When we only need the libfdt calling the target install-lib also builds the
executables listed in $(BINS) because this target depends on all
Instead lets make install-lib only depend on libfdt.
Signed-off-by: Nicolas Escande <nico.escande@gmail.com>
Message-ID: <20230726144336.677135-1-nico.escande@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The value passed to the <ctype.h> functions shall be the value of an unsigned
char or EOF. It is implementation-defined if the char type is signed or
unsigned. Cast to unsigned char to avoid undefined behaviour on systems where
char is signed.
This cast is already present in other parts of the code base.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The function mentioned in the comment, fdt_finished(), should be
changed to fdt_finish().
Signed-off-by: Yan-Jie Wang <yanjiewtw@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-undefined error is the equivalent of --no-undefined for the macOS
linker, but -undefined would also be understood as a valid argument for
GNU ld so we use the supported linker variant.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This records detailed usage of labels in a dtb. This is needed in
overlays (and enabled implicitly for these). For ordinary device trees
it can be used to restore labels when compiling back to dts format.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Message-Id: <20230523080941.419330-1-u.kleine-koenig@pengutronix.de>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
set SETUPTOOLS_SCM_PRETEND_VERSION="0" variable because GitHub Actions
does not copy the .git directory into the container. Without that, the
build fails with the following error
LookupError: setuptools-scm was unable to detect version for /__w/dtc/dtc.
Signed-off-by: Biswapriyo Nath <nathbappai@gmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The handling of "type preservation" dts output is based on the idea of
"phandles with arguments" in properties, which isn't really a thing, other
than a fairly common convention about how bindings are written. There's
nothing preventing a binding which freely mixes phandles and other integers
in an array of cells.
Currently write_propval() handles this incorrectly: specifically the case
of a phandle which follows a regular integer in a 32-bit cell array, but
without a new '< >' delimited causing an extra TYPE_UINT32 marker to be
inserted. In this case it omits the necessary space between the integer
and the phandle reference, leading to output which can't be sent back into
dtc and parsed.
Correct this, and update tests to match. I think this is more or less
correct for now, but really write_propval() is a big mess :(.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
* bad-graph-child-address.dts: additional child address test since the
one in bad-graph.dts is now shadowed by its prerequisites also
failing.
* bad-graph-reg-cells.dts: test warnings produced by check_graph_reg().
Signed-off-by: Johannes Beisswenger <johannes.beisswenger@cetitec.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
If an endpoint node has a 'reg' property which consists of more than
one cell (4 bytes) and given that matching '#address-cells' and '#size-cells'
properties are specified on the port node an assertion is triggered in
check_graph_child_address() before the relevant diagnostic checks in
check_graph_reg() (called by check_graph_port() and check_graph_endpoint()) are executed.
The issue is fixed by making graph_child_address depend on the
graph_port and graph_endpoint checks.
Additionally the assertion can also be triggered if the length of the
'reg' property is less than 4 bytes e.g. by specifying
'reg = "a";'. In that case however other warnings are produced
highlighting the malformed property before dtc crashes.
Example dts file triggering the issue:
/dts-v1/;
/ {
bar: bar {
port {
bar_con: endpoint {
remote-endpoint = <&foo_con>;
};
};
};
foo {
port {
#address-cells = <1>;
#size-cells = <1>; // should always be 0
foo_con: endpoint@1 {
reg = <1 2>; // causes assertion failure instead of diagnostic
remote-endpoint = <&bar_con>;
};
};
};
};
Signed-off-by: Johannes Beisswenger <johannes.beisswenger@cetitec.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
(Free) Travis-ci is gone since November 2020, cirrus seems to be
unreliable showing build breakages unrelated to changes.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
libyaml before 0.2.3 expects non-const string parameters. Supporting
both variants would require either cpp magic or ignoring
"discarded-qualifiers" compiler warnings. For the sake of simplicity
just support libyaml 0.2.3 and newer.
Note that NO_YAML can be overwritten on the make command line.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Dts files which contain an 'endpoint' node as a direct child of the
root node cause a segmentation fault inside check_graph_node(). This
type of error can easily happen when a 'remote-endpoint' property is
accidentally placed outside the corresponding endpoint and port nodes.
Example with 'endpoint' node:
/dts-v1/;
/ { endpoint {}; };
Example with remote-endpoint property:
/dts-v1/;
/ {
foo {
remote-endpoint = <0xdeadbeef>;
};
};
Signed-off-by: Johannes Beisswenger <johannes.beisswenger@cetitec.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The current documentation doesn't mention the possibility of passing a
non-absolute path and having that treated as an alias. Add that
information, along with an example (which will further be expanded in
a subsequent patch), and clarify when -FDT_ERR_BADPATH can be returned.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The fdt_get_symbol_namelen() function will be used in a subsequent
patch.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Simplify the code by making use of the new helper.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add a wrapper for fdt_getprop_namelen() allowing one to specify the node
by path instead of offset.
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Device trees with a /plugin/ tag ("overlays") generate a __fixups__ node
when needed and independent of -q being given or not. The same is true for
__local__fixups__. So don't mention these two nodes in the paragraph about
-@.
To not shorten the description too much, describe the semantic of the
properties contained in the generated __symbols__ node.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
fdtoverlay doesn't have a -t option, so explaining the type formats and
modifier prefixes doesn't make much sense.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Message-Id: <20230315100819.13387-1-u.kleine-koenig@pengutronix.de>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Always allocate from open_blob_rw(), to simplify memory management.
The fixes are not exhaustive.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
./dtc -I dts -O dtb -o overlay_base_manual_symbols.test.dtb /home/elmarco/src/dtc/tests/overlay_base_manual_symbols.dts
../data.c:109:2: runtime error: null pointer passed as argument 2, which is declared to never be null
=================================================================
==933317==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x7f49a2aba6af in __interceptor_malloc (/lib64/libasan.so.8+0xba6af)
#1 0x43183d in xmalloc ../util.h:45
#2 0x43482f in data_add_marker ../data.c:230
#3 0x449bb8 in get_node_phandle ../livetree.c:632
#4 0x421058 in fixup_phandle_references ../checks.c:627
#5 0x41b0ba in check_nodes_props ../checks.c:141
#6 0x41b1c8 in check_nodes_props ../checks.c:144
#7 0x41b9f1 in run_check ../checks.c:181
#8 0x430a68 in process_checks ../checks.c:2057
#9 0x436abd in main ../dtc.c:327
#10 0x7f49a30d850f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Only create data when necessary, and do not alias it.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
[dwg: Small fixup for a slightly different approach to adjacent cleanups]
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The name field of 'struct node' was really always supposed to be a
malloc()ed string, that is owned by the structure. To avoid an extra
strdup() for strings coming up from the lexer, name_node() expects to take
uch an already malloc()ed string, which means it's not correct to pass it
a static string literal.
That's a pretty non-obvious constraint, so a bunch of incorrect uses have
crept in. Really, avoiding the extra dup from the lexer isn't a big enough
benefit for this demonstrably dangerous interface. So change it to do the
xstrdup() itself, removing the burden from callers.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The 'name' field of 'struct node' is supposed to be an (individually)
malloc()ed string. So, when taking a name from a flattened blob we need
to strdup() it.
Currently that happens in flat_read_string() as we take it from the
flattened structure itself. That obscures what's going on because it's
several steps removed from actually inserting it into node->name. It also
means we need an additional strdup() and free() for the case of old dtb
formats where we need to extract just the final path component from the
blob for the name.
While we're scanning the blob, we're doing so read-only, so it's fine to
have pointers into it. Therefore simplify things a bit by delaying the
xstrdup() to the point where we're actually inserting into node->name.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The name field of 'struct property' was really always supposed to be a
malloc()ed string, that is owned by the structure. To avoid an extra
strdup() for strings coming up from the lexer, build_property() and
build_property_delete() expect to take such an already malloc()ed string,
which means it's not correct to pass it a static string literal.
That's a pretty non-obvious constraint, so a bunch of incorrect uses have
crept in. Really, avoiding the extra dup from the lexer isn't a big enough
benefit for this demonstrably dangerous interface. So change it to do the
xstrdup() itself, removing the burden from callers.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently if there is a valid 10-bit address the following warning is
always displayed due to the 7-bit check failing due to reg > 0x7f
"I2C address must be less than 7-bits, got "0x800000a6". Set I2C_TEN_BIT_ADDRESS for 10 bit addresses or fix the property"
Fix this issue by checking if a 10-bit address is expected, and is valid in separate if statements.
Fixes: 8259d59f ("checks: Improve i2c reg property checking")
Signed-off-by: Matt Ranostay <matt.ranostay@konsulko.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Because meson always builds out-of-tree we need to reference things in the
original source tree via $SRCDIR from run_tests.sh. We forgot a couple of
cases for the cell overflow tests. Fix them.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add this new warning to the default build flags. It suggests adding
a ((format)) attribute to xavsprintf_append(), so do that.
Suggested-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
It's been rather too long since the last release, and quite a lot of
changes have accumulated. Finally get around to rolling a release.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This also enables us to test the -NOSPACE condition by adding a test
setting size_hint=1 so this path is taken.
Message-Id: <20230201181112.1644842-1-luca@z3ntu.xyz>
Signed-off-by: Luca Weiss <luca@z3ntu.xyz>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Replace the 0-length arrays in structures with proper flexible
arrays. This will avoid warnings when building under GCC 13 with
-fstrict-flex-arrays, which the Linux kernel will be doing soon:
In file included from ../lib/fdt_ro.c:2:
../lib/../scripts/dtc/libfdt/fdt_ro.c: In function 'fdt_get_name':
../lib/../scripts/dtc/libfdt/fdt_ro.c:319:24: warning: 'strrchr' reading 1 or more bytes from a region of size 0 [-Wstringop-overread]
319 | leaf = strrchr(nameptr, '/');
| ^~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
We always evaluate integer values in cell arrays as 64-bit quantities, then
truncate to the size of the array cells (32-bit by default). However to
detect accidental truncation of meaningful values, we give an error if the
truncated portion isn't either all 0 or all 1 bits. However, this can
still give counterintuitive errors. For if the user is thinking in 2's
complement 32-bit arithmetic (which would be quite natural), then they'd
expect the expression (-0xffffffff-2) to evaluate to -1 (0xffffffff).
However in 64-bit it evaluates to 0xfffffffeffffffff which does truncate
to the expected value but trips this error message.
Because of this reduce the error to only a warnings, with a somewhat more
helpful message.
Fixes: https://github.com/dgibson/dtc/issues/74
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add a new test get_next_tag_invalid_prop_len, which covers
fdt_next_tag(), when it is passed an corrupted blob, with
invalid property len values. The test runs twice, on a blob
in sw and finished state.
Signed-off-by: Tadeusz Struk <tadeusz.struk@linaro.org>
Message-Id: <20221011182611.116011-2-tadeusz.struk@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Since fdt_next_tag() in a public API function all input parameters,
including the fdt blob should not be trusted. It is possible to forge
a blob with invalid property length that will cause integer overflow
during offset calculation. To prevent that, validate the property length
read from the blob before doing calculations.
Signed-off-by: Tadeusz Struk <tadeusz.struk@linaro.org>
Message-Id: <20221005232931.3016047-1-tadeusz.struk@linaro.org>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>