From 9d9bec216d4207b3f3336eda2ca2ba73698574cb Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:17 -0600 Subject: [PATCH 01/19] sandbox: net: Ensure host name is always a valid string At present if ifname is exactly IFNAMSIZ characters then it will result in an unterminated string. Fix this by using strlcpy() instead. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 316358) Acked-by: Ramon Fried --- drivers/net/sandbox-raw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/sandbox-raw.c b/drivers/net/sandbox-raw.c index ce66ff781ff..99eb7a3bbff 100644 --- a/drivers/net/sandbox-raw.c +++ b/drivers/net/sandbox-raw.c @@ -161,7 +161,7 @@ static int sb_eth_raw_of_to_plat(struct udevice *dev) ifname = dev_read_string(dev, "host-raw-interface"); if (ifname) { - strncpy(priv->host_ifname, ifname, IFNAMSIZ); + strlcpy(priv->host_ifname, ifname, IFNAMSIZ); printf(": Using %s from DT\n", priv->host_ifname); } if (dev_read_u32(dev, "host-raw-interface-idx", From 92598bdbaef2c73566cd4a4ba8bd40889b0848ce Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:18 -0600 Subject: [PATCH 02/19] video: Check return value in pwm_backlight_of_to_plat() This cannot actually fail, but check the value anyway to keep coverity happy. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 316351) --- drivers/video/pwm_backlight.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/video/pwm_backlight.c b/drivers/video/pwm_backlight.c index 4c86215bd73..d7c096923b3 100644 --- a/drivers/video/pwm_backlight.c +++ b/drivers/video/pwm_backlight.c @@ -235,8 +235,10 @@ static int pwm_backlight_of_to_plat(struct udevice *dev) priv->levels = malloc(len); if (!priv->levels) return log_ret(-ENOMEM); - dev_read_u32_array(dev, "brightness-levels", priv->levels, - count); + ret = dev_read_u32_array(dev, "brightness-levels", priv->levels, + count); + if (ret) + return log_msg_ret("levels", ret); priv->num_levels = count; priv->default_level = priv->levels[index]; priv->max_level = priv->levels[count - 1]; From ff0494c120be86bb442718f46eac06654d67a5bb Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:19 -0600 Subject: [PATCH 03/19] test: Rename final check in setexpr_test_backref() The bug in setexpr is fixed now, so this test can be enabled. Reported-by: Coverity (CID: 316346) Signed-off-by: Simon Glass --- test/cmd/setexpr.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/test/cmd/setexpr.c b/test/cmd/setexpr.c index c537e893538..08b6e6e7243 100644 --- a/test/cmd/setexpr.c +++ b/test/cmd/setexpr.c @@ -270,8 +270,6 @@ static int setexpr_test_backref(struct unit_test_state *uts) ut_asserteq_str("us this is surely! a test is it? yes us this is indeed! a test", buf); - /* The following checks fail at present due to a bug in setexpr */ - return 0; for (i = BUF_SIZE; i < 0x1000; i++) { ut_assertf(buf[i] == (char)i, "buf byte at %x should be %02x, got %02x)\n", From 7f0f4e1825d1cbc64f6f8cba17f6deb7282acb2b Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:20 -0600 Subject: [PATCH 04/19] tools: Avoid showing return value of clock_gettime() This value is either 0 for success or -1 for error. Coverity reports that "ret" is passed to a parameter that cannot be negative, pointing to the condition 'if (ret < 0)'. Adjust it to just check for non-zero and avoid showing -1 in the error message, which is pointless. Perhaps these changes will molify Coverity. Reported-by: Coverity (CID: 312956) Signed-off-by: Simon Glass --- tools/image-host.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tools/image-host.c b/tools/image-host.c index 73095461a79..d3a882ec291 100644 --- a/tools/image-host.c +++ b/tools/image-host.c @@ -329,7 +329,7 @@ static int get_random_data(void *data, int size) { unsigned char *tmp = data; struct timespec date; - int i, ret = 0; + int i, ret; if (!tmp) { printf("%s: pointer data is NULL\n", __func__); @@ -338,9 +338,9 @@ static int get_random_data(void *data, int size) } ret = clock_gettime(CLOCK_MONOTONIC, &date); - if (ret < 0) { - printf("%s: clock_gettime has failed (err=%d, str=%s)\n", - __func__, ret, strerror(errno)); + if (ret) { + printf("%s: clock_gettime has failed (%s)\n", __func__, + strerror(errno)); goto out; } From ca4c24509c60cfc95563d25b482cfed3789aca59 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:21 -0600 Subject: [PATCH 05/19] reset: Avoid a warning in devm_reset_bulk_get_by_node() The devres_alloc() function is intended to avoid the need for freeing memory, although in practice it may not be enabled, thus leading to a true leak. Nevertheless this is intended. Add a comment to explain this. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 312952) --- drivers/reset/reset-uclass.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/reset/reset-uclass.c b/drivers/reset/reset-uclass.c index 8caa616ed9f..c09c009130d 100644 --- a/drivers/reset/reset-uclass.c +++ b/drivers/reset/reset-uclass.c @@ -325,6 +325,8 @@ struct reset_ctl_bulk *devm_reset_bulk_get_by_node(struct udevice *dev, bulk = devres_alloc(devm_reset_bulk_release, sizeof(struct reset_ctl_bulk), __GFP_ZERO); + + /* this looks like a leak, but devres takes care of it */ if (unlikely(!bulk)) return ERR_PTR(-ENOMEM); From 37e79ee0e8f93674a6247cf5c973920f18fd3578 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:22 -0600 Subject: [PATCH 06/19] reset: Avoid a warning in devm_regmap_init() The devres_alloc() function is intended to avoid the need for freeing memory, although in practice it may not be enabled, thus leading to a true leak. Nevertheless this is intended. Add a comment. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 312951) --- drivers/core/regmap.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/core/regmap.c b/drivers/core/regmap.c index 3206f3d1128..5f98f85cfce 100644 --- a/drivers/core/regmap.c +++ b/drivers/core/regmap.c @@ -293,6 +293,7 @@ struct regmap *devm_regmap_init(struct udevice *dev, int rc; struct regmap **mapp, *map; + /* this looks like a leak, but devres takes care of it */ mapp = devres_alloc(devm_regmap_release, sizeof(struct regmap *), __GFP_ZERO); if (unlikely(!mapp)) From 9dec2c1f03922977725d14ebc89fdc05b1f32511 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:24 -0600 Subject: [PATCH 07/19] dm: core: Check uclass_get() return value when dumping Update dm_dump_drivers() to use the return value from uclass_get() to check the validity of uc. This is equivalent and should be more attractive to Coverity. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 316601) --- drivers/core/dump.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/core/dump.c b/drivers/core/dump.c index f8afea30a93..f2f9cacc56c 100644 --- a/drivers/core/dump.c +++ b/drivers/core/dump.c @@ -130,18 +130,19 @@ void dm_dump_drivers(void) struct driver *entry; struct udevice *udev; struct uclass *uc; + int ret; int i; puts("Driver uid uclass Devices\n"); puts("----------------------------------------------------------\n"); for (entry = d; entry < d + n_ents; entry++) { - uclass_get(entry->id, &uc); + ret = uclass_get(entry->id, &uc); printf("%-25.25s %-3.3d %-20.20s ", entry->name, entry->id, - uc ? uc->uc_drv->name : ""); + !ret ? uc->uc_drv->name : ""); - if (!uc) { + if (ret) { puts("\n"); continue; } From 15dd815c75d8d88816231e5e52b03835210cc93e Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:26 -0600 Subject: [PATCH 08/19] sandbox: cros_ec: Update error handling when reading matrix At present the return value of ofnode_get_property() is not checked, which causes a coverity warning. While we are here, use logging for the errors. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 331157) --- drivers/misc/cros_ec_sandbox.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/drivers/misc/cros_ec_sandbox.c b/drivers/misc/cros_ec_sandbox.c index db5e3b0f51a..beea47caa33 100644 --- a/drivers/misc/cros_ec_sandbox.c +++ b/drivers/misc/cros_ec_sandbox.c @@ -5,6 +5,8 @@ * Copyright (c) 2013 The Chromium OS Authors. */ +#define LOG_CATEGORY UCLASS_CROS_EC + #include #include #include @@ -221,11 +223,12 @@ static int keyscan_read_fdt_matrix(struct ec_state *ec, ofnode node) int len; cell = ofnode_get_property(node, "linux,keymap", &len); + if (!cell) + return log_msg_ret("prop", -EINVAL); ec->matrix_count = len / 4; ec->matrix = calloc(ec->matrix_count, sizeof(*ec->matrix)); if (!ec->matrix) { - debug("%s: Out of memory for key matrix\n", __func__); - return -1; + return log_msg_ret("mem", -ENOMEM); } /* Now read the data */ @@ -243,13 +246,12 @@ static int keyscan_read_fdt_matrix(struct ec_state *ec, ofnode node) matrix->col >= KEYBOARD_COLS) { debug("%s: Matrix pos out of range (%d,%d)\n", __func__, matrix->row, matrix->col); - return -1; + return log_msg_ret("matrix", -ERANGE); } } if (upto != ec->matrix_count) { - debug("%s: Read mismatch from key matrix\n", __func__); - return -1; + return log_msg_ret("matrix", -E2BIG); } return 0; From 99eaf1fcaa260dceea25ed25830498abf70f0728 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:27 -0600 Subject: [PATCH 09/19] cbfs: Check offset range when reading a file Add a check that the offset is within the allowed range. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 331155) --- fs/cbfs/cbfs.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/cbfs/cbfs.c b/fs/cbfs/cbfs.c index 415ea28b871..3e905c74e58 100644 --- a/fs/cbfs/cbfs.c +++ b/fs/cbfs/cbfs.c @@ -167,6 +167,8 @@ static int file_cbfs_next_file(struct cbfs_priv *priv, void *start, int size, } swap_file_header(&header, file_header); + if (header.offset >= size) + return log_msg_ret("range", -E2BIG); ret = fill_node(node, start, &header); if (ret) { priv->result = CBFS_BAD_FILE; From 4d159b6f84abeaacb346cfd14a3b0c6fb86f43f9 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:28 -0600 Subject: [PATCH 10/19] pinctrl: Avoid coverity warning when checking width The width is set up in single_of_to_plat() and can only have three values, all of which result in a non-zero divisor. Add a comment. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 331154) --- drivers/pinctrl/pinctrl-single.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/pinctrl/pinctrl-single.c b/drivers/pinctrl/pinctrl-single.c index 7af6c5f0b03..cf9ad3670f6 100644 --- a/drivers/pinctrl/pinctrl-single.c +++ b/drivers/pinctrl/pinctrl-single.c @@ -471,6 +471,7 @@ static int single_probe(struct udevice *dev) return -ENOMEM; #endif + /* looks like a possible divide by 0, but data->width avoids this */ priv->npins = size / (pdata->width / BITS_PER_BYTE); if (pdata->bits_per_mux) { if (!pdata->mask) { From fdfae3727ce2d862c5b7d98106c987202d190712 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:29 -0600 Subject: [PATCH 11/19] tpm: Check outgoing command size In tpm_sendrecv_command() the command buffer is passed in. If a mistake is somehow made in setting this up, the size could be out of range. Add a sanity check for this. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 331152) --- lib/tpm-common.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/tpm-common.c b/lib/tpm-common.c index 4277846fdd0..82ffdc5341b 100644 --- a/lib/tpm-common.c +++ b/lib/tpm-common.c @@ -176,6 +176,11 @@ u32 tpm_sendrecv_command(struct udevice *dev, const void *command, } size = tpm_command_size(command); + + /* sanity check, which also helps coverity */ + if (size > COMMAND_BUFFER_SIZE) + return log_msg_ret("size", -E2BIG); + log_debug("TPM request [size:%d]: ", size); for (i = 0; i < size; i++) log_debug("%02x ", ((u8 *)command)[i]); From 9a72bea6cbb14f196acc6422d6f5b1eefb590a61 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:30 -0600 Subject: [PATCH 12/19] sandbox: Silence coverity warning in state_read_file() In this case the value seems save to pass to os_free(). Add a comment. Signed-off-by: Simon Glass Reported-by: Coverity (CID: 165109) --- arch/sandbox/cpu/state.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/sandbox/cpu/state.c b/arch/sandbox/cpu/state.c index f63cfd38ee4..a4d99bade41 100644 --- a/arch/sandbox/cpu/state.c +++ b/arch/sandbox/cpu/state.c @@ -78,6 +78,10 @@ static int state_read_file(struct sandbox_state *state, const char *fname) err_read: os_close(fd); err_open: + /* + * tainted scalar, since size is obtained from the file. But we can rely + * on os_malloc() to handle invalid values. + */ os_free(state->state_fdt); state->state_fdt = NULL; From 92f1e9a4b31c0bf0f4f61ab823a6a88657323646 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Thu, 13 May 2021 19:39:31 -0600 Subject: [PATCH 13/19] clk: Detect failure to set defaults When the default clocks cannot be set, the clock is silently probed and the error is ignored. This is incorrect, since having the clocks at the correct speed may be important for operation of the system. Fix it by checking the return code. Signed-off-by: Simon Glass --- drivers/clk/clk-uclass.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/clk/clk-uclass.c b/drivers/clk/clk-uclass.c index f049e36380f..cea38a4c6e5 100644 --- a/drivers/clk/clk-uclass.c +++ b/drivers/clk/clk-uclass.c @@ -847,13 +847,17 @@ void devm_clk_put(struct udevice *dev, struct clk *clk) int clk_uclass_post_probe(struct udevice *dev) { + int ret; + /* * when a clock provider is probed. Call clk_set_defaults() * also after the device is probed. This takes care of cases * where the DT is used to setup default parents and rates * using assigned-clocks */ - clk_set_defaults(dev, CLK_DEFAULTS_POST); + ret = clk_set_defaults(dev, CLK_DEFAULTS_POST); + if (ret) + return log_ret(ret); return 0; } From 97587786463ae3a44c95fcb053ab27136c646aa3 Mon Sep 17 00:00:00 2001 From: Rasmus Villemoes Date: Fri, 28 May 2021 00:20:44 +0200 Subject: [PATCH 14/19] lib/vsprintf.c: implement printf() in terms of vprintf() This saves some code, both in terms of #LOC and .text size, and it is also the normal convention that foo(...) is implemented in terms of vfoo(). Reviewed-by: Simon Glass Signed-off-by: Rasmus Villemoes --- lib/vsprintf.c | 13 +------------ 1 file changed, 1 insertion(+), 12 deletions(-) diff --git a/lib/vsprintf.c b/lib/vsprintf.c index 9dc96c81c62..cf3982eb033 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -787,22 +787,11 @@ int printf(const char *fmt, ...) { va_list args; uint i; - char printbuffer[CONFIG_SYS_PBSIZE]; va_start(args, fmt); - - /* - * For this to work, printbuffer must be larger than - * anything we ever want to print. - */ - i = vscnprintf(printbuffer, sizeof(printbuffer), fmt, args); + i = vprintf(fmt, args); va_end(args); - /* Handle error */ - if (i <= 0) - return i; - /* Print the string */ - puts(printbuffer); return i; } From ce452157e6a8b68b76cfc5e3d30f7d7b10ace575 Mon Sep 17 00:00:00 2001 From: Rasmus Villemoes Date: Fri, 28 May 2021 00:20:45 +0200 Subject: [PATCH 15/19] lib/vsprintf.c: remove stale comment U-Boot doesn't support %pS/%pF or any other kind of kallsyms-like lookups. Remove the comment. Reviewed-by: Simon Glass Signed-off-by: Rasmus Villemoes --- lib/vsprintf.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/lib/vsprintf.c b/lib/vsprintf.c index cf3982eb033..af0a6e1dcfd 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -434,9 +434,6 @@ static char *uuid_string(char *buf, char *end, u8 *addr, int field_width, * - 'i' [46] for 'raw' IPv4/IPv6 addresses, IPv6 omits the colons, IPv4 is * currently the same * - * Note: The difference between 'S' and 'F' is that on ia64 and ppc64 - * function pointers are really function descriptors, which contain a - * pointer to the real address. */ static char *pointer(const char *fmt, char *buf, char *end, void *ptr, int field_width, int precision, int flags) From 23b542aa3f9c663c98e1baa2732cce99c333f030 Mon Sep 17 00:00:00 2001 From: Rasmus Villemoes Date: Fri, 28 May 2021 00:20:46 +0200 Subject: [PATCH 16/19] lib/vsprintf.c: remove unused ip6_addr_string() There's currently no user of %p[iI]6, so including ip6_addr_string() in the image is a waste of bytes. It's easy enough to have the compiler elide it without removing the code completely. The closest I can find to anybody "handling" ipv6 in U-Boot currently is in efi_net.c which does if (ipv6) { ret = EFI_UNSUPPORTED; As indicated in the comment, it can easily be put back, but preferably under a config knob. Reviewed-by: Simon Glass Signed-off-by: Rasmus Villemoes --- lib/vsprintf.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/vsprintf.c b/lib/vsprintf.c index af0a6e1dcfd..c14176dd393 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -434,6 +434,9 @@ static char *uuid_string(char *buf, char *end, u8 *addr, int field_width, * - 'i' [46] for 'raw' IPv4/IPv6 addresses, IPv6 omits the colons, IPv4 is * currently the same * + * Note: IPv6 support is currently if(0)'ed out. If you ever need + * %pI6, please add an IPV6 Kconfig knob, make your code select or + * depend on that, and change the 0 below to CONFIG_IS_ENABLED(IPV6). */ static char *pointer(const char *fmt, char *buf, char *end, void *ptr, int field_width, int precision, int flags) @@ -478,7 +481,8 @@ static char *pointer(const char *fmt, char *buf, char *end, void *ptr, flags |= SPECIAL; /* Fallthrough */ case 'I': - if (fmt[1] == '6') + /* %pI6 currently unused */ + if (0 && fmt[1] == '6') return ip6_addr_string(buf, end, ptr, field_width, precision, flags); if (fmt[1] == '4') From 4c531d9f58b19442780f9b209ab4ec23addd044a Mon Sep 17 00:00:00 2001 From: Marek Vasut Date: Fri, 11 Jun 2021 04:09:56 +0200 Subject: [PATCH 17/19] fit: Load DTO into temporary buffer and ignore load address The current fitImage DTO implementation expects each fitImage image subnode containing DTO to have 'load' property, pointing somewhere into memory where the DTO will be loaded. The address in the 'load' property must be different then the base DT load address and there must be sufficient amount of space between those two addresses. Selecting and using such hard-coded addresses is fragile, error prone and difficult to port even across devices with the same SoC and different DRAM sizes. The DTO cannot be applied in-place because fdt_overlay_apply_verbose() modifies the DTO when applying it onto the base DT, so if the DTO was used in place within the fitImage, call to fdt_overlay_apply_verbose() would corrupt the fitImage. Instead of copying the DTO to a specific hard-coded load address, allocate a buffer, copy the DTO into that buffer, apply the DTO onto the base DT, and free the buffer. The upside of this approach is that it is no longer necessary to select and hard-code specific DTO load address into the DTO. The slight downside is the new malloc()/free() overhead for each DTO, but that is negligible (*). (*) on iMX8MM/MN and STM32MP1 Signed-off-by: Marek Vasut Cc: Pantelis Antoniou Cc: Simon Glass Reviewed-by: Simon Glass [trini: Add ] Signed-off-by: Tom Rini --- common/image-fit.c | 32 ++++++++++++++++++++++++++++---- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/common/image-fit.c b/common/image-fit.c index 0c5a05948d1..e9b455deadb 100644 --- a/common/image-fit.c +++ b/common/image-fit.c @@ -17,6 +17,7 @@ #include #else #include +#include #include #include #include @@ -2267,10 +2268,10 @@ int boot_get_fdt_fit(bootm_headers_t *images, ulong addr, ulong load, len; #ifdef CONFIG_OF_LIBFDT_OVERLAY ulong image_start, image_end; - ulong ovload, ovlen; + ulong ovload, ovlen, ovcopylen; const char *uconfig; const char *uname; - void *base, *ov; + void *base, *ov, *ovcopy = NULL; int i, err, noffset, ov_noffset; #endif @@ -2360,7 +2361,7 @@ int boot_get_fdt_fit(bootm_headers_t *images, ulong addr, addr, &uname, &uconfig, arch, IH_TYPE_FLATDT, BOOTSTAGE_ID_FIT_FDT_START, - FIT_LOAD_REQUIRED, &ovload, &ovlen); + FIT_LOAD_IGNORED, &ovload, &ovlen); if (ov_noffset < 0) { printf("load of %s failed\n", uname); continue; @@ -2369,6 +2370,21 @@ int boot_get_fdt_fit(bootm_headers_t *images, ulong addr, uname, ovload, ovlen); ov = map_sysmem(ovload, ovlen); + ovcopylen = ALIGN(fdt_totalsize(ov), SZ_4K); + ovcopy = malloc(ovcopylen); + if (!ovcopy) { + printf("failed to duplicate DTO before application\n"); + fdt_noffset = -ENOMEM; + goto out; + } + + err = fdt_open_into(ov, ovcopy, ovcopylen); + if (err < 0) { + printf("failed on fdt_open_into for DTO\n"); + fdt_noffset = err; + goto out; + } + base = map_sysmem(load, len + ovlen); err = fdt_open_into(base, base, len + ovlen); if (err < 0) { @@ -2376,14 +2392,18 @@ int boot_get_fdt_fit(bootm_headers_t *images, ulong addr, fdt_noffset = err; goto out; } + /* the verbose method prints out messages on error */ - err = fdt_overlay_apply_verbose(base, ov); + err = fdt_overlay_apply_verbose(base, ovcopy); if (err < 0) { fdt_noffset = err; goto out; } fdt_pack(base); len = fdt_totalsize(base); + + free(ovcopy); + ovcopy = NULL; } #else printf("config with overlays but CONFIG_OF_LIBFDT_OVERLAY not set\n"); @@ -2400,6 +2420,10 @@ out: if (fit_uname_configp) *fit_uname_configp = fit_uname_config; +#ifdef CONFIG_OF_LIBFDT_OVERLAY + if (ovcopy) + free(ovcopy); +#endif if (fit_uname_config_copy) free(fit_uname_config_copy); return fdt_noffset; From bc599042d4ca1a6c3956e86005c7be8debb8a2ff Mon Sep 17 00:00:00 2001 From: Stephan Gerhold Date: Thu, 1 Jul 2021 20:33:16 +0200 Subject: [PATCH 18/19] image: android: Automatically detect more compression types At the moment android_image_get_kcomp() can automatically detect LZ4 compressed kernels and the compression specified in uImages. However, especially on ARM64 Linux is often compressed with GZIP. Attempting to boot an Android image with a GZIP compressed kernel image currently results in a very strange crash, e.g. Starting kernel ... "Synchronous Abort" handler, esr 0x02000000 ... Code: 5555d555 55555d55 555f5555 5d555d55 (00088b1f) Note the 1f8b, which are the "magic" bytes for GZIP images. U-Boot already has the image_decomp_type() function that checks for the magic bytes of bzip2, gzip, lzma and lzo. It's easy to make use of it here to increase the chance that we do the right thing and the user does not become confused with strange crashes. This allows booting Android boot images that contain GZIP-compressed kernel images. Signed-off-by: Stephan Gerhold --- common/image-android.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/image-android.c b/common/image-android.c index d07b0e0f09b..1fbbbba1eb0 100644 --- a/common/image-android.c +++ b/common/image-android.c @@ -164,7 +164,7 @@ ulong android_image_get_kcomp(const struct andr_img_hdr *hdr) else if (get_unaligned_le32(p) == LZ4F_MAGIC) return IH_COMP_LZ4; else - return IH_COMP_NONE; + return image_decomp_type(p, sizeof(u32)); } int android_image_get_ramdisk(const struct andr_img_hdr *hdr, From 92cf458f8ad9410dedbedd41d048d26620ce5f12 Mon Sep 17 00:00:00 2001 From: Max Yang Date: Mon, 10 May 2021 05:23:37 +0000 Subject: [PATCH 19/19] rtc: m41t62: fix wrong register use for set/reset ST bit Fix wrong register use when set/reset ST bit. ST bit is in register M41T62_REG_SEC not in M41T62_REG_ALARM_HOUR. I have not actually tested this. But this seemed buggy from inspection. Fixes: 9bbe210512c4539 ("rtc: m41t62: add oscillator fail bit reset support") Signed-off-by: Max Yang --- drivers/rtc/m41t62.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/rtc/m41t62.c b/drivers/rtc/m41t62.c index 0a4e12d6982..8be532c3e31 100644 --- a/drivers/rtc/m41t62.c +++ b/drivers/rtc/m41t62.c @@ -213,13 +213,13 @@ static int m41t62_rtc_restart_osc(struct udevice *dev) /* 1. Set stop bit */ val |= M41T62_SEC_ST; - ret = dm_i2c_write(dev, M41T62_REG_ALARM_HOUR, &val, sizeof(val)); + ret = dm_i2c_write(dev, M41T62_REG_SEC, &val, sizeof(val)); if (ret) return ret; /* 2. Clear stop bit */ val &= ~M41T62_SEC_ST; - ret = dm_i2c_write(dev, M41T62_REG_ALARM_HOUR, &val, sizeof(val)); + ret = dm_i2c_write(dev, M41T62_REG_SEC, &val, sizeof(val)); if (ret) return ret;