Hutchings &lt;ben@decadent.org.uk&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Commit 49e67dd17649 "of: fdt: add missing allocation-failure check"
added a "return NULL" statement in __unflatten_device_tree().  When
applied to the 3.16-stable branch, this introduced a compiler warning
(not an error!) because the function returns void here.

Signed-off-by: Ben Hutchings &lt;ben@decadent.org.uk&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of: fdt: add missing allocation-failure check</title>
<updated>2017-09-15T17:29:43+00:00</updated>
<author>
<name>Johan Hovold</name>
<email>johan@kernel.org</email>
</author>
<published>2017-05-17T15:29:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=c194c404a830e87016149645d2bee3a0bb0479ce'/>
<id>c194c404a830e87016149645d2bee3a0bb0479ce</id>
<content type='text'>
commit 49e67dd17649b60b4d54966e18ec9c80198227f0 upstream.

The memory allocator passed to __unflatten_device_tree() (e.g. a wrapped
kzalloc) can fail so add the missing sanity check to avoid dereferencing
a NULL pointer.

Fixes: fe14042358fa ("of/flattree: Refactor unflatten_device_tree and add fdt_unflatten_tree")
Signed-off-by: Johan Hovold &lt;johan@kernel.org&gt;
Signed-off-by: Rob Herring &lt;robh@kernel.org&gt;
Signed-off-by: Ben Hutchings &lt;ben@decadent.org.uk&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 49e67dd17649b60b4d54966e18ec9c80198227f0 upstream.

The memory allocator passed to __unflatten_device_tree() (e.g. a wrapped
kzalloc) can fail so add the missing sanity check to avoid dereferencing
a NULL pointer.

Fixes: fe14042358fa ("of/flattree: Refactor unflatten_device_tree and add fdt_unflatten_tree")
Signed-off-by: Johan Hovold &lt;johan@kernel.org&gt;
Signed-off-by: Rob Herring &lt;robh@kernel.org&gt;
Signed-off-by: Ben Hutchings &lt;ben@decadent.org.uk&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of/fdt: fix error checking for earlycon address</title>
<updated>2015-12-13T17:49:40+00:00</updated>
<author>
<name>Masahiro Yamada</name>
<email>yamada.masahiro@socionext.com</email>
</author>
<published>2015-10-23T11:47:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=c2187dc4bf34e529401d7e2654f6b77bca738dc4'/>
<id>c2187dc4bf34e529401d7e2654f6b77bca738dc4</id>
<content type='text'>
commit 3f5ceec96470050d20d7281d49985e3b1cfc3995 upstream.

fdt_translate_address() returns OF_BAD_ADDR on error.  It is defined as
a u64 value, so the variable "addr" should be defined as u64 as well.

Fixes: fb11ffe74c79 ("of/fdt: add FDT serial scanning for earlycon")
Signed-off-by: Masahiro Yamada &lt;yamada.masahiro@socionext.com&gt;
Signed-off-by: Rob Herring &lt;robh@kernel.org&gt;
Signed-off-by: Luis Henriques &lt;luis.henriques@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 3f5ceec96470050d20d7281d49985e3b1cfc3995 upstream.

fdt_translate_address() returns OF_BAD_ADDR on error.  It is defined as
a u64 value, so the variable "addr" should be defined as u64 as well.

Fixes: fb11ffe74c79 ("of/fdt: add FDT serial scanning for earlycon")
Signed-off-by: Masahiro Yamada &lt;yamada.masahiro@socionext.com&gt;
Signed-off-by: Rob Herring &lt;robh@kernel.org&gt;
Signed-off-by: Luis Henriques &lt;luis.henriques@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of/fdt: memblock_reserve /memreserve/ regions in the case of partial overlap</title>
<updated>2014-12-10T17:49:37+00:00</updated>
<author>
<name>Ian Campbell</name>
<email>ian.campbell@citrix.com</email>
</author>
<published>2014-11-25T15:05:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ca8a9d00aaffb39c4977cf306d92fb2e839ce9cb'/>
<id>ca8a9d00aaffb39c4977cf306d92fb2e839ce9cb</id>
<content type='text'>
commit 094cb98179f19b75acf9ff471daabf3948ce98e6 upstream.

memblock_is_region_reserved() returns true in the case of a partial
overlap, meaning that the current code fails to reserve the
non-overlapping portion.

This call was introduced as part of d1552ce449eb "of/fdt: move
memreserve and dtb memory reservations into core" which went into
v3.16.

I observed this causing a Midway system with a buggy fdt (the header
declares itself to be larger than it really is) failing to boot
because the over-inflated size of the fdt was causing it to seem to
run into the swapper_pg_dir region, meaning the DT wasn't reserved.
The symptoms were failing to find an disks or network and failing to
boot.

However given the ambiguity of whether things like the initrd are
covered by /memreserve/ and similar I think it is best to also
register the region rather than just ignoring it.

Since memblock_reserve() handles overlaps just fine lets just warn and
carry on.

Signed-off-by: Ian Campbell &lt;ian.campbell@citrix.com&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
Cc: Rob Herring &lt;robh+dt@kernel.org&gt;
Signed-off-by: Luis Henriques &lt;luis.henriques@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit 094cb98179f19b75acf9ff471daabf3948ce98e6 upstream.

memblock_is_region_reserved() returns true in the case of a partial
overlap, meaning that the current code fails to reserve the
non-overlapping portion.

This call was introduced as part of d1552ce449eb "of/fdt: move
memreserve and dtb memory reservations into core" which went into
v3.16.

I observed this causing a Midway system with a buggy fdt (the header
declares itself to be larger than it really is) failing to boot
because the over-inflated size of the fdt was causing it to seem to
run into the swapper_pg_dir region, meaning the DT wasn't reserved.
The symptoms were failing to find an disks or network and failing to
boot.

However given the ambiguity of whether things like the initrd are
covered by /memreserve/ and similar I think it is best to also
register the region rather than just ignoring it.

Since memblock_reserve() handles overlaps just fine lets just warn and
carry on.

Signed-off-by: Ian Campbell &lt;ian.campbell@citrix.com&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
Cc: Rob Herring &lt;robh+dt@kernel.org&gt;
Signed-off-by: Luis Henriques &lt;luis.henriques@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of: Fix crash if an earlycon driver is not found</title>
<updated>2014-12-01T10:26:03+00:00</updated>
<author>
<name>Kevin Cernekee</name>
<email>cernekee@gmail.com</email>
</author>
<published>2014-11-09T08:55:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=2da148a27c374a7d8b644aee6c4c7b715f92f2e3'/>
<id>2da148a27c374a7d8b644aee6c4c7b715f92f2e3</id>
<content type='text'>
commit ab74d00a39f70e1bc34a01322bb59f3750ca7a8c upstream.

__earlycon_of_table_sentinel.compatible is a char[128], not a pointer, so
it will never be NULL.  Checking it against NULL causes the match loop to
run past the end of the array, and eventually match a bogus entry, under
the following conditions:

 - Kernel command line specifies "earlycon" with no parameters
 - DT has a stdout-path pointing to a UART node
 - The UART driver doesn't use OF_EARLYCON_DECLARE (or maybe the console
   driver is compiled out)

Fix this by checking to see if match-&gt;compatible is a non-empty string.

Signed-off-by: Kevin Cernekee &lt;cernekee@gmail.com&gt;
Signed-off-by: Rob Herring &lt;robh@kernel.org&gt;
Signed-off-by: Luis Henriques &lt;luis.henriques@canonical.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit ab74d00a39f70e1bc34a01322bb59f3750ca7a8c upstream.

__earlycon_of_table_sentinel.compatible is a char[128], not a pointer, so
it will never be NULL.  Checking it against NULL causes the match loop to
run past the end of the array, and eventually match a bogus entry, under
the following conditions:

 - Kernel command line specifies "earlycon" with no parameters
 - DT has a stdout-path pointing to a UART node
 - The UART driver doesn't use OF_EARLYCON_DECLARE (or maybe the console
   driver is compiled out)

Fix this by checking to see if match-&gt;compatible is a non-empty string.

Signed-off-by: Kevin Cernekee &lt;cernekee@gmail.com&gt;
Signed-off-by: Rob Herring &lt;robh@kernel.org&gt;
Signed-off-by: Luis Henriques &lt;luis.henriques@canonical.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of: Allow mem_reserve of memory with a base address of zero</title>
<updated>2014-10-05T20:40:52+00:00</updated>
<author>
<name>Al Cooper</name>
<email>alcooperx@gmail.com</email>
</author>
<published>2014-08-06T20:30:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5b2834f6e2363a13a40166307c285828f1f1778d'/>
<id>5b2834f6e2363a13a40166307c285828f1f1778d</id>
<content type='text'>
commit b5f2a8c02697c3685ccbbb66495465742ffa0dc1 upstream.

__reserved_mem_reserve_reg() won't reserve memory if the base address
is zero. This change removes the check for a base address of zero and
allows it to be reserved.

Allowing the first 4K of memory to be reserved will help solve a
problem on some ARM systems where the the first 16K of memory is
unused and becomes allocable memory. This will prevent this memory
from being used for DMA by drivers like the USB OHCI driver which
consider a physical address of zero to be illegal.

Signed-off-by: Al Cooper &lt;alcooperx@gmail.com&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
commit b5f2a8c02697c3685ccbbb66495465742ffa0dc1 upstream.

__reserved_mem_reserve_reg() won't reserve memory if the base address
is zero. This change removes the check for a base address of zero and
allows it to be reserved.

Allowing the first 4K of memory to be reserved will help solve a
problem on some ARM systems where the the first 16K of memory is
unused and becomes allocable memory. This will prevent this memory
from being used for DMA by drivers like the USB OHCI driver which
consider a physical address of zero to be illegal.

Signed-off-by: Al Cooper &lt;alcooperx@gmail.com&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@linuxfoundation.org&gt;

</pre>
</div>
</content>
</entry>
<entry>
<title>of: Add memory limiting function for flattened devicetrees</title>
<updated>2014-07-30T03:26:45+00:00</updated>
<author>
<name>Laura Abbott</name>
<email>lauraa@codeaurora.org</email>
</author>
<published>2014-07-15T17:03:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=704033cee2e5b3c1c6eaf5bb398e465a9c3667b5'/>
<id>704033cee2e5b3c1c6eaf5bb398e465a9c3667b5</id>
<content type='text'>
Buggy bootloaders may pass bogus memory entries in the devicetree.
Add of_fdt_limit_memory to add an upper bound on the number of
entries that can be present in the devicetree.

Signed-off-by: Laura Abbott &lt;lauraa@codeaurora.org&gt;
Tested-by: Andreas Färber &lt;afaerber@suse.de&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Buggy bootloaders may pass bogus memory entries in the devicetree.
Add of_fdt_limit_memory to add an upper bound on the number of
entries that can be present in the devicetree.

Signed-off-by: Laura Abbott &lt;lauraa@codeaurora.org&gt;
Tested-by: Andreas Färber &lt;afaerber@suse.de&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of: Split early_init_dt_scan into two parts</title>
<updated>2014-07-30T03:26:37+00:00</updated>
<author>
<name>Laura Abbott</name>
<email>lauraa@codeaurora.org</email>
</author>
<published>2014-07-15T17:03:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=4972a74b888c6b52ca41fae6076786dbbeb746d5'/>
<id>4972a74b888c6b52ca41fae6076786dbbeb746d5</id>
<content type='text'>
Currently, early_init_dt_scan validates the header, sets the
boot params, and scans for chosen/memory all in one function.
Split this up into two separate functions (validation/setting
boot params in one, scanning in another) to allow for
additional setup between boot params and scanning the memory.

Signed-off-by: Laura Abbott &lt;lauraa@codeaurora.org&gt;
Tested-by: Andreas Färber &lt;afaerber@suse.de&gt;
[glikely: s/early_init_dt_scan_all/early_init_dt_scan_nodes/]
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Currently, early_init_dt_scan validates the header, sets the
boot params, and scans for chosen/memory all in one function.
Split this up into two separate functions (validation/setting
boot params in one, scanning in another) to allow for
additional setup between boot params and scanning the memory.

Signed-off-by: Laura Abbott &lt;lauraa@codeaurora.org&gt;
Tested-by: Andreas Färber &lt;afaerber@suse.de&gt;
[glikely: s/early_init_dt_scan_all/early_init_dt_scan_nodes/]
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>of: Check for phys_addr_t overflows in early_init_dt_add_memory_arch</title>
<updated>2014-06-26T16:28:28+00:00</updated>
<author>
<name>Laura Abbott</name>
<email>lauraa@codeaurora.org</email>
</author>
<published>2014-06-20T03:13:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=a67a6ed15513541579d38bcbd127e7be170710e5'/>
<id>a67a6ed15513541579d38bcbd127e7be170710e5</id>
<content type='text'>
The common early_init_dt_add_memory_arch takes the base and size
of a memory region as u64 types. The function never checks if
the base and size can actually fit in a phys_addr_t which may
be smaller than 64-bits. This may result in incorrect memory
being passed to memblock_add if the memory falls outside the
range of phys_addr_t. Add range checks for the base and size if
phys_addr_t is smaller than u64.

Reported-by: Geert Uytterhoeven &lt;geert@linux-m68k.org&gt;
Tested-by: Geert Uytterhoeven &lt;geert@linux-m68k.org&gt;
Signed-off-by: Laura Abbott &lt;lauraa@codeaurora.org&gt;
Acked-by: Nicolas Pitre &lt;nico@linaro.org&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The common early_init_dt_add_memory_arch takes the base and size
of a memory region as u64 types. The function never checks if
the base and size can actually fit in a phys_addr_t which may
be smaller than 64-bits. This may result in incorrect memory
being passed to memblock_add if the memory falls outside the
range of phys_addr_t. Add range checks for the base and size if
phys_addr_t is smaller than u64.

Reported-by: Geert Uytterhoeven &lt;geert@linux-m68k.org&gt;
Tested-by: Geert Uytterhoeven &lt;geert@linux-m68k.org&gt;
Signed-off-by: Laura Abbott &lt;lauraa@codeaurora.org&gt;
Acked-by: Nicolas Pitre &lt;nico@linaro.org&gt;
Signed-off-by: Grant Likely &lt;grant.likely@linaro.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>Merge branch 'earlycon-dt' into for-next</title>
<updated>2014-05-28T16:23:39+00:00</updated>
<author>
<name>Rob Herring</name>
<email>robh@kernel.org</email>
</author>
<published>2014-05-28T16:23:39+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=728dd198aa543397c88f6f8e35f4f187b2bbc09d'/>
<id>728dd198aa543397c88f6f8e35f4f187b2bbc09d</id>
<content type='text'>
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
</pre>
</div>
</content>
</entry>
</feed>
