When fdt_get_string return null, `namep` is not correctly reset.
From the document of `fdt_getprop_by_offset`, the parameter `namep` will
be always overwritten (that is, it will be overwritten without exception
of error occurance).
As for the caller (like
e097c097fe/native/jni/magiskboot/dtb.cpp (L42)),
the code may be like:
```cpp
size_t size;
const char *name;
auto *value = fdt_getprop_by_offset(fdt, prop, &name, &size);
```
and if `value == nullptr`, `size` is also be overwritten correctly but
`name` is not, which is quite inconsistent.
This commit makes sure `name` and `size` behavior consistently (reset to
reasonable value) when error occurs.
Signed-off-by: LoveSy <shana@zju.edu.cn>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Commits 6dcb8ba4 "libfdt: Add helpers for accessing unaligned words"
introduced changes to support unaligned reads for ARM platforms and
11738cf01f "libfdt: Don't use memcpy to handle unaligned reads on ARM"
improved the performance of these helpers.
On further discussion, while there are potential cases where we could be
used on platforms that do not fixup unaligned reads for us, making this
choice the default is very expensive in terms of binary size and access
time. To address this, introduce and use new fdt{32,64}_ld_ functions
that call fdt{32,64}_to_cpu() as was done prior to the above mentioned
commits. Leave the existing load functions as unaligned-safe and
include comments in both cases.
Reviewed-by: Rob Herring <robh@kernel.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
Message-Id: <20201211022736.31657-1-trini@konsulko.com>
Tested-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness in
comparisons in fdt_get_string().
Introduce a new usigned variable, which holds the actual (negated)
stroffset value, so we avoid negating all the other variables and have
proper types everywhere.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20201001164630.4980-6-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness
in a comparison in fdt_node_offset_by_phandle().
Uses a better suited bitwise NOT operator to denote the special value of
-1, which automatically results in an unsigned type.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-14-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness in
comparisons in fdt_get_string().
In the first two cases, we have just established that the signed values
are not negative, so it's safe to cast the values to an unsigned type.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-7-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness
in comparisons in fdt_mem_rsv().
Since all involved values must be positive, change the used types to be
unsigned.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-3-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
If libfdt returns -FDT_ERR_INTERNAL that generally indicates a bug in the
library. Add a new assumption for these cases since it should be save to
disable these checks regardless of the input.
Signed-off-by: Simon Glass <sjg@chromium.org>
Suggested-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20200302190255.51426-3-sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This function is used to perform a full check of the device tree. Allow
it to be excluded if all assumptions are enabled.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20200220214557.176528-9-sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Allow enabling FDT_ASSUME_LATEST to disable version checks.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <20200220214557.176528-7-sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Allow enabling ASSUME_VALID_INPUT to disable sanity checks on the device
tree and the parameters to libfdt. This assumption covers that cases where
the problem could be with either.
Signed-off-by: Simon Glass <sjg@chromium.org>
Message-Id: <20200220214557.176528-5-sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Support ASSUME_VALID_DTB to disable some sanity checks
If we assume that the DTB itself is valid then we can skip some checks and
save code space. Add various conditions to handle this.
Signed-off-by: Simon Glass <sjg@chromium.org>
Message-Id: <20200220214557.176528-4-sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
In libfdt we often sanity test fdt_totalsize(fdt) fairly early, then
trust it (but *only* that header field) for the remainder of our work.
However, Coverity gets confused by this - it sees the byteswap in
fdt32_ld() and assumes that means it is coming from an untrusted source
everytime, resulting in many tainted data warnings.
Most of these end up with logic in fdt_get_string() as the unsafe
destination for this tainted data, so let's tweak the logic there to make
it clearer to Coverity that this is ok.
We add a sanity test on fdt_totalsize() to fdt_probe_ro_(). Because the
interface allows bare ints to be used for offsets, we already have the
assumption that totalsize must be 31-bits or less (2GiB would be a
ludicrously large fdt). This makes this more explicit.
We also make fdt_probe_ro() return the size for convenience, and change the
logic in fdt_get_string() to keep it in a local so that Coverity can see
that it has already been bounds-checked.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Replace instances of dual GPLv2 or BSD license boilerplate with SPDX tags.
Signed-off-by: Rob Herring <robh@kernel.org>
Message-Id: <20190620211944.9378-3-robh@kernel.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
It's now a trivial wrapper around fdt_find_max_phandle() so we might as
well inline it. We also remove it from the versioning linker script.
Theoretically, that's a breaking ABI change except that we haven't yet
released a version with it exposed in the shared object, so we can get
away with it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The new fdt_generate_phandle() function can be used to generate a new,
unused phandle given a specific device tree blob. The implementation is
somewhat naive in that it simply walks the entire device tree to find
the highest phandle value and then returns a phandle value one higher
than that. A more clever implementation might try to find holes in the
current set of phandle values and fill them. But this implementation is
relatively simple and works reliably.
Also add a test that validates that phandles generated by this new API
are indeed unique.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Message-Id: <20190326153302.17109-3-thierry.reding@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The fdt_get_max_phandle() function has some shortcomings. On one hand
it returns just a uint32_t which means to check for the "negative"
error code a caller has to explicitly check against the error code
(uint32_t)-1. In addition, the -1 is the only error code that can be
returned, so a caller cannot tell the difference between the various
failures.
Fix this by adding a new fdt_find_max_phandle() function that returns an
error code on failure and 0 on success, just like other APIs, and stores
the maximum phandle value in an output argument on success.
This also refactors fdt_get_max_phandle() to use the new function. Add a
note pointing out that the new fdt_find_max_phandle() function should be
preferred over fdt_get_max_phandle().
Signed-off-by: Thierry Reding <treding@nvidia.com>
Message-Id: <20190326153302.17109-1-thierry.reding@gmail.com>
[dwg: Reword for some inaccuracies in the commit message]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The new fdt_generate_phandle() function can be used to generate a new,
unused phandle given a specific device tree blob. The implementation is
somewhat naive in that it simply walks the entire device tree to find
the highest phandle value and then returns a phandle value one higher
than that. A more clever implementation might try to find holes in the
current set of phandle values and fill them. But this implementation is
relatively simple and works reliably.
Also add a test that validates that phandles generated by this new API
are indeed unique.
Signed-off-by: Thierry Reding <treding@nvidia.com>
Message-Id: <20190320151003.28941-1-thierry.reding@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This adds some helpers to load (32 or 64 bit) words from an fdt blob, even
if they're unaligned and we're on a platform that doesn't like plain
unaligned loads and stores. We then use the helpers in a number of places.
There are two purposes for this:
1) This makes libfdt more robust against a blob loaded at an unaligned
address. It's usually good practice to load a blob at a 64-bit
alignment, but it's nice to work even then.
2) Users can use these helpers to load integer values from within property
values. These can often be unaligned, even if the blob as a whole is
aligned, since some property encodings have integers and strings mixed
together without any alignment gaps.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This new function implements a complete and thorough check of an fdt blob's
structure. Given a buffer containing an fdt, it should return 0 only if
the fdt within is structurally sound in all regards. It doesn't check
anything about the blob's contents (i.e. the actual values of the nodes and
properties), of course.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Simon Glass <sjg@chromium.org>
fdt_num_mem_rsv() and fdt_get_mem_rsv() currently don't sanity check their
parameters, or the memory reserve section offset in the header. That means
that on a corrupted blob they could access outside of the range of memory
that they should.
This improves their safety checking, meaning they shouldn't access outside
the blob's bounds, even if its contents are badly corrupted.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Simon Glass <sjg@chromium.org>
fdt_getprop_by_offset() doesn't check for errors from fdt_string() - after
all, until very recently it couldn't fail. Now it can, so we need to
propagate errors up to the caller.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Simon Glass <sjg@chromium.org>
fdt_string() is used to retrieve strings from a DT blob's strings section.
It's rarely used directly, but is widely used internally.
However, it doesn't do any bounds checking, which means in the case of a
corrupted blob it could access bad memory, which libfdt is supposed to
avoid.
This write a safe alternative to fdt_string, fdt_get_string(). It checks
both that the given offset is within the string section and that the string
it points to is properly \0 terminated within the section. It also returns
the string's length as a convenience (since it needs to determine to do the
checks anyway).
fdt_string() is rewritten in terms of fdt_get_string() for compatibility.
Most of the diff here is actually testing infrastructure.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Many of the libfdt entry points call some sort of sanity check function
before doing anything else. These need to do slightly different things for
the various classes of functions.
The read-only version is shared with the exported fdt_check_header(), which
limits us a bit in how we can improve it. For that reason split the two
functions apart (though the exported one just calls the ro one for now).
We also rename the functions for more consistency - they're all named
fdt_XX_probe_() where the XX indicates which class of functions they're
for. "probe" is a better "term" than the previous check, since they really
only do minimal validation.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru>
Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
This can be useful in particular in the kernel when booting on systems
with FDT-emitting firmware that is out of date. Releases of kexec-tools
on ppc64 prior to the end of 2014 are notable examples of such.
Signed-off-by: Nathan Whitehorn <nwhitehorn@freebsd.org>
[dwg: Some whitespace cleanups]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
In a lot of places libfdt uses a leading _ character to mark an identifier
as "internal" (not part of the published libfdt API). This is a bad idea,
because identifiers with a leading _ are generally reserved by the C
library or system. It's particularly dangerous for libfdt, because it's
designed to be able to be integrated into lots of different environments.
In some cases the leading _ has no purpose, so we simply drop it. In most
cases we move it to the end, as our new convention for marking internal
identifiers.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
These were noticed when synching with U-Boot's downstream tree.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
If fdt_getprop() fails, negative error code should be returned.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
If fdt_getprop() fails, negative error code should be returned.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add a function to retrieve the highest phandle in a given device tree.
Acked-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Because fdt_stringlist_contains() returns 1 or 0,
fdt_node_check_compatible() can just return the inverted value.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Given a device tree node, a property name and an index, the new function
fdt_stringlist_get() will return a pointer to the index'th string in the
property's value and return its length (or an error code on failure) in
an output argument.
Signed-off-by: Thierry Reding <treding@nvidia.com>
[Fix some -Wshadow warnings --dwg]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The new fdt_stringlist_search() function will look up a given string in
the list contained in the value of a named property of a given device
tree node and return its index.
Signed-off-by: Thierry Reding <treding@nvidia.com>
[Fix some -Wshadow warnings --dwg]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Given a device tree node and a property name, the fdt_stringlist_count()
function counts the number of strings found in the property value.
This also adds a new error code, FDT_ERR_BADVALUE, that the function
returns when it encounters a non-NUL-terminated string list.
Signed-off-by: Thierry Reding <treding@nvidia.com>
[Changed testcase name --dwg]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Properties may contain path names which are not NUL-terminated.
For example, the 'stdout-path' property allows the form 'path:options',
where the ':' character terminates the path specifier.
Allow these path names to be used in-place for path descending;
add fdt_path_offset_namelen(), which limits the path name to 'namelen'
characters.
Reimplement fdt_path_offset() as a trivial wrapper.
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
This function is useful outside libfdt, so export it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
libfdt/fdt.c:104:28: warning: incorrect type in argument 1 (different base types)
libfdt/fdt.c:104:28: expected restricted fdt32_t [usertype] x
libfdt/fdt.c:104:28: got unsigned int const [unsigned] [usertype] <noident>
libfdt/fdt.c:124:40: warning: incorrect type in argument 1 (different base types)
libfdt/fdt.c:124:40: expected restricted fdt32_t [usertype] x
libfdt/fdt.c:124:40: got unsigned int const [unsigned] [usertype] <noident>
libfdt/fdt_ro.c:337:29: warning: incorrect type in argument 1 (different base types)
libfdt/fdt_ro.c:337:29: expected restricted fdt32_t [usertype] x
libfdt/fdt_ro.c:337:29: got unsigned int const [unsigned] [usertype] <noident>
libfdt/fdt_rw.c:370:17: warning: incorrect type in assignment (different base types)
libfdt/fdt_rw.c:370:17: expected unsigned int [unsigned] [usertype] <noident>
libfdt/fdt_rw.c:370:17: got restricted fdt32_t
libfdt/fdt_sw.c:164:13: warning: incorrect type in assignment (different base types)
libfdt/fdt_sw.c:164:13: expected unsigned int [unsigned] [usertype] <noident>
libfdt/fdt_sw.c:164:13: got restricted fdt32_t
libfdt/fdt_sw.c:227:14: warning: incorrect type in assignment (different base types)
libfdt/fdt_sw.c:227:14: expected unsigned int [unsigned] [usertype] <noident>
libfdt/fdt_sw.c:227:14: got restricted fdt32_t
libfdt/fdt_wip.c:80:20: warning: incorrect type in assignment (different base types)
libfdt/fdt_wip.c:80:20: expected unsigned int [unsigned] [usertype] <noident>
libfdt/fdt_wip.c:80:20: got restricted fdt32_t
libfdt/libfdt.h:1001:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:1001:13: expected unsigned long [unsigned] [usertype] val
libfdt/libfdt.h:1001:13: got restricted fdt64_t
libfdt/libfdt.h:1157:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:1157:13: expected unsigned int [unsigned] [usertype] val
libfdt/libfdt.h:1157:13: got restricted fdt32_t
libfdt/libfdt.h:1192:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:1192:13: expected unsigned long [unsigned] [usertype] val
libfdt/libfdt.h:1192:13: got restricted fdt64_t
libfdt/libfdt.h:1299:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:1299:13: expected unsigned int [unsigned] [usertype] val
libfdt/libfdt.h:1299:13: got restricted fdt32_t
libfdt/libfdt.h:1334:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:1334:13: expected unsigned long [unsigned] [usertype] val
libfdt/libfdt.h:1334:13: got restricted fdt64_t
libfdt/libfdt.h:885:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:885:13: expected unsigned int [unsigned] [usertype] val
libfdt/libfdt.h:885:13: got restricted fdt32_t
libfdt/libfdt.h:920:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:920:13: expected unsigned long [unsigned] [usertype] val
libfdt/libfdt.h:920:13: got restricted fdt64_t
libfdt/libfdt.h:996:13: warning: incorrect type in assignment (different base types)
libfdt/libfdt.h:996:13: expected unsigned int [unsigned] [usertype] val
libfdt/libfdt.h:996:13: got restricted fdt32_t
Signed-off-by: Kim Phillips <kim.phillips@freescale.com>
For ages, we've been talking about adding functions to libfdt to allow
iteration through properties. So, finally, here are some.
I got bogged down on this for a long time because I didn't want to
expose offsets directly to properties to the callers. But without
that, attempting to make reasonable iteration functions just became
horrible. So eventually, I settled on an interface which does now
expose property offsets. fdt_first_property_offset() and
fdt_next_property_offset() are used to step through the offsets of the
properties starting from a particularly node offset. The details of
the property at each offset can then be retrieved with either
fdt_get_property_by_offset() or fdt_getprop_by_offset() which have
interfaces similar to fdt_get_property() and fdt_getprop()
respectively.
No explicit testcases are included, but we do use the new functions to
reimplement the existing fdt_get_property() function.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently, the Linux kernel, libfdt and dtc, when using flattened
device trees encode a node's phandle into a property named
"linux,phandle". The ePAPR specification, however - aiming as it is
to not be a Linux specific spec - requires that phandles be encoded in
a property named simply "phandle".
This patch adds support for this newer approach to dtc and libfdt.
Specifically:
- fdt_get_phandle() will now return the correct phandle if it
is supplied in either of these properties
- fdt_node_offset_by_phandle() will correctly find a node with
the given phandle encoded in either property.
- By default, when auto-generating phandles, dtc will encode
it into both properties for maximum compatibility. A new -H
option allows either only old-style or only new-style
properties to be generated.
- If phandle properties are explicitly supplied in the dts
file, dtc will not auto-generate ones in the alternate format.
- If both properties are supplied, dtc will check that they
have the same value.
- Some existing testcases are updated to use a mix of old and
new-style phandles, partially testing the changes.
- A new phandle_format test further tests the libfdt support,
and the -H option.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently, callers of fdt_next_tag() must usually follow the call with
some sort of call to fdt_offset_ptr() to verify that the blob isn't
truncated in the middle of the tag data they're going to process.
This is a bit silly, since fdt_next_tag() generally has to call
fdt_offset_ptr() on at least some of the data following the tag for
its own operation.
This patch alters fdt_next_tag() to always use fdt_offset_ptr() to
verify the data between its starting offset and the offset it returns
in nextoffset. This simplifies fdt_get_property() which no longer has
to verify itself that the property data is all present.
At the same time, I neaten and clarify the error handling for
fdt_next_tag(). Previously, fdt_next_tag() could return -1 instead of
a tag value in some circumstances - which almost none of the callers
checked for. Also, fdt_next_tag() could return FDT_END either because
it encountered an FDT_END tag, or because it reached the end of the
structure block - no way was provided to tell between these cases.
With this patch, fdt_next_tag() always returns FDT_END with a negative
value in nextoffset for an error. This means the several places which
loop looking for FDT_END will still work correctly - they only need to
check for errors at the end. The errors which fdt_next_tag() can
report are:
- -FDT_ERR_TRUNCATED if it reached the end of the structure
block instead of finding a tag.
- -FDT_BADSTRUCTURE if a bad tag was encountered, or if the
tag data couldn't be verified with fdt_offset_ptr().
This patch also updates the callers of fdt_next_tag(), where
appropriate, to make use of the new error reporting.
Finally, the prototype for the long gone _fdt_next_tag() is removed
from libfdt_internal.h.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently fdt_next_node() will find the next node in the blob
regardless of whether it is above, below or at the same level in the
tree as the starting node - the depth parameter is updated to indicate
which is the case. When a depth parameter is supplied, this patch
makes it instead terminate immediately when it finds the END_NODE tag
for a node at depth 0. In this case it returns the offset immediately
past the END_NODE tag.
This has a couple of advantages. First, this slightly simplifies
fdt_subnode_offset(), which no longer needs to explicitly check that
fdt_next_node()'s iteration hasn't left the starting node. Second,
this allows fdt_next_node() to be used to implement
_fdt_node_end_offset() considerably simplifying the latter function.
The other users of fdt_next_node() either don't need to iterate out of
the starting node, or don't pass a depth parameter at all. Any
callers that really need to iterate out of the starting node, but keep
tracking depth can do so by biasing the initial depth value.
This is a semantic change, but I think it's very unlikely to break any
existing library users.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
There's currently an off-by-one bug in fdt_subnode_offset_namelen()
which causes it to keep searching after it's finished the subnodes of
the given parent, and into the subnodes of siblings of the original
node which come after it in the tree.
This patch fixes the bug. It also extends the subnode_offset testcase
(updating all of the 'test_tree1' example trees in the process) to
catch it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Kumar has already added alias expansion to fdt_path_offset().
However, in some circumstances it may be convenient for the user of
libfdt to explicitly get the string expansion of an alias. This patch
adds a function to do this, fdt_get_alias(), and uses it to implement
fdt_path_offset().
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The current implementation of fdt_get_path() has a couple of bugs,
fixed by this patch.
First, contrary to its documentation, on success it returns the length
of the node's path, rather than 0. The testcase is correspondingly
wrong, and the patch fixes this as well.
Second, in some circumstances, it will return -FDT_ERR_BADOFFSET
instead of -FDT_ERR_NOSPACE when given insufficient buffer space.
Specifically this happens when there is insufficient space even to
hold the path's second last component. This behaviour is corrected,
and the testcase updated to check it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
If the path doesn't start with '/' check to see if it matches some alias
under "/aliases" and substitute the matching alias value in the path
and retry the lookup.
Signed-off-by: Kumar Gala <galak@kernel.crashing.org>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
As well as fdt_subnode_offset(), libfdt includes an
fdt_subnode_offset_namelen() function that takes the subnode name to
look up not as a NUL-terminated string, but as a string with an
explicit length. This can be useful when the caller has the name as
part of a longer string, such as a full path.
However, we don't have corresponding 'namelen' versions for
fdt_get_property() and fdt_getprop(). There are less obvious use
cases for these variants on property names, but there are
circumstances where they can be useful e.g. looking up property names
which need to be parsed from a longer string buffer such as user input
or a configuration file, or looking up an alias in a path with
IEEE1275 style aliases.
So, since it's very easy to implement such variants, this patch does
so. The original NUL-terminated variants are, of course, implemented
in terms of the namelen versions.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
In commit b6d80a20fc, we renamed all
libfdt functions to be prefixed with fdt_ or _fdt_ to minimise the
chance of collisions with things from whatever package libfdt is
embedded in, pulled into the libfdt build via that environment's
libfdt_env.h.
Except... I missed one. This patch applies the same treatment to
_stringlist_contains(). While we're at it, also make it static since
it's only used in the same file.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
libfdt is supposed to easy to embed in projects all and sundry.
Often, it won't be practical to separate the embedded libfdt's
namespace from that of the surrounding project. Which means there can
be namespace conflicts between even libfdt's internal/static functions
and functions or macros coming from the surrounding project's headers
via libfdt_env.h.
This patch, therefore, renames a bunch of libfdt internal functions
and macros and makes a few other chances to reduce the chances of
namespace collisions with embedding projects. Specifically:
- Internal functions (even static ones) are now named _fdt_*()
- The type and (static) global for the error table in
fdt_strerror() gain an fdt_ prefix
- The unused macro PALIGN is removed
- The memeq and streq macros are removed and open-coded in the
users (they were only used once each)
- Other macros gain an FDT_ prefix
- To save some of the bulk from the previous change, an
FDT_TAGALIGN() macro is introduced, where FDT_TAGALIGN(x) ==
FDT_ALIGN(x, FDT_TAGSIZE)
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Enabling -Wcast-qual warnings in dtc shows up a number of places where
we are incorrectly discarding a const qualification. There are also
some places where we are intentionally discarding the 'const', and we
need an ugly cast through uintptr_t to suppress the warning. However,
most of these are pretty well isolated with the *_w() functions. So
in the interests of maximum safety with const qualifications, this
patch enables the warnings and fixes the existing complaints.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This patch turns on the -Wpointer-arith option in the dtc Makefile,
and fixes the resulting warnings due to using (void *) in pointer
arithmetic. While convenient, pointer arithmetic on void * is not
portable, so it's better that we avoid it, particularly in libfdt.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>