@mynodes is set to NULL when __unflatten_device_tree() is called
to unflatten device sub-tree in PCI hot add scenario on PowerPC
PowerNV platform. Marking @mynodes detached unconditionally causes
kernel crash as below backtrace shows:

Unable to handle kernel paging request for data at address 0x00000000
Faulting instruction address: 0xc000000000b26f64
cpu 0x0: Vector: 300 (Data Access) at [c000003fcc7cf740]
    pc: c000000000b26f64: __unflatten_device_tree+0xf4/0x190
    lr: c000000000b26f40: __unflatten_device_tree+0xd0/0x190
    sp: c000003fcc7cf9c0
   msr: 900000000280b033
   dar: 0
 dsisr: 40000000
  current = 0xc000003fcc281680
  paca    = 0xc00000000ff00000	 softe: 0	 irq_happened: 0x01
    pid   = 2724, comm = sh
Linux version 4.7.0-gavin-07754-g92a6836 (gwshan@gwshan) (gcc version \
4.9.3 (Buildroot 2016.02-rc2-00093-g5ea3bce) ) #539 SMP Mon Aug 1 \
12:40:29 AEST 2016
enter ? for help
[c000003fcc7cfa50] c000000000b27060 of_fdt_unflatten_tree+0x60/0x90
[c000003fcc7cfaa0] c0000000004c6288 pnv_php_set_slot_power_state+0x118/0x440
[c000003fcc7cfb80] c0000000004c6a10 pnv_php_enable+0xc0/0x170
[c000003fcc7cfbd0] c0000000004c4d80 power_write_file+0xa0/0x190
[c000003fcc7cfc50] c0000000004be93c pci_slot_attr_store+0x3c/0x60
[c000003fcc7cfc70] c0000000002d3fd4 sysfs_kf_write+0x94/0xc0
[c000003fcc7cfcb0] c0000000002d2c30 kernfs_fop_write+0x180/0x260
[c000003fcc7cfd00] c000000000230fe0 __vfs_write+0x40/0x190
[c000003fcc7cfd90] c000000000232278 vfs_write+0xc8/0x240
[c000003fcc7cfde0] c000000000233d90 SyS_write+0x60/0x110
[c000003fcc7cfe30] c000000000009524 system_call+0x38/0x108

This avoids the kernel crash by marking @mynodes detached only when
@mynodes is dereferencing valid device node in __unflatten_device_tree().

Fixes: 1d1bde55 ("of: fdt: mark unflattened tree as detached")
Reported-by: NMeng Li <shlimeng@cn.ibm.com>
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Signed-off-by: NRob Herring <robh@kernel.org>

The tree returned from of_fdt_unflatten_tree cannot be attached to the
live tree because it is not marked as detached so mark it as such. The
dt resolver checks the flag and refuses to process the tree otherwise.
Signed-off-by: NMichal Suchanek <hramrach@gmail.com>
Signed-off-by: NRob Herring <robh@kernel.org>

Clean-up all the DT printk functions to use common pr_fmt prefix.

Some print statements such as kmalloc errors were redundant, so just
drop those.

Cc: Frank Rowand <frowand.list@gmail.com>
Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Reviewed-by: NFrank Rowand <frank.rowand@am.sony.com>
Signed-off-by: NRob Herring <robh@kernel.org>

Sometimes it needs to check if there is a subnode of given node in FDT
by given name. Introduce this helper to get the subnode if it exists.

CC: Rob Herring <robh@kernel.org>
Signed-off-by: NShannon Zhao <shannon.zhao@linaro.org>
Acked-by: NStefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: NRob Herring <robh@kernel.org>
Tested-by: NJulien Grall <julien.grall@arm.com>

The function is unflattening device sub-tree blob if @dad passed to
the function is valid. Currently, this functionality is used by PPC
PowerNV PCI hotplug driver only. There are possibly multiple nodes
in the first level of depth, fdt_next_node() bails immediately when
@depth becomes negative before the second device node can be probed
successfully. It leads to the device nodes except the first one won't
be unflattened successfully.

This fixes the issue by setting the initial depth (@inital_depth) to
1 when this function is called to unflatten device sub-tree blob. No
logic changes when this function is used to unflatten non-sub-tree
blob.

Cc: Rhyland Klein <rklein@nvidia.com>
Fixes: 78c44d91 ("drivers/of: Fix depth when unflattening devicetree")
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Tested-by: NRhyland Klein <rklein@nvidia.com>
Tested-by: NAndrew Donnellan <andrew.donnellan@au1.ibm.com>
Signed-off-by: NRob Herring <robh@kernel.org>

Function populate_node() is used to unflatten FDT blob to device
tree. It supports maximal 64 level of device nodes. There is one
array @fpsizes[64] tracking the full name length of last unflattened
device node in the corresponding level (index of element in the
array - 1). Build warning is seen with CONFIG_FRAME_WARN=1024 like
below on ARM64 as Geert reported. The issue can be reproduced on
PPC64 as well.

  $ make drivers/of/fdt.o
  drivers/of/fdt.c:443:1: warning: the frame size of 1136 bytes is \
  larger than 1024 bytes [-Wframe-larger-than=]

This changes the data type of @fpsizes[i] from "unsigned long" to
"unsigned int" to avoid the build warning. The return value type
of populate_node() and its @fpsize argument is adjusted accordingly.
With this applied, 256 bytes saved from the stack frame on ARM64 and
PPC64 platforms and the above warning isn't seen.

Fixes: 50800082 ("drivers/of: Avoid recursively calling unflatten_dt_node()")
Reported-by: NGeert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Signed-off-by: NRob Herring <robh@kernel.org>

When the implementation for unflatten_dt_node() changed from being
recursive to being non-recursive, it had a side effect of increasing the
depth passed to fdt_next_node() by 1. This is fine most of the time, but
it seems that when the end of the dtb is being parsed, it will cause the
FDT_END condition in fdt_next_node() to return a different value
(returning nextoffset instead of -FDT_ERR_NOTFOUND). This ends up passing
an FDT_ERR_TRUNCATED error back to the unflatten_dt_node() which then
sees that and complains "Error -8 processing FDT" causing boot to fail.

This patch simply avoids incrementing depth and uses modified accesses
for local array indices so that the depth is the same as it was before
the change as far as fdt_next_node() is concerned.

This problem was discovered trying to boot Tegra210-Smaug platforms.

Fixes: 50800082 ("drivers/of: Avoid recursively calling unflatten_dt_node()")
Signed-off-by: NRhyland Klein <rklein@nvidia.com>
[robh: squashed in KASAN fix from Rhyland]
Signed-off-by: NRob Herring <robh@kernel.org>

This returns the allocate memory chunk, storing the unflattened device
tree, from of_fdt_unflatten_tree() so that memory chunk can be released
on demand in PowerNV PCI hotplug driver.
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NRob Herring <robh@kernel.org>

This adds one more argument to of_fdt_unflatten_tree() to specify
the parent node of the FDT blob that is going to be unflattened.
In the result, the function can be used to unflatten FDT blob that
represents device sub-tree in PowerNV PCI hotplug driver.

Cc: Jyri Sarha <jsarha@ti.com>
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: NRob Herring <robh@kernel.org>
Acked-by: NJyri Sarha <jsarha@ti.com>
Signed-off-by: NRob Herring <robh@kernel.org>

This renames unflatten_dt_node() to unflatten_dt_nodes() as it
populates multiple device nodes from FDT blob. No logical changes
introduced.
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NRob Herring <robh@kernel.org>

In current implementation, unflatten_dt_node() is called recursively
to unflatten device nodes in FDT blob. It's stress to limited stack
capacity, especially to adopt the function to unflatten device sub-tree
that possibly has multiple root nodes. In that case, we runs out of
stack and the system can't boot up successfully.

In order to reuse the function to unflatten device sub-tree, this avoids
calling the function recursively, meaning the device nodes are unflattened
in one call on unflatten_dt_node(): two arrays are introduced to track the
parent path size and the device node of current level of depth, which will
be used by the device node on next level of depth to be unflattened. All
device nodes in more than 64 level of depth are dropped and hopefully,
the system can boot up successfully with the partial device-tree.

Also, the parameter "poffset" and "fpsize" are unused and dropped and the
parameter "dryrun" is figured out from "mem == NULL". Besides, the return
value of the function is changed to indicate the size of memory consumed by
the unflatten device tree or error code.
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NRob Herring <robh@kernel.org>

The function unflatten_dt_node() is called recursively to unflatten
device nodes and properties in the FDT blob. It looks complicated
and hard to be understood.

This splits the function into 3 functions: populate_properties(),
populate_node() and unflatten_dt_node(). populate_properties(),
which is called by populate_node(), creates properties for the
indicated device node. The later one creates the device nodes
from FDT blob. populate_node() gets the offset in FDT blob for
next device nodes and then calls populate_node(). No logical
changes introduced.
Signed-off-by: NGavin Shan <gwshan@linux.vnet.ibm.com>
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NRob Herring <robh@kernel.org>

On arm CONFIG_CMDLINE_EXTEND does not append build-in
cmdline in kernel to U-boot parameters. Fix it here.
Theoretically this patch should repair kdump work where
it adds elfcorehdr= and memmap additional parameters
to second kernel.
Signed-off-by: NMax Uvarov <muvarov@gmail.com>
Signed-off-by: NRob Herring <robh@kernel.org>

Since architectures may not yet have their linear mapping up and running
when the initrd address is discovered from the DT, factor out the
assignment of initrd_start and initrd_end, so that an architecture can
override it and use the translation it needs.
Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NCatalin Marinas <catalin.marinas@arm.com>

By default, early_init_dt_add_memory_arch() ignores memory below
the base of the kernel image since it won't be addressable via the
linear mapping. However, this is not appropriate anymore once we
decouple the kernel text mapping from the linear mapping, so archs
may want to drop the low limit entirely. So allow the minimum to be
overridden by setting MIN_MEMBLOCK_ADDR.
Acked-by: NMark Rutland <mark.rutland@arm.com>
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: NCatalin Marinas <catalin.marinas@arm.com>

Earlycon may fail to initialize for a variety of reasons, most of
which log the default early param message. If the stdout-path node is
not found, log the path which was not found (and suppress the
default early param message).
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Cleanup the early DT/earlycon separation; remove the 'addr' parameter
from of_setup_earlycon() and get the uart phys addr directly with a
new wrapper function, of_flat_dt_translate_addr(). Limit
fdt_translate_address() to file scope.
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Read the optional "reg-offset", "reg-shift", "reg-io-width" and endianness
properties and initialize the respective struct uart_port field if found.

NB: These bindings are common to several drivers and the values merely
indicate the default value; the registering earlycon setup() method can
simply override the values if required.
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Pass-through any options string in the 'stdout-path' property to the
earlycon "driver" setup.
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Use the console name embedded in the OF earlycon table by the
OF_EARLYCON_DECLARE() macro to initialize the struct console 'name'
and 'index' fields.
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

Use a single common table of struct earlycon_id for both command line
and devicetree. Re-define OF_EARLYCON_DECLARE() macro to instance a
unique earlycon declaration (the declaration is only guaranteed to be
unique within a compilation unit; separate compilation units must still
use unique earlycon names).

The semantics of OF_EARLYCON_DECLARE() is different; it declares an
earlycon which can matched either on the command line or by devicetree.
EARLYCON_DECLARE() is semantically unchanged; it declares an earlycon
which is matched by command line only. Remove redundant instances of
EARLYCON_DECLARE().

This enables all earlycons to properly initialize struct console
with the appropriate name and index, which improves diagnostics and
enables direct earlycon-to-console handoff.
Acked-by: NRob Herring <robh@kernel.org>
Signed-off-by: NPeter Hurley <peter@hurleysoftware.com>
Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>

__unflatten_device_tree() calls unflatten_dt_node(), which declares
a static variable. It is therefore not reentrant.

One of the callers of __unflatten_device_tree(), unflatten_device_tree(),
is only called once during early initialization and does not need to be
protected. The other caller, of_fdt_unflatten_tree(), can be called at
any time, possibly multiple times in parallel. This can happen, for
example, if multiple devicetree overlays have to be loaded and installed.

Without this protection, errors such as the following may be seen.

kernel: End of tree marker overwritten: e6a3a458
kernel: find_target_node:
	Failed to find target-indirect node at /fragment@0
kernel: __of_overlay_create: of_build_overlay_info() failed for tree@/

Add a mutex to of_fdt_unflatten_tree() to make the call reentrant.

Cc: Pantelis Antoniou <pantelis.antoniou@konsulko.com>
Signed-off-by: NGuenter Roeck <linux@roeck-us.net>
Cc: stable@vger.kernel.org # v4.1+
Signed-off-by: NRob Herring <robh@kernel.org>

Signed-off-by: NDmitry V. Krivenok <krivenok.dmitry@gmail.com>
Signed-off-by: NRob Herring <robh@kernel.org>

no need to initialise static variable with 0, hence correcting it.
Signed-off-by: NSaurabh Sengar <saurabh.truth@gmail.com>
Signed-off-by: NRob Herring <robh@kernel.org>

fdt_translate_address() returns OF_BAD_ADDR on error.  It is defined as
a u64 value, so the variable "addr" should be defined as u64 as well.

Fixes: fb11ffe7 ("of/fdt: add FDT serial scanning for earlycon")
Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: NRob Herring <robh@kernel.org>

Many boards use an alias in the stdout-path specification along
with console options after a colon (e.g. serial0:115200n8). When
using earlycon, this specification currently does not work. While
fdt_path_offset supports alias resolution, it does not remove the
console options by itself. Use the fdt_path_offset_namelen variant
and provide the length of the alias to enable aliases with console
options in the stdout-path.
Signed-off-by: NStefan Agner <stefan@agner.ch>
Signed-off-by: NRob Herring <robh@kernel.org>

When parsing the memory nodes to populate the memblock memory
table, we check against high and low limits and clip any memory
that exceeds either one of them.

However, for arm64, the high limit of (phys_addr_t)~0 is not very
meaningful, since phys_addr_t is 64 bits (i.e., no limit) but there
may be other constraints that limit the memory ranges that we can
support.

So rename MAX_PHYS_ADDR to MAX_MEMBLOCK_ADDR (for clarity) and only
define it if the arch does not supply a definition of its own.
Acked-by: NRob Herring <robh@kernel.org>
Reviewed-by: NCatalin Marinas <catalin.marinas@arm.com>
Tested-by: NStuart Yoder <stuart.yoder@freescale.com>
Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: NWill Deacon <will.deacon@arm.com>

With the addition of commit 0166dc11 (of: make CONFIG_OF user
selectable), architectures which don't enable memblock and don't
have their own early_init_dt_*_memory_arch implementations will break
when CONFIG_OF is enabled.

Really, we should have better separation of CONFIG_OF and
CONFIG_OF_EARLY_FLATTREE, but doing that will require quite a bit of
shuffling of architecture code. That will have to wait for another day.
Signed-off-by: NRob Herring <robh@kernel.org>
Cc: Grant Likely <grant.likely@linaro.org>

Match the name of the third argument in the comment block
to the actual function: p -> poffset

Add missing comments about the arguments "nodepp" and "dryrun".
Signed-off-by: NMasahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: NGrant Likely <grant.likely@linaro.org>

This splits off the reservation of the memory occupied by the FDT
binary itself from the processing of the memory reservations it
contains. This is necessary because the physical address of the FDT,
which is needed to perform the reservation, may not be known to the
FDT driver core, i.e., it may be mapped outside the linear direct
mapping, in which case __pa() returns a bogus value.

Cc: Russell King <linux@arm.linux.org.uk>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Acked-by: NRob Herring <robh@kernel.org>
Acked-by: NMark Rutland <mark.rutland@arm.com>
Acked-by: NCatalin Marinas <catalin.marinas@arm.com>
Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: NCatalin Marinas <catalin.marinas@arm.com>

Operations to unflatten fdt blobs never modify the input blobs, hence
make them const. Now we no longer need to cast arbitrary const data to
"void *" when calling of_fdt_unflatten_tree().
Signed-off-by: NGeert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: NRob Herring <robh@kernel.org>

The allocation size of device node path is off by one which drops the
'\0' terminator.
Signed-off-by: NRicky Liang <jcliang@chromium.org>
Signed-off-by: NRob Herring <robh@kernel.org>

Provide a libfdt-based equivalent for of_device_is_big_endian(), suitable
for use in the early_init_* functions.
Signed-off-by: NKevin Cernekee <cernekee@gmail.com>
Reviewed-by: NPeter Hurley <peter@hurleysoftware.com>
Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: NRob Herring <robh@kernel.org>

Commit 51975db0 ("of/flattree: merge early_init_dt_scan_memory()
common code") consolidated some code from PowerPC (typically
big-endian), and ended-up adding a pr_debug() printing reg properties in
big-endian (DT native) format, not CPU endian.

This debug print suffers from two problems:
- we only print 4 "reg" values, while there could be more on typical
  systems having multiple memory ranges
- we print these 4 "reg" values in FDT endianess, that is big-endian,
  and these values could be confusing for little-endian configurations

Since we are already printing the base address and size of the memory
regions parsed by early_init_dt_scan_memory() later in a way that is
both endian correct, and takes into account arbitrary number of memory
banks, just remove that part of the debug print.
Suggested-by: NFrank Rowand <frowand.list@gmail.com>
Signed-off-by: NFlorian Fainelli <f.fainelli@gmail.com>
Signed-off-by: NRob Herring <robh@kernel.org>

this patch fixes following sparse warning:

fdt.c:765:12: warning: symbol 'early_init_dt_scan_chosen_serial' was not declared. Should it be static?
Signed-off-by: NLad, Prabhakar <prabhakar.csengg@gmail.com>
Signed-off-by: NRob Herring <robh@kernel.org>

The ->next pointer in struct device_node is a hanger-on from when it was
used to iterate over the whole tree by a particular device_type property
value. Those days are long over, but the fdt unflattening code still
uses it to put nodes in the unflattened tree into the same order as node
in the flat tree. By reworking the unflattening code to reverse the list
after unflattening all the children of a node, the pointer can be
dropped which gives a small amount of memory savings.
Signed-off-by: NGrant Likely <grant.likely@linaro.org>
Acked-by: NFrank Rowand <frank.rowand@sonymobile.com>
Cc: Gaurav Minocha <gaurav.minocha.os@gmail.com>

memblock_is_region_reserved() returns true in the case of a partial
overlap, meaning that the current code fails to reserve the
non-overlapping portion.

This call was introduced as part of d1552ce4 "of/fdt: move
memreserve and dtb memory reservations into core" which went into
v3.16.

I observed this causing a Midway system with a buggy fdt (the header
declares itself to be larger than it really is) failing to boot
because the over-inflated size of the fdt was causing it to seem to
run into the swapper_pg_dir region, meaning the DT wasn't reserved.
The symptoms were failing to find an disks or network and failing to
boot.

However given the ambiguity of whether things like the initrd are
covered by /memreserve/ and similar I think it is best to also
register the region rather than just ignoring it.

Since memblock_reserve() handles overlaps just fine lets just warn and
carry on.
Signed-off-by: NIan Campbell <ian.campbell@citrix.com>
Signed-off-by: NGrant Likely <grant.likely@linaro.org>
Cc: Rob Herring <robh+dt@kernel.org>
Cc: stable@vger.kernel.org # v3.16+

Create a new /sys entry '/sys/firmware/fdt' to export the FDT blob
that was passed to the kernel by the bootloader. This allows userland
applications such as kexec to access the raw binary.

The fact that this node does not reside under /sys/firmware/device-tree
is deliberate: FDT is also used on arm64 UEFI/ACPI systems to
communicate just the UEFI and ACPI entry points, but the FDT is never
unflattened and used to configure the system.

A CRC32 checksum is calculated over the entire FDT blob, and verified
at late_initcall time. The sysfs entry is instantiated only if the
checksum is valid, i.e., if the FDT blob has not been modified in the
mean time. Otherwise, a warning is printed.
Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: NGrant Likely <grant.likely@linaro.org>

__earlycon_of_table_sentinel.compatible is a char[128], not a pointer, so
it will never be NULL.  Checking it against NULL causes the match loop to
run past the end of the array, and eventually match a bogus entry, under
the following conditions:

 - Kernel command line specifies "earlycon" with no parameters
 - DT has a stdout-path pointing to a UART node
 - The UART driver doesn't use OF_EARLYCON_DECLARE (or maybe the console
   driver is compiled out)

Fix this by checking to see if match->compatible is a non-empty string.
Signed-off-by: NKevin Cernekee <cernekee@gmail.com>
Cc: <stable@vger.kernel.org> # 3.16+
Signed-off-by: NRob Herring <robh@kernel.org>

Memory regions passed to early_init_dt_add_memory_arch() are rounded to
PAGE_SIZE by subtracting the size of the leading fractional page from
the 'size' argument. However, size being a u64 type, if its value is
sufficiently small, the subtraction wraps around and produces a bogus
value, potentially leading to crashes.

Fix this by ignoring the memory range in such cases.
Signed-off-by: NArd Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: NGrant Likely <grant.likely@linaro.org>