@@ -2071,6 +2071,9 @@ int unflatten_device_tree(const void *fdt, struct dt_device_node **mynodes)
/* First pass, scan for size */
start = ((unsigned long)fdt) + fdt_off_dt_struct(fdt);
size = unflatten_dt_node(fdt, 0, &start, NULL, NULL, 0);
+ if ( !size )
+ return -EINVAL;
+
size = (size | 3) + 1;
dt_dprintk(" size is %#lx allocating...\n", size);
@@ -2088,11 +2091,19 @@ int unflatten_device_tree(const void *fdt, struct dt_device_node **mynodes)
start = ((unsigned long)fdt) + fdt_off_dt_struct(fdt);
unflatten_dt_node(fdt, mem, &start, NULL, &allnextp, 0);
if ( be32_to_cpup((__be32 *)start) != FDT_END )
- printk(XENLOG_WARNING "Weird tag at end of tree: %08x\n",
+ {
+ printk(XENLOG_ERR "Weird tag at end of tree: %08x\n",
*((u32 *)start));
+ return -EINVAL;
+ }
+
if ( be32_to_cpu(((__be32 *)mem)[size / 4]) != 0xdeadbeef )
- printk(XENLOG_WARNING "End of tree marker overwritten: %08x\n",
+ {
+ printk(XENLOG_ERR "End of tree marker overwritten: %08x\n",
be32_to_cpu(((__be32 *)mem)[size / 4]));
+ return -EINVAL;
+ }
+
*allnextp = NULL;
dt_dprintk(" <- unflatten_device_tree()\n");
This will be useful in dynamic node programming when new dt nodes are unflatten during runtime. Invalid device tree node related errors should be propagated back to the caller. Signed-off-by: Vikram Garhwal <vikram.garhwal@amd.com> --- xen/common/device_tree.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-)