diff options
| author | Pengpeng Hou <pengpeng@iscas.ac.cn> | 2026-04-03 13:59:47 +0800 |
|---|---|---|
| committer | Rob Herring (Arm) <robh@kernel.org> | 2026-04-13 15:01:26 -0500 |
| commit | b74f2f7fb2bb8c651e322919342aeddf747d69f7 (patch) | |
| tree | 0335504daa8608e1af292647137bfeb12432df5a /drivers | |
| parent | bb04fcc89a889ad7d5e3427cd1afddd924ef691c (diff) | |
| download | lwn-b74f2f7fb2bb8c651e322919342aeddf747d69f7.tar.gz lwn-b74f2f7fb2bb8c651e322919342aeddf747d69f7.zip | |
drivers/of: fdt: validate flat DT string properties before string use
Firmware-supplied flat DT properties are raw byte sequences. Several
early FDT helpers fetch properties such as status, model, compatible,
and device_type and then use them as C strings with strcmp(), strlen(),
or pr_info() without first proving that the property is NUL-terminated
within its declared length.
Use fdt_stringlist_get() for these string properties instead. That
preserves the existing behavior for valid DTBs while rejecting malformed
unterminated properties before they are passed to C string helpers.
Signed-off-by: Pengpeng Hou <pengpeng@iscas.ac.cn>
Link: https://patch.msgid.link/20260403164501.1-drivers-of-fdt-v2-pengpeng@iscas.ac.cn
Signed-off-by: Rob Herring (Arm) <robh@kernel.org>
Diffstat (limited to 'drivers')
| -rw-r--r-- | drivers/of/fdt.c | 38 |
1 files changed, 14 insertions, 24 deletions
diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c index 9e4131f0e9b2..becc855ff8b5 100644 --- a/drivers/of/fdt.c +++ b/drivers/of/fdt.c @@ -68,7 +68,7 @@ void __init of_fdt_limit_memory(int limit) bool of_fdt_device_is_available(const void *blob, unsigned long node) { - const char *status = fdt_getprop(blob, node, "status", NULL); + const char *status = fdt_stringlist_get(blob, node, "status", 0, NULL); if (!status) return true; @@ -677,22 +677,15 @@ void __init of_flat_dt_read_addr_size(const __be32 *prop, int entry_index, * specific compatible values. */ static int of_fdt_is_compatible(const void *blob, - unsigned long node, const char *compat) + unsigned long node, const char *compat) { const char *cp; - int cplen; - unsigned long l, score = 0; + int idx = 0, score = 0; - cp = fdt_getprop(blob, node, "compatible", &cplen); - if (cp == NULL) - return 0; - while (cplen > 0) { + while ((cp = fdt_stringlist_get(blob, node, "compatible", idx++, NULL))) { score++; if (of_compat_cmp(cp, compat, strlen(compat)) == 0) return score; - l = strlen(cp) + 1; - cp += l; - cplen -= l; } return 0; @@ -741,9 +734,10 @@ const char * __init of_flat_dt_get_machine_name(void) const char *name; unsigned long dt_root = of_get_flat_dt_root(); - name = of_get_flat_dt_prop(dt_root, "model", NULL); + name = fdt_stringlist_get(initial_boot_params, dt_root, "model", 0, NULL); if (!name) - name = of_get_flat_dt_prop(dt_root, "compatible", NULL); + name = fdt_stringlist_get(initial_boot_params, dt_root, + "compatible", 0, NULL); return name; } @@ -775,19 +769,14 @@ const void * __init of_flat_dt_match_machine(const void *default_match, } if (!best_data) { const char *prop; - int size; + int idx = 0, size; pr_err("\n unrecognized device tree list:\n[ "); - prop = of_get_flat_dt_prop(dt_root, "compatible", &size); - if (prop) { - while (size > 0) { - printk("'%s' ", prop); - size -= strlen(prop) + 1; - prop += strlen(prop) + 1; - } - } - printk("]\n\n"); + while ((prop = fdt_stringlist_get(initial_boot_params, dt_root, + "compatible", idx++, &size))) + pr_err("'%s' ", prop); + pr_err("]\n\n"); return NULL; } @@ -1032,7 +1021,8 @@ int __init early_init_dt_scan_memory(void) const void *fdt = initial_boot_params; fdt_for_each_subnode(node, fdt, 0) { - const char *type = of_get_flat_dt_prop(node, "device_type", NULL); + const char *type = fdt_stringlist_get(fdt, node, + "device_type", 0, NULL); const __be32 *reg; int i, l; bool hotpluggable; |