usb: kbd: Prevent out of bound access
[platform/kernel/u-boot.git] / common / image-fdt.c
1 /*
2  * Copyright (c) 2013, Google Inc.
3  *
4  * (C) Copyright 2008 Semihalf
5  *
6  * (C) Copyright 2000-2006
7  * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
8  *
9  * SPDX-License-Identifier:     GPL-2.0+
10  */
11
12 #include <common.h>
13 #include <fdt_support.h>
14 #include <errno.h>
15 #include <image.h>
16 #include <libfdt.h>
17 #include <mapmem.h>
18 #include <asm/io.h>
19
20 #ifndef CONFIG_SYS_FDT_PAD
21 #define CONFIG_SYS_FDT_PAD 0x3000
22 #endif
23
24 DECLARE_GLOBAL_DATA_PTR;
25
26 static void fdt_error(const char *msg)
27 {
28         puts("ERROR: ");
29         puts(msg);
30         puts(" - must RESET the board to recover.\n");
31 }
32
33 #if defined(CONFIG_IMAGE_FORMAT_LEGACY)
34 static const image_header_t *image_get_fdt(ulong fdt_addr)
35 {
36         const image_header_t *fdt_hdr = map_sysmem(fdt_addr, 0);
37
38         image_print_contents(fdt_hdr);
39
40         puts("   Verifying Checksum ... ");
41         if (!image_check_hcrc(fdt_hdr)) {
42                 fdt_error("fdt header checksum invalid");
43                 return NULL;
44         }
45
46         if (!image_check_dcrc(fdt_hdr)) {
47                 fdt_error("fdt checksum invalid");
48                 return NULL;
49         }
50         puts("OK\n");
51
52         if (!image_check_type(fdt_hdr, IH_TYPE_FLATDT)) {
53                 fdt_error("uImage is not a fdt");
54                 return NULL;
55         }
56         if (image_get_comp(fdt_hdr) != IH_COMP_NONE) {
57                 fdt_error("uImage is compressed");
58                 return NULL;
59         }
60         if (fdt_check_header((void *)image_get_data(fdt_hdr)) != 0) {
61                 fdt_error("uImage data is not a fdt");
62                 return NULL;
63         }
64         return fdt_hdr;
65 }
66 #endif
67
68 /**
69  * boot_fdt_add_mem_rsv_regions - Mark the memreserve sections as unusable
70  * @lmb: pointer to lmb handle, will be used for memory mgmt
71  * @fdt_blob: pointer to fdt blob base address
72  *
73  * Adds the memreserve regions in the dtb to the lmb block.  Adding the
74  * memreserve regions prevents u-boot from using them to store the initrd
75  * or the fdt blob.
76  */
77 void boot_fdt_add_mem_rsv_regions(struct lmb *lmb, void *fdt_blob)
78 {
79         uint64_t addr, size;
80         int i, total;
81
82         if (fdt_check_header(fdt_blob) != 0)
83                 return;
84
85         total = fdt_num_mem_rsv(fdt_blob);
86         for (i = 0; i < total; i++) {
87                 if (fdt_get_mem_rsv(fdt_blob, i, &addr, &size) != 0)
88                         continue;
89                 printf("   reserving fdt memory region: addr=%llx size=%llx\n",
90                        (unsigned long long)addr, (unsigned long long)size);
91                 lmb_reserve(lmb, addr, size);
92         }
93 }
94
95 /**
96  * boot_relocate_fdt - relocate flat device tree
97  * @lmb: pointer to lmb handle, will be used for memory mgmt
98  * @of_flat_tree: pointer to a char* variable, will hold fdt start address
99  * @of_size: pointer to a ulong variable, will hold fdt length
100  *
101  * boot_relocate_fdt() allocates a region of memory within the bootmap and
102  * relocates the of_flat_tree into that region, even if the fdt is already in
103  * the bootmap.  It also expands the size of the fdt by CONFIG_SYS_FDT_PAD
104  * bytes.
105  *
106  * of_flat_tree and of_size are set to final (after relocation) values
107  *
108  * returns:
109  *      0 - success
110  *      1 - failure
111  */
112 int boot_relocate_fdt(struct lmb *lmb, char **of_flat_tree, ulong *of_size)
113 {
114         void    *fdt_blob = *of_flat_tree;
115         void    *of_start = NULL;
116         char    *fdt_high;
117         ulong   of_len = 0;
118         int     err;
119         int     disable_relocation = 0;
120
121         /* nothing to do */
122         if (*of_size == 0)
123                 return 0;
124
125         if (fdt_check_header(fdt_blob) != 0) {
126                 fdt_error("image is not a fdt");
127                 goto error;
128         }
129
130         /* position on a 4K boundary before the alloc_current */
131         /* Pad the FDT by a specified amount */
132         of_len = *of_size + CONFIG_SYS_FDT_PAD;
133
134         /* If fdt_high is set use it to select the relocation address */
135         fdt_high = getenv("fdt_high");
136         if (fdt_high) {
137                 void *desired_addr = (void *)simple_strtoul(fdt_high, NULL, 16);
138
139                 if (((ulong) desired_addr) == ~0UL) {
140                         /* All ones means use fdt in place */
141                         of_start = fdt_blob;
142                         lmb_reserve(lmb, (ulong)of_start, of_len);
143                         disable_relocation = 1;
144                 } else if (desired_addr) {
145                         of_start =
146                             (void *)(ulong) lmb_alloc_base(lmb, of_len, 0x1000,
147                                                            (ulong)desired_addr);
148                         if (of_start == NULL) {
149                                 puts("Failed using fdt_high value for Device Tree");
150                                 goto error;
151                         }
152                 } else {
153                         of_start =
154                             (void *)(ulong) lmb_alloc(lmb, of_len, 0x1000);
155                 }
156         } else {
157                 of_start =
158                     (void *)(ulong) lmb_alloc_base(lmb, of_len, 0x1000,
159                                                    getenv_bootm_mapsize()
160                                                    + getenv_bootm_low());
161         }
162
163         if (of_start == NULL) {
164                 puts("device tree - allocation error\n");
165                 goto error;
166         }
167
168         if (disable_relocation) {
169                 /*
170                  * We assume there is space after the existing fdt to use
171                  * for padding
172                  */
173                 fdt_set_totalsize(of_start, of_len);
174                 printf("   Using Device Tree in place at %p, end %p\n",
175                        of_start, of_start + of_len - 1);
176         } else {
177                 debug("## device tree at %p ... %p (len=%ld [0x%lX])\n",
178                       fdt_blob, fdt_blob + *of_size - 1, of_len, of_len);
179
180                 printf("   Loading Device Tree to %p, end %p ... ",
181                        of_start, of_start + of_len - 1);
182
183                 err = fdt_open_into(fdt_blob, of_start, of_len);
184                 if (err != 0) {
185                         fdt_error("fdt move failed");
186                         goto error;
187                 }
188                 puts("OK\n");
189         }
190
191         *of_flat_tree = of_start;
192         *of_size = of_len;
193
194         set_working_fdt_addr((ulong)*of_flat_tree);
195         return 0;
196
197 error:
198         return 1;
199 }
200
201 /**
202  * boot_get_fdt - main fdt handling routine
203  * @argc: command argument count
204  * @argv: command argument list
205  * @arch: architecture (IH_ARCH_...)
206  * @images: pointer to the bootm images structure
207  * @of_flat_tree: pointer to a char* variable, will hold fdt start address
208  * @of_size: pointer to a ulong variable, will hold fdt length
209  *
210  * boot_get_fdt() is responsible for finding a valid flat device tree image.
211  * Curently supported are the following ramdisk sources:
212  *      - multicomponent kernel/ramdisk image,
213  *      - commandline provided address of decicated ramdisk image.
214  *
215  * returns:
216  *     0, if fdt image was found and valid, or skipped
217  *     of_flat_tree and of_size are set to fdt start address and length if
218  *     fdt image is found and valid
219  *
220  *     1, if fdt image is found but corrupted
221  *     of_flat_tree and of_size are set to 0 if no fdt exists
222  */
223 int boot_get_fdt(int flag, int argc, char * const argv[], uint8_t arch,
224                 bootm_headers_t *images, char **of_flat_tree, ulong *of_size)
225 {
226 #if defined(CONFIG_IMAGE_FORMAT_LEGACY)
227         const image_header_t *fdt_hdr;
228         ulong           load, load_end;
229         ulong           image_start, image_data, image_end;
230 #endif
231         ulong           fdt_addr;
232         char            *fdt_blob = NULL;
233         void            *buf;
234 #if defined(CONFIG_FIT)
235         const char      *fit_uname_config = images->fit_uname_cfg;
236         const char      *fit_uname_fdt = NULL;
237         ulong           default_addr;
238         int             fdt_noffset;
239 #endif
240         const char *select = NULL;
241         int             ok_no_fdt = 0;
242
243         *of_flat_tree = NULL;
244         *of_size = 0;
245
246         if (argc > 2)
247                 select = argv[2];
248         if (select || genimg_has_config(images)) {
249 #if defined(CONFIG_FIT)
250                 if (select) {
251                         /*
252                          * If the FDT blob comes from the FIT image and the
253                          * FIT image address is omitted in the command line
254                          * argument, try to use ramdisk or os FIT image
255                          * address or default load address.
256                          */
257                         if (images->fit_uname_rd)
258                                 default_addr = (ulong)images->fit_hdr_rd;
259                         else if (images->fit_uname_os)
260                                 default_addr = (ulong)images->fit_hdr_os;
261                         else
262                                 default_addr = load_addr;
263
264                         if (fit_parse_conf(select, default_addr,
265                                            &fdt_addr, &fit_uname_config)) {
266                                 debug("*  fdt: config '%s' from image at 0x%08lx\n",
267                                       fit_uname_config, fdt_addr);
268                         } else if (fit_parse_subimage(select, default_addr,
269                                    &fdt_addr, &fit_uname_fdt)) {
270                                 debug("*  fdt: subimage '%s' from image at 0x%08lx\n",
271                                       fit_uname_fdt, fdt_addr);
272                         } else
273 #endif
274                         {
275                                 fdt_addr = simple_strtoul(select, NULL, 16);
276                                 debug("*  fdt: cmdline image address = 0x%08lx\n",
277                                       fdt_addr);
278                         }
279 #if defined(CONFIG_FIT)
280                 } else {
281                         /* use FIT configuration provided in first bootm
282                          * command argument
283                          */
284                         fdt_addr = map_to_sysmem(images->fit_hdr_os);
285                         fdt_noffset = fit_get_node_from_config(images,
286                                                                FIT_FDT_PROP,
287                                                                fdt_addr);
288                         if (fdt_noffset == -ENOLINK)
289                                 return 0;
290                         else if (fdt_noffset < 0)
291                                 return 1;
292                 }
293 #endif
294                 debug("## Checking for 'FDT'/'FDT Image' at %08lx\n",
295                       fdt_addr);
296
297                 /* copy from dataflash if needed */
298                 fdt_addr = genimg_get_image(fdt_addr);
299
300                 /*
301                  * Check if there is an FDT image at the
302                  * address provided in the second bootm argument
303                  * check image type, for FIT images get a FIT node.
304                  */
305                 buf = map_sysmem(fdt_addr, 0);
306                 switch (genimg_get_format(buf)) {
307 #if defined(CONFIG_IMAGE_FORMAT_LEGACY)
308                 case IMAGE_FORMAT_LEGACY:
309                         /* verify fdt_addr points to a valid image header */
310                         printf("## Flattened Device Tree from Legacy Image at %08lx\n",
311                                fdt_addr);
312                         fdt_hdr = image_get_fdt(fdt_addr);
313                         if (!fdt_hdr)
314                                 goto no_fdt;
315
316                         /*
317                          * move image data to the load address,
318                          * make sure we don't overwrite initial image
319                          */
320                         image_start = (ulong)fdt_hdr;
321                         image_data = (ulong)image_get_data(fdt_hdr);
322                         image_end = image_get_image_end(fdt_hdr);
323
324                         load = image_get_load(fdt_hdr);
325                         load_end = load + image_get_data_size(fdt_hdr);
326
327                         if (load == image_start ||
328                             load == image_data) {
329                                 fdt_addr = load;
330                                 break;
331                         }
332
333                         if ((load < image_end) && (load_end > image_start)) {
334                                 fdt_error("fdt overwritten");
335                                 goto error;
336                         }
337
338                         debug("   Loading FDT from 0x%08lx to 0x%08lx\n",
339                               image_data, load);
340
341                         memmove((void *)load,
342                                 (void *)image_data,
343                                 image_get_data_size(fdt_hdr));
344
345                         fdt_addr = load;
346                         break;
347 #endif
348                 case IMAGE_FORMAT_FIT:
349                         /*
350                          * This case will catch both: new uImage format
351                          * (libfdt based) and raw FDT blob (also libfdt
352                          * based).
353                          */
354 #if defined(CONFIG_FIT)
355                         /* check FDT blob vs FIT blob */
356                         if (fit_check_format(buf)) {
357                                 ulong load, len;
358
359                                 fdt_noffset = fit_image_load(images,
360                                         fdt_addr, &fit_uname_fdt,
361                                         &fit_uname_config,
362                                         arch, IH_TYPE_FLATDT,
363                                         BOOTSTAGE_ID_FIT_FDT_START,
364                                         FIT_LOAD_OPTIONAL, &load, &len);
365
366                                 images->fit_hdr_fdt = map_sysmem(fdt_addr, 0);
367                                 images->fit_uname_fdt = fit_uname_fdt;
368                                 images->fit_noffset_fdt = fdt_noffset;
369                                 fdt_addr = load;
370                                 break;
371                         } else
372 #endif
373                         {
374                                 /*
375                                  * FDT blob
376                                  */
377                                 debug("*  fdt: raw FDT blob\n");
378                                 printf("## Flattened Device Tree blob at %08lx\n",
379                                        (long)fdt_addr);
380                         }
381                         break;
382                 default:
383                         puts("ERROR: Did not find a cmdline Flattened Device Tree\n");
384                         goto no_fdt;
385                 }
386
387                 printf("   Booting using the fdt blob at %#08lx\n", fdt_addr);
388                 fdt_blob = map_sysmem(fdt_addr, 0);
389         } else if (images->legacy_hdr_valid &&
390                         image_check_type(&images->legacy_hdr_os_copy,
391                                          IH_TYPE_MULTI)) {
392                 ulong fdt_data, fdt_len;
393
394                 /*
395                  * Now check if we have a legacy multi-component image,
396                  * get second entry data start address and len.
397                  */
398                 printf("## Flattened Device Tree from multi component Image at %08lX\n",
399                        (ulong)images->legacy_hdr_os);
400
401                 image_multi_getimg(images->legacy_hdr_os, 2, &fdt_data,
402                                    &fdt_len);
403                 if (fdt_len) {
404                         fdt_blob = (char *)fdt_data;
405                         printf("   Booting using the fdt at 0x%p\n", fdt_blob);
406
407                         if (fdt_check_header(fdt_blob) != 0) {
408                                 fdt_error("image is not a fdt");
409                                 goto error;
410                         }
411
412                         if (fdt_totalsize(fdt_blob) != fdt_len) {
413                                 fdt_error("fdt size != image size");
414                                 goto error;
415                         }
416                 } else {
417                         debug("## No Flattened Device Tree\n");
418                         goto no_fdt;
419                 }
420         } else {
421                 debug("## No Flattened Device Tree\n");
422                 goto no_fdt;
423         }
424
425         *of_flat_tree = fdt_blob;
426         *of_size = fdt_totalsize(fdt_blob);
427         debug("   of_flat_tree at 0x%08lx size 0x%08lx\n",
428               (ulong)*of_flat_tree, *of_size);
429
430         return 0;
431
432 no_fdt:
433         ok_no_fdt = 1;
434 error:
435         *of_flat_tree = NULL;
436         *of_size = 0;
437         if (!select && ok_no_fdt) {
438                 debug("Continuing to boot without FDT\n");
439                 return 0;
440         }
441         return 1;
442 }
443
444 /*
445  * Verify the device tree.
446  *
447  * This function is called after all device tree fix-ups have been enacted,
448  * so that the final device tree can be verified.  The definition of "verified"
449  * is up to the specific implementation.  However, it generally means that the
450  * addresses of some of the devices in the device tree are compared with the
451  * actual addresses at which U-Boot has placed them.
452  *
453  * Returns 1 on success, 0 on failure.  If 0 is returned, U-boot will halt the
454  * boot process.
455  */
456 __weak int ft_verify_fdt(void *fdt)
457 {
458         return 1;
459 }
460
461 __weak int arch_fixup_fdt(void *blob)
462 {
463         return 0;
464 }
465
466 int image_setup_libfdt(bootm_headers_t *images, void *blob,
467                        int of_size, struct lmb *lmb)
468 {
469         ulong *initrd_start = &images->initrd_start;
470         ulong *initrd_end = &images->initrd_end;
471         int ret = -EPERM;
472         int fdt_ret;
473
474         if (fdt_root(blob) < 0) {
475                 printf("ERROR: root node setup failed\n");
476                 goto err;
477         }
478         if (fdt_chosen(blob) < 0) {
479                 printf("ERROR: /chosen node create failed\n");
480                 goto err;
481         }
482         if (arch_fixup_fdt(blob) < 0) {
483                 printf("ERROR: arch-specific fdt fixup failed\n");
484                 goto err;
485         }
486         if (IMAGE_OF_BOARD_SETUP) {
487                 fdt_ret = ft_board_setup(blob, gd->bd);
488                 if (fdt_ret) {
489                         printf("ERROR: board-specific fdt fixup failed: %s\n",
490                                fdt_strerror(fdt_ret));
491                         goto err;
492                 }
493         }
494         if (IMAGE_OF_SYSTEM_SETUP) {
495                 fdt_ret = ft_system_setup(blob, gd->bd);
496                 if (fdt_ret) {
497                         printf("ERROR: system-specific fdt fixup failed: %s\n",
498                                fdt_strerror(fdt_ret));
499                         goto err;
500                 }
501         }
502         fdt_fixup_ethernet(blob);
503
504         /* Delete the old LMB reservation */
505         lmb_free(lmb, (phys_addr_t)(u32)(uintptr_t)blob,
506                  (phys_size_t)fdt_totalsize(blob));
507
508         ret = fdt_shrink_to_minimum(blob);
509         if (ret < 0)
510                 goto err;
511         of_size = ret;
512
513         if (*initrd_start && *initrd_end) {
514                 of_size += FDT_RAMDISK_OVERHEAD;
515                 fdt_set_totalsize(blob, of_size);
516         }
517         /* Create a new LMB reservation */
518         lmb_reserve(lmb, (ulong)blob, of_size);
519
520         fdt_initrd(blob, *initrd_start, *initrd_end);
521         if (!ft_verify_fdt(blob))
522                 goto err;
523
524 #if defined(CONFIG_SOC_KEYSTONE)
525         if (IMAGE_OF_BOARD_SETUP)
526                 ft_board_setup_ex(blob, gd->bd);
527 #endif
528
529         return 0;
530 err:
531         printf(" - must RESET the board to recover.\n\n");
532
533         return ret;
534 }