1 | // SPDX-License-Identifier: (GPL-2.0-or-later OR BSD-2-Clause) |
2 | /* |
3 | * libfdt - Flat Device Tree manipulation |
4 | * Copyright (C) 2006 David Gibson, IBM Corporation. |
5 | */ |
6 | #include "libfdt_env.h" |
7 | |
8 | #include <fdt.h> |
9 | #include <libfdt.h> |
10 | |
11 | #include "libfdt_internal.h" |
12 | |
13 | /* |
14 | * Minimal sanity check for a read-only tree. fdt_ro_probe_() checks |
15 | * that the given buffer contains what appears to be a flattened |
16 | * device tree with sane information in its header. |
17 | */ |
18 | int32_t fdt_ro_probe_(const void *fdt) |
19 | { |
20 | uint32_t totalsize = fdt_totalsize(fdt); |
21 | |
22 | if (can_assume(VALID_DTB)) |
23 | return totalsize; |
24 | |
25 | /* The device tree must be at an 8-byte aligned address */ |
26 | if ((uintptr_t)fdt & 7) |
27 | return -FDT_ERR_ALIGNMENT; |
28 | |
29 | if (fdt_magic(fdt) == FDT_MAGIC) { |
30 | /* Complete tree */ |
31 | if (!can_assume(LATEST)) { |
32 | if (fdt_version(fdt) < FDT_FIRST_SUPPORTED_VERSION) |
33 | return -FDT_ERR_BADVERSION; |
34 | if (fdt_last_comp_version(fdt) > |
35 | FDT_LAST_SUPPORTED_VERSION) |
36 | return -FDT_ERR_BADVERSION; |
37 | } |
38 | } else if (fdt_magic(fdt) == FDT_SW_MAGIC) { |
39 | /* Unfinished sequential-write blob */ |
40 | if (!can_assume(VALID_INPUT) && fdt_size_dt_struct(fdt) == 0) |
41 | return -FDT_ERR_BADSTATE; |
42 | } else { |
43 | return -FDT_ERR_BADMAGIC; |
44 | } |
45 | |
46 | if (totalsize < INT32_MAX) |
47 | return totalsize; |
48 | else |
49 | return -FDT_ERR_TRUNCATED; |
50 | } |
51 | |
52 | static int check_off_(uint32_t hdrsize, uint32_t totalsize, uint32_t off) |
53 | { |
54 | return (off >= hdrsize) && (off <= totalsize); |
55 | } |
56 | |
57 | static int check_block_(uint32_t hdrsize, uint32_t totalsize, |
58 | uint32_t base, uint32_t size) |
59 | { |
60 | if (!check_off_(hdrsize, totalsize, off: base)) |
61 | return 0; /* block start out of bounds */ |
62 | if ((base + size) < base) |
63 | return 0; /* overflow */ |
64 | if (!check_off_(hdrsize, totalsize, off: base + size)) |
65 | return 0; /* block end out of bounds */ |
66 | return 1; |
67 | } |
68 | |
69 | size_t (uint32_t version) |
70 | { |
71 | if (version <= 1) |
72 | return FDT_V1_SIZE; |
73 | else if (version <= 2) |
74 | return FDT_V2_SIZE; |
75 | else if (version <= 3) |
76 | return FDT_V3_SIZE; |
77 | else if (version <= 16) |
78 | return FDT_V16_SIZE; |
79 | else |
80 | return FDT_V17_SIZE; |
81 | } |
82 | |
83 | size_t (const void *fdt) |
84 | { |
85 | return can_assume(LATEST) ? FDT_V17_SIZE : |
86 | fdt_header_size_(fdt_version(fdt)); |
87 | } |
88 | |
89 | int (const void *fdt) |
90 | { |
91 | size_t hdrsize; |
92 | |
93 | /* The device tree must be at an 8-byte aligned address */ |
94 | if ((uintptr_t)fdt & 7) |
95 | return -FDT_ERR_ALIGNMENT; |
96 | |
97 | if (fdt_magic(fdt) != FDT_MAGIC) |
98 | return -FDT_ERR_BADMAGIC; |
99 | if (!can_assume(LATEST)) { |
100 | if ((fdt_version(fdt) < FDT_FIRST_SUPPORTED_VERSION) |
101 | || (fdt_last_comp_version(fdt) > |
102 | FDT_LAST_SUPPORTED_VERSION)) |
103 | return -FDT_ERR_BADVERSION; |
104 | if (fdt_version(fdt) < fdt_last_comp_version(fdt)) |
105 | return -FDT_ERR_BADVERSION; |
106 | } |
107 | hdrsize = fdt_header_size(fdt); |
108 | if (!can_assume(VALID_DTB)) { |
109 | if ((fdt_totalsize(fdt) < hdrsize) |
110 | || (fdt_totalsize(fdt) > INT_MAX)) |
111 | return -FDT_ERR_TRUNCATED; |
112 | |
113 | /* Bounds check memrsv block */ |
114 | if (!check_off_(hdrsize, fdt_totalsize(fdt), |
115 | fdt_off_mem_rsvmap(fdt))) |
116 | return -FDT_ERR_TRUNCATED; |
117 | |
118 | /* Bounds check structure block */ |
119 | if (!can_assume(LATEST) && fdt_version(fdt) < 17) { |
120 | if (!check_off_(hdrsize, fdt_totalsize(fdt), |
121 | fdt_off_dt_struct(fdt))) |
122 | return -FDT_ERR_TRUNCATED; |
123 | } else { |
124 | if (!check_block_(hdrsize, fdt_totalsize(fdt), |
125 | fdt_off_dt_struct(fdt), |
126 | fdt_size_dt_struct(fdt))) |
127 | return -FDT_ERR_TRUNCATED; |
128 | } |
129 | |
130 | /* Bounds check strings block */ |
131 | if (!check_block_(hdrsize, fdt_totalsize(fdt), |
132 | fdt_off_dt_strings(fdt), |
133 | fdt_size_dt_strings(fdt))) |
134 | return -FDT_ERR_TRUNCATED; |
135 | } |
136 | |
137 | return 0; |
138 | } |
139 | |
140 | const void *fdt_offset_ptr(const void *fdt, int offset, unsigned int len) |
141 | { |
142 | unsigned int uoffset = offset; |
143 | unsigned int absoffset = offset + fdt_off_dt_struct(fdt); |
144 | |
145 | if (offset < 0) |
146 | return NULL; |
147 | |
148 | if (!can_assume(VALID_INPUT)) |
149 | if ((absoffset < uoffset) |
150 | || ((absoffset + len) < absoffset) |
151 | || (absoffset + len) > fdt_totalsize(fdt)) |
152 | return NULL; |
153 | |
154 | if (can_assume(LATEST) || fdt_version(fdt) >= 0x11) |
155 | if (((uoffset + len) < uoffset) |
156 | || ((offset + len) > fdt_size_dt_struct(fdt))) |
157 | return NULL; |
158 | |
159 | return fdt_offset_ptr_(fdt, offset); |
160 | } |
161 | |
162 | uint32_t fdt_next_tag(const void *fdt, int startoffset, int *nextoffset) |
163 | { |
164 | const fdt32_t *tagp, *lenp; |
165 | uint32_t tag, len, sum; |
166 | int offset = startoffset; |
167 | const char *p; |
168 | |
169 | *nextoffset = -FDT_ERR_TRUNCATED; |
170 | tagp = fdt_offset_ptr(fdt, offset, FDT_TAGSIZE); |
171 | if (!can_assume(VALID_DTB) && !tagp) |
172 | return FDT_END; /* premature end */ |
173 | tag = fdt32_to_cpu(*tagp); |
174 | offset += FDT_TAGSIZE; |
175 | |
176 | *nextoffset = -FDT_ERR_BADSTRUCTURE; |
177 | switch (tag) { |
178 | case FDT_BEGIN_NODE: |
179 | /* skip name */ |
180 | do { |
181 | p = fdt_offset_ptr(fdt, offset: offset++, len: 1); |
182 | } while (p && (*p != '\0')); |
183 | if (!can_assume(VALID_DTB) && !p) |
184 | return FDT_END; /* premature end */ |
185 | break; |
186 | |
187 | case FDT_PROP: |
188 | lenp = fdt_offset_ptr(fdt, offset, len: sizeof(*lenp)); |
189 | if (!can_assume(VALID_DTB) && !lenp) |
190 | return FDT_END; /* premature end */ |
191 | |
192 | len = fdt32_to_cpu(*lenp); |
193 | sum = len + offset; |
194 | if (!can_assume(VALID_DTB) && |
195 | (INT_MAX <= sum || sum < (uint32_t) offset)) |
196 | return FDT_END; /* premature end */ |
197 | |
198 | /* skip-name offset, length and value */ |
199 | offset += sizeof(struct fdt_property) - FDT_TAGSIZE + len; |
200 | |
201 | if (!can_assume(LATEST) && |
202 | fdt_version(fdt) < 0x10 && len >= 8 && |
203 | ((offset - len) % 8) != 0) |
204 | offset += 4; |
205 | break; |
206 | |
207 | case FDT_END: |
208 | case FDT_END_NODE: |
209 | case FDT_NOP: |
210 | break; |
211 | |
212 | default: |
213 | return FDT_END; |
214 | } |
215 | |
216 | if (!fdt_offset_ptr(fdt, offset: startoffset, len: offset - startoffset)) |
217 | return FDT_END; /* premature end */ |
218 | |
219 | *nextoffset = FDT_TAGALIGN(offset); |
220 | return tag; |
221 | } |
222 | |
223 | int fdt_check_node_offset_(const void *fdt, int offset) |
224 | { |
225 | if (!can_assume(VALID_INPUT) |
226 | && ((offset < 0) || (offset % FDT_TAGSIZE))) |
227 | return -FDT_ERR_BADOFFSET; |
228 | |
229 | if (fdt_next_tag(fdt, startoffset: offset, nextoffset: &offset) != FDT_BEGIN_NODE) |
230 | return -FDT_ERR_BADOFFSET; |
231 | |
232 | return offset; |
233 | } |
234 | |
235 | int fdt_check_prop_offset_(const void *fdt, int offset) |
236 | { |
237 | if (!can_assume(VALID_INPUT) |
238 | && ((offset < 0) || (offset % FDT_TAGSIZE))) |
239 | return -FDT_ERR_BADOFFSET; |
240 | |
241 | if (fdt_next_tag(fdt, startoffset: offset, nextoffset: &offset) != FDT_PROP) |
242 | return -FDT_ERR_BADOFFSET; |
243 | |
244 | return offset; |
245 | } |
246 | |
247 | int fdt_next_node(const void *fdt, int offset, int *depth) |
248 | { |
249 | int nextoffset = 0; |
250 | uint32_t tag; |
251 | |
252 | if (offset >= 0) |
253 | if ((nextoffset = fdt_check_node_offset_(fdt, offset)) < 0) |
254 | return nextoffset; |
255 | |
256 | do { |
257 | offset = nextoffset; |
258 | tag = fdt_next_tag(fdt, startoffset: offset, nextoffset: &nextoffset); |
259 | |
260 | switch (tag) { |
261 | case FDT_PROP: |
262 | case FDT_NOP: |
263 | break; |
264 | |
265 | case FDT_BEGIN_NODE: |
266 | if (depth) |
267 | (*depth)++; |
268 | break; |
269 | |
270 | case FDT_END_NODE: |
271 | if (depth && ((--(*depth)) < 0)) |
272 | return nextoffset; |
273 | break; |
274 | |
275 | case FDT_END: |
276 | if ((nextoffset >= 0) |
277 | || ((nextoffset == -FDT_ERR_TRUNCATED) && !depth)) |
278 | return -FDT_ERR_NOTFOUND; |
279 | else |
280 | return nextoffset; |
281 | } |
282 | } while (tag != FDT_BEGIN_NODE); |
283 | |
284 | return offset; |
285 | } |
286 | |
287 | int fdt_first_subnode(const void *fdt, int offset) |
288 | { |
289 | int depth = 0; |
290 | |
291 | offset = fdt_next_node(fdt, offset, depth: &depth); |
292 | if (offset < 0 || depth != 1) |
293 | return -FDT_ERR_NOTFOUND; |
294 | |
295 | return offset; |
296 | } |
297 | |
298 | int fdt_next_subnode(const void *fdt, int offset) |
299 | { |
300 | int depth = 1; |
301 | |
302 | /* |
303 | * With respect to the parent, the depth of the next subnode will be |
304 | * the same as the last. |
305 | */ |
306 | do { |
307 | offset = fdt_next_node(fdt, offset, depth: &depth); |
308 | if (offset < 0 || depth < 1) |
309 | return -FDT_ERR_NOTFOUND; |
310 | } while (depth > 1); |
311 | |
312 | return offset; |
313 | } |
314 | |
315 | const char *fdt_find_string_(const char *strtab, int tabsize, const char *s) |
316 | { |
317 | int len = strlen(s) + 1; |
318 | const char *last = strtab + tabsize - len; |
319 | const char *p; |
320 | |
321 | for (p = strtab; p <= last; p++) |
322 | if (memcmp(p, q: s, size: len) == 0) |
323 | return p; |
324 | return NULL; |
325 | } |
326 | |
327 | int fdt_move(const void *fdt, void *buf, int bufsize) |
328 | { |
329 | if (!can_assume(VALID_INPUT) && bufsize < 0) |
330 | return -FDT_ERR_NOSPACE; |
331 | |
332 | FDT_RO_PROBE(fdt); |
333 | |
334 | if (fdt_totalsize(fdt) > (unsigned int)bufsize) |
335 | return -FDT_ERR_NOSPACE; |
336 | |
337 | memmove(buf, fdt, fdt_totalsize(fdt)); |
338 | return 0; |
339 | } |
340 | |