1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * Functions for working with device tree overlays
4 *
5 * Copyright (C) 2012 Pantelis Antoniou <panto@antoniou-consulting.com>
6 * Copyright (C) 2012 Texas Instruments Inc.
7 */
8
9 #define pr_fmt(fmt) "OF: overlay: " fmt
10
11 #include <linux/kernel.h>
12 #include <linux/module.h>
13 #include <linux/of.h>
14 #include <linux/of_device.h>
15 #include <linux/of_fdt.h>
16 #include <linux/string.h>
17 #include <linux/ctype.h>
18 #include <linux/errno.h>
19 #include <linux/slab.h>
20 #include <linux/libfdt.h>
21 #include <linux/err.h>
22 #include <linux/idr.h>
23
24 #include "of_private.h"
25
26 /**
27 * struct target - info about current target node as recursing through overlay
28 * @np: node where current level of overlay will be applied
29 * @in_livetree: @np is a node in the live devicetree
30 *
31 * Used in the algorithm to create the portion of a changeset that describes
32 * an overlay fragment, which is a devicetree subtree. Initially @np is a node
33 * in the live devicetree where the overlay subtree is targeted to be grafted
34 * into. When recursing to the next level of the overlay subtree, the target
35 * also recurses to the next level of the live devicetree, as long as overlay
36 * subtree node also exists in the live devicetree. When a node in the overlay
37 * subtree does not exist at the same level in the live devicetree, target->np
38 * points to a newly allocated node, and all subsequent targets in the subtree
39 * will be newly allocated nodes.
40 */
41 struct target {
42 struct device_node *np;
43 bool in_livetree;
44 };
45
46 /**
47 * struct fragment - info about fragment nodes in overlay expanded device tree
48 * @target: target of the overlay operation
49 * @overlay: pointer to the __overlay__ node
50 */
51 struct fragment {
52 struct device_node *overlay;
53 struct device_node *target;
54 };
55
56 /**
57 * struct overlay_changeset
58 * @id: changeset identifier
59 * @ovcs_list: list on which we are located
60 * @fdt: FDT that was unflattened to create @overlay_tree
61 * @overlay_tree: expanded device tree that contains the fragment nodes
62 * @count: count of fragment structures
63 * @fragments: fragment nodes in the overlay expanded device tree
64 * @symbols_fragment: last element of @fragments[] is the __symbols__ node
65 * @cset: changeset to apply fragments to live device tree
66 */
67 struct overlay_changeset {
68 int id;
69 struct list_head ovcs_list;
70 const void *fdt;
71 struct device_node *overlay_tree;
72 int count;
73 struct fragment *fragments;
74 bool symbols_fragment;
75 struct of_changeset cset;
76 };
77
78 /* flags are sticky - once set, do not reset */
79 static int devicetree_state_flags;
80 #define DTSF_APPLY_FAIL 0x01
81 #define DTSF_REVERT_FAIL 0x02
82
83 /*
84 * If a changeset apply or revert encounters an error, an attempt will
85 * be made to undo partial changes, but may fail. If the undo fails
86 * we do not know the state of the devicetree.
87 */
devicetree_corrupt(void)88 static int devicetree_corrupt(void)
89 {
90 return devicetree_state_flags &
91 (DTSF_APPLY_FAIL | DTSF_REVERT_FAIL);
92 }
93
94 static int build_changeset_next_level(struct overlay_changeset *ovcs,
95 struct target *target, const struct device_node *overlay_node);
96
97 /*
98 * of_resolve_phandles() finds the largest phandle in the live tree.
99 * of_overlay_apply() may add a larger phandle to the live tree.
100 * Do not allow race between two overlays being applied simultaneously:
101 * mutex_lock(&of_overlay_phandle_mutex)
102 * of_resolve_phandles()
103 * of_overlay_apply()
104 * mutex_unlock(&of_overlay_phandle_mutex)
105 */
106 static DEFINE_MUTEX(of_overlay_phandle_mutex);
107
of_overlay_mutex_lock(void)108 void of_overlay_mutex_lock(void)
109 {
110 mutex_lock(&of_overlay_phandle_mutex);
111 }
112
of_overlay_mutex_unlock(void)113 void of_overlay_mutex_unlock(void)
114 {
115 mutex_unlock(&of_overlay_phandle_mutex);
116 }
117
118
119 static LIST_HEAD(ovcs_list);
120 static DEFINE_IDR(ovcs_idr);
121
122 static BLOCKING_NOTIFIER_HEAD(overlay_notify_chain);
123
124 /**
125 * of_overlay_notifier_register() - Register notifier for overlay operations
126 * @nb: Notifier block to register
127 *
128 * Register for notification on overlay operations on device tree nodes. The
129 * reported actions definied by @of_reconfig_change. The notifier callback
130 * furthermore receives a pointer to the affected device tree node.
131 *
132 * Note that a notifier callback is not supposed to store pointers to a device
133 * tree node or its content beyond @OF_OVERLAY_POST_REMOVE corresponding to the
134 * respective node it received.
135 */
of_overlay_notifier_register(struct notifier_block * nb)136 int of_overlay_notifier_register(struct notifier_block *nb)
137 {
138 return blocking_notifier_chain_register(&overlay_notify_chain, nb);
139 }
140 EXPORT_SYMBOL_GPL(of_overlay_notifier_register);
141
142 /**
143 * of_overlay_notifier_register() - Unregister notifier for overlay operations
144 * @nb: Notifier block to unregister
145 */
of_overlay_notifier_unregister(struct notifier_block * nb)146 int of_overlay_notifier_unregister(struct notifier_block *nb)
147 {
148 return blocking_notifier_chain_unregister(&overlay_notify_chain, nb);
149 }
150 EXPORT_SYMBOL_GPL(of_overlay_notifier_unregister);
151
152 static char *of_overlay_action_name[] = {
153 "pre-apply",
154 "post-apply",
155 "pre-remove",
156 "post-remove",
157 };
158
overlay_notify(struct overlay_changeset * ovcs,enum of_overlay_notify_action action)159 static int overlay_notify(struct overlay_changeset *ovcs,
160 enum of_overlay_notify_action action)
161 {
162 struct of_overlay_notify_data nd;
163 int i, ret;
164
165 for (i = 0; i < ovcs->count; i++) {
166 struct fragment *fragment = &ovcs->fragments[i];
167
168 nd.target = fragment->target;
169 nd.overlay = fragment->overlay;
170
171 ret = blocking_notifier_call_chain(&overlay_notify_chain,
172 action, &nd);
173 if (ret == NOTIFY_OK || ret == NOTIFY_STOP)
174 return 0;
175 if (ret) {
176 ret = notifier_to_errno(ret);
177 pr_err("overlay changeset %s notifier error %d, target: %pOF\n",
178 of_overlay_action_name[action], ret, nd.target);
179 return ret;
180 }
181 }
182
183 return 0;
184 }
185
186 /*
187 * The values of properties in the "/__symbols__" node are paths in
188 * the ovcs->overlay_tree. When duplicating the properties, the paths
189 * need to be adjusted to be the correct path for the live device tree.
190 *
191 * The paths refer to a node in the subtree of a fragment node's "__overlay__"
192 * node, for example "/fragment@0/__overlay__/symbol_path_tail",
193 * where symbol_path_tail can be a single node or it may be a multi-node path.
194 *
195 * The duplicated property value will be modified by replacing the
196 * "/fragment_name/__overlay/" portion of the value with the target
197 * path from the fragment node.
198 */
dup_and_fixup_symbol_prop(struct overlay_changeset * ovcs,const struct property * prop)199 static struct property *dup_and_fixup_symbol_prop(
200 struct overlay_changeset *ovcs, const struct property *prop)
201 {
202 struct fragment *fragment;
203 struct property *new_prop;
204 struct device_node *fragment_node;
205 struct device_node *overlay_node;
206 const char *path;
207 const char *path_tail;
208 const char *target_path;
209 int k;
210 int overlay_name_len;
211 int path_len;
212 int path_tail_len;
213 int target_path_len;
214
215 if (!prop->value)
216 return NULL;
217 if (strnlen(prop->value, prop->length) >= prop->length)
218 return NULL;
219 path = prop->value;
220 path_len = strlen(path);
221
222 if (path_len < 1)
223 return NULL;
224 fragment_node = __of_find_node_by_path(ovcs->overlay_tree, path + 1);
225 overlay_node = __of_find_node_by_path(fragment_node, "__overlay__/");
226 of_node_put(fragment_node);
227 of_node_put(overlay_node);
228
229 for (k = 0; k < ovcs->count; k++) {
230 fragment = &ovcs->fragments[k];
231 if (fragment->overlay == overlay_node)
232 break;
233 }
234 if (k >= ovcs->count)
235 return NULL;
236
237 overlay_name_len = snprintf(NULL, 0, "%pOF", fragment->overlay);
238
239 if (overlay_name_len > path_len)
240 return NULL;
241 path_tail = path + overlay_name_len;
242 path_tail_len = strlen(path_tail);
243
244 target_path = kasprintf(GFP_KERNEL, "%pOF", fragment->target);
245 if (!target_path)
246 return NULL;
247 target_path_len = strlen(target_path);
248
249 new_prop = kzalloc(sizeof(*new_prop), GFP_KERNEL);
250 if (!new_prop)
251 goto err_free_target_path;
252
253 new_prop->name = kstrdup(prop->name, GFP_KERNEL);
254 new_prop->length = target_path_len + path_tail_len + 1;
255 new_prop->value = kzalloc(new_prop->length, GFP_KERNEL);
256 if (!new_prop->name || !new_prop->value)
257 goto err_free_new_prop;
258
259 strcpy(new_prop->value, target_path);
260 strcpy(new_prop->value + target_path_len, path_tail);
261
262 of_property_set_flag(new_prop, OF_DYNAMIC);
263
264 return new_prop;
265
266 err_free_new_prop:
267 kfree(new_prop->name);
268 kfree(new_prop->value);
269 kfree(new_prop);
270 err_free_target_path:
271 kfree(target_path);
272
273 return NULL;
274 }
275
276 /**
277 * add_changeset_property() - add @overlay_prop to overlay changeset
278 * @ovcs: overlay changeset
279 * @target: where @overlay_prop will be placed
280 * @overlay_prop: property to add or update, from overlay tree
281 * @is_symbols_prop: 1 if @overlay_prop is from node "/__symbols__"
282 *
283 * If @overlay_prop does not already exist in live devicetree, add changeset
284 * entry to add @overlay_prop in @target, else add changeset entry to update
285 * value of @overlay_prop.
286 *
287 * @target may be either in the live devicetree or in a new subtree that
288 * is contained in the changeset.
289 *
290 * Some special properties are not added or updated (no error returned):
291 * "name", "phandle", "linux,phandle".
292 *
293 * Properties "#address-cells" and "#size-cells" are not updated if they
294 * are already in the live tree, but if present in the live tree, the values
295 * in the overlay must match the values in the live tree.
296 *
297 * Update of property in symbols node is not allowed.
298 *
299 * Returns 0 on success, -ENOMEM if memory allocation failure, or -EINVAL if
300 * invalid @overlay.
301 */
add_changeset_property(struct overlay_changeset * ovcs,struct target * target,struct property * overlay_prop,bool is_symbols_prop)302 static int add_changeset_property(struct overlay_changeset *ovcs,
303 struct target *target, struct property *overlay_prop,
304 bool is_symbols_prop)
305 {
306 struct property *new_prop = NULL, *prop;
307 int ret = 0;
308
309 if (target->in_livetree)
310 if (!of_prop_cmp(overlay_prop->name, "name") ||
311 !of_prop_cmp(overlay_prop->name, "phandle") ||
312 !of_prop_cmp(overlay_prop->name, "linux,phandle"))
313 return 0;
314
315 if (target->in_livetree)
316 prop = of_find_property(target->np, overlay_prop->name, NULL);
317 else
318 prop = NULL;
319
320 if (prop) {
321 if (!of_prop_cmp(prop->name, "#address-cells")) {
322 if (!of_prop_val_eq(prop, overlay_prop)) {
323 pr_err("ERROR: changing value of #address-cells is not allowed in %pOF\n",
324 target->np);
325 ret = -EINVAL;
326 }
327 return ret;
328
329 } else if (!of_prop_cmp(prop->name, "#size-cells")) {
330 if (!of_prop_val_eq(prop, overlay_prop)) {
331 pr_err("ERROR: changing value of #size-cells is not allowed in %pOF\n",
332 target->np);
333 ret = -EINVAL;
334 }
335 return ret;
336 }
337 }
338
339 if (is_symbols_prop) {
340 if (prop)
341 return -EINVAL;
342 new_prop = dup_and_fixup_symbol_prop(ovcs, overlay_prop);
343 } else {
344 new_prop = __of_prop_dup(overlay_prop, GFP_KERNEL);
345 }
346
347 if (!new_prop)
348 return -ENOMEM;
349
350 if (!prop) {
351 if (!target->in_livetree) {
352 new_prop->next = target->np->deadprops;
353 target->np->deadprops = new_prop;
354 }
355 ret = of_changeset_add_property(&ovcs->cset, target->np,
356 new_prop);
357 } else {
358 ret = of_changeset_update_property(&ovcs->cset, target->np,
359 new_prop);
360 }
361
362 if (!of_node_check_flag(target->np, OF_OVERLAY))
363 pr_err("WARNING: memory leak will occur if overlay removed, property: %pOF/%s\n",
364 target->np, new_prop->name);
365
366 if (ret) {
367 kfree(new_prop->name);
368 kfree(new_prop->value);
369 kfree(new_prop);
370 }
371 return ret;
372 }
373
374 /**
375 * add_changeset_node() - add @node (and children) to overlay changeset
376 * @ovcs: overlay changeset
377 * @target: where @node will be placed in live tree or changeset
378 * @node: node from within overlay device tree fragment
379 *
380 * If @node does not already exist in @target, add changeset entry
381 * to add @node in @target.
382 *
383 * If @node already exists in @target, and the existing node has
384 * a phandle, the overlay node is not allowed to have a phandle.
385 *
386 * If @node has child nodes, add the children recursively via
387 * build_changeset_next_level().
388 *
389 * NOTE_1: A live devicetree created from a flattened device tree (FDT) will
390 * not contain the full path in node->full_name. Thus an overlay
391 * created from an FDT also will not contain the full path in
392 * node->full_name. However, a live devicetree created from Open
393 * Firmware may have the full path in node->full_name.
394 *
395 * add_changeset_node() follows the FDT convention and does not include
396 * the full path in node->full_name. Even though it expects the overlay
397 * to not contain the full path, it uses kbasename() to remove the
398 * full path should it exist. It also uses kbasename() in comparisons
399 * to nodes in the live devicetree so that it can apply an overlay to
400 * a live devicetree created from Open Firmware.
401 *
402 * NOTE_2: Multiple mods of created nodes not supported.
403 *
404 * Returns 0 on success, -ENOMEM if memory allocation failure, or -EINVAL if
405 * invalid @overlay.
406 */
add_changeset_node(struct overlay_changeset * ovcs,struct target * target,struct device_node * node)407 static int add_changeset_node(struct overlay_changeset *ovcs,
408 struct target *target, struct device_node *node)
409 {
410 const char *node_kbasename;
411 const __be32 *phandle;
412 struct device_node *tchild;
413 struct target target_child;
414 int ret = 0, size;
415
416 node_kbasename = kbasename(node->full_name);
417
418 for_each_child_of_node(target->np, tchild)
419 if (!of_node_cmp(node_kbasename, kbasename(tchild->full_name)))
420 break;
421
422 if (!tchild) {
423 tchild = __of_node_dup(NULL, node_kbasename);
424 if (!tchild)
425 return -ENOMEM;
426
427 tchild->parent = target->np;
428 tchild->name = __of_get_property(node, "name", NULL);
429
430 if (!tchild->name)
431 tchild->name = "<NULL>";
432
433 /* ignore obsolete "linux,phandle" */
434 phandle = __of_get_property(node, "phandle", &size);
435 if (phandle && (size == 4))
436 tchild->phandle = be32_to_cpup(phandle);
437
438 of_node_set_flag(tchild, OF_OVERLAY);
439
440 ret = of_changeset_attach_node(&ovcs->cset, tchild);
441 if (ret)
442 return ret;
443
444 target_child.np = tchild;
445 target_child.in_livetree = false;
446
447 ret = build_changeset_next_level(ovcs, &target_child, node);
448 of_node_put(tchild);
449 return ret;
450 }
451
452 if (node->phandle && tchild->phandle) {
453 ret = -EINVAL;
454 } else {
455 target_child.np = tchild;
456 target_child.in_livetree = target->in_livetree;
457 ret = build_changeset_next_level(ovcs, &target_child, node);
458 }
459 of_node_put(tchild);
460
461 return ret;
462 }
463
464 /**
465 * build_changeset_next_level() - add level of overlay changeset
466 * @ovcs: overlay changeset
467 * @target: where to place @overlay_node in live tree
468 * @overlay_node: node from within an overlay device tree fragment
469 *
470 * Add the properties (if any) and nodes (if any) from @overlay_node to the
471 * @ovcs->cset changeset. If an added node has child nodes, they will
472 * be added recursively.
473 *
474 * Do not allow symbols node to have any children.
475 *
476 * Returns 0 on success, -ENOMEM if memory allocation failure, or -EINVAL if
477 * invalid @overlay_node.
478 */
build_changeset_next_level(struct overlay_changeset * ovcs,struct target * target,const struct device_node * overlay_node)479 static int build_changeset_next_level(struct overlay_changeset *ovcs,
480 struct target *target, const struct device_node *overlay_node)
481 {
482 struct device_node *child;
483 struct property *prop;
484 int ret;
485
486 for_each_property_of_node(overlay_node, prop) {
487 ret = add_changeset_property(ovcs, target, prop, 0);
488 if (ret) {
489 pr_debug("Failed to apply prop @%pOF/%s, err=%d\n",
490 target->np, prop->name, ret);
491 return ret;
492 }
493 }
494
495 for_each_child_of_node(overlay_node, child) {
496 ret = add_changeset_node(ovcs, target, child);
497 if (ret) {
498 pr_debug("Failed to apply node @%pOF/%pOFn, err=%d\n",
499 target->np, child, ret);
500 of_node_put(child);
501 return ret;
502 }
503 }
504
505 return 0;
506 }
507
508 /*
509 * Add the properties from __overlay__ node to the @ovcs->cset changeset.
510 */
build_changeset_symbols_node(struct overlay_changeset * ovcs,struct target * target,const struct device_node * overlay_symbols_node)511 static int build_changeset_symbols_node(struct overlay_changeset *ovcs,
512 struct target *target,
513 const struct device_node *overlay_symbols_node)
514 {
515 struct property *prop;
516 int ret;
517
518 for_each_property_of_node(overlay_symbols_node, prop) {
519 ret = add_changeset_property(ovcs, target, prop, 1);
520 if (ret) {
521 pr_debug("Failed to apply symbols prop @%pOF/%s, err=%d\n",
522 target->np, prop->name, ret);
523 return ret;
524 }
525 }
526
527 return 0;
528 }
529
find_dup_cset_node_entry(struct overlay_changeset * ovcs,struct of_changeset_entry * ce_1)530 static int find_dup_cset_node_entry(struct overlay_changeset *ovcs,
531 struct of_changeset_entry *ce_1)
532 {
533 struct of_changeset_entry *ce_2;
534 char *fn_1, *fn_2;
535 int node_path_match;
536
537 if (ce_1->action != OF_RECONFIG_ATTACH_NODE &&
538 ce_1->action != OF_RECONFIG_DETACH_NODE)
539 return 0;
540
541 ce_2 = ce_1;
542 list_for_each_entry_continue(ce_2, &ovcs->cset.entries, node) {
543 if ((ce_2->action != OF_RECONFIG_ATTACH_NODE &&
544 ce_2->action != OF_RECONFIG_DETACH_NODE) ||
545 of_node_cmp(ce_1->np->full_name, ce_2->np->full_name))
546 continue;
547
548 fn_1 = kasprintf(GFP_KERNEL, "%pOF", ce_1->np);
549 fn_2 = kasprintf(GFP_KERNEL, "%pOF", ce_2->np);
550 node_path_match = !strcmp(fn_1, fn_2);
551 kfree(fn_1);
552 kfree(fn_2);
553 if (node_path_match) {
554 pr_err("ERROR: multiple fragments add and/or delete node %pOF\n",
555 ce_1->np);
556 return -EINVAL;
557 }
558 }
559
560 return 0;
561 }
562
find_dup_cset_prop(struct overlay_changeset * ovcs,struct of_changeset_entry * ce_1)563 static int find_dup_cset_prop(struct overlay_changeset *ovcs,
564 struct of_changeset_entry *ce_1)
565 {
566 struct of_changeset_entry *ce_2;
567 char *fn_1, *fn_2;
568 int node_path_match;
569
570 if (ce_1->action != OF_RECONFIG_ADD_PROPERTY &&
571 ce_1->action != OF_RECONFIG_REMOVE_PROPERTY &&
572 ce_1->action != OF_RECONFIG_UPDATE_PROPERTY)
573 return 0;
574
575 ce_2 = ce_1;
576 list_for_each_entry_continue(ce_2, &ovcs->cset.entries, node) {
577 if ((ce_2->action != OF_RECONFIG_ADD_PROPERTY &&
578 ce_2->action != OF_RECONFIG_REMOVE_PROPERTY &&
579 ce_2->action != OF_RECONFIG_UPDATE_PROPERTY) ||
580 of_node_cmp(ce_1->np->full_name, ce_2->np->full_name))
581 continue;
582
583 fn_1 = kasprintf(GFP_KERNEL, "%pOF", ce_1->np);
584 fn_2 = kasprintf(GFP_KERNEL, "%pOF", ce_2->np);
585 node_path_match = !strcmp(fn_1, fn_2);
586 kfree(fn_1);
587 kfree(fn_2);
588 if (node_path_match &&
589 !of_prop_cmp(ce_1->prop->name, ce_2->prop->name)) {
590 pr_err("ERROR: multiple fragments add, update, and/or delete property %pOF/%s\n",
591 ce_1->np, ce_1->prop->name);
592 return -EINVAL;
593 }
594 }
595
596 return 0;
597 }
598
599 /**
600 * changeset_dup_entry_check() - check for duplicate entries
601 * @ovcs: Overlay changeset
602 *
603 * Check changeset @ovcs->cset for multiple {add or delete} node entries for
604 * the same node or duplicate {add, delete, or update} properties entries
605 * for the same property.
606 *
607 * Returns 0 on success, or -EINVAL if duplicate changeset entry found.
608 */
changeset_dup_entry_check(struct overlay_changeset * ovcs)609 static int changeset_dup_entry_check(struct overlay_changeset *ovcs)
610 {
611 struct of_changeset_entry *ce_1;
612 int dup_entry = 0;
613
614 list_for_each_entry(ce_1, &ovcs->cset.entries, node) {
615 dup_entry |= find_dup_cset_node_entry(ovcs, ce_1);
616 dup_entry |= find_dup_cset_prop(ovcs, ce_1);
617 }
618
619 return dup_entry ? -EINVAL : 0;
620 }
621
622 /**
623 * build_changeset() - populate overlay changeset in @ovcs from @ovcs->fragments
624 * @ovcs: Overlay changeset
625 *
626 * Create changeset @ovcs->cset to contain the nodes and properties of the
627 * overlay device tree fragments in @ovcs->fragments[]. If an error occurs,
628 * any portions of the changeset that were successfully created will remain
629 * in @ovcs->cset.
630 *
631 * Returns 0 on success, -ENOMEM if memory allocation failure, or -EINVAL if
632 * invalid overlay in @ovcs->fragments[].
633 */
build_changeset(struct overlay_changeset * ovcs)634 static int build_changeset(struct overlay_changeset *ovcs)
635 {
636 struct fragment *fragment;
637 struct target target;
638 int fragments_count, i, ret;
639
640 /*
641 * if there is a symbols fragment in ovcs->fragments[i] it is
642 * the final element in the array
643 */
644 if (ovcs->symbols_fragment)
645 fragments_count = ovcs->count - 1;
646 else
647 fragments_count = ovcs->count;
648
649 for (i = 0; i < fragments_count; i++) {
650 fragment = &ovcs->fragments[i];
651
652 target.np = fragment->target;
653 target.in_livetree = true;
654 ret = build_changeset_next_level(ovcs, &target,
655 fragment->overlay);
656 if (ret) {
657 pr_debug("fragment apply failed '%pOF'\n",
658 fragment->target);
659 return ret;
660 }
661 }
662
663 if (ovcs->symbols_fragment) {
664 fragment = &ovcs->fragments[ovcs->count - 1];
665
666 target.np = fragment->target;
667 target.in_livetree = true;
668 ret = build_changeset_symbols_node(ovcs, &target,
669 fragment->overlay);
670 if (ret) {
671 pr_debug("symbols fragment apply failed '%pOF'\n",
672 fragment->target);
673 return ret;
674 }
675 }
676
677 return changeset_dup_entry_check(ovcs);
678 }
679
680 /*
681 * Find the target node using a number of different strategies
682 * in order of preference:
683 *
684 * 1) "target" property containing the phandle of the target
685 * 2) "target-path" property containing the path of the target
686 */
find_target(struct device_node * info_node)687 static struct device_node *find_target(struct device_node *info_node)
688 {
689 struct device_node *node;
690 const char *path;
691 u32 val;
692 int ret;
693
694 ret = of_property_read_u32(info_node, "target", &val);
695 if (!ret) {
696 node = of_find_node_by_phandle(val);
697 if (!node)
698 pr_err("find target, node: %pOF, phandle 0x%x not found\n",
699 info_node, val);
700 return node;
701 }
702
703 ret = of_property_read_string(info_node, "target-path", &path);
704 if (!ret) {
705 node = of_find_node_by_path(path);
706 if (!node)
707 pr_err("find target, node: %pOF, path '%s' not found\n",
708 info_node, path);
709 return node;
710 }
711
712 pr_err("find target, node: %pOF, no target property\n", info_node);
713
714 return NULL;
715 }
716
717 /**
718 * init_overlay_changeset() - initialize overlay changeset from overlay tree
719 * @ovcs: Overlay changeset to build
720 * @fdt: the FDT that was unflattened to create @tree
721 * @tree: Contains all the overlay fragments and overlay fixup nodes
722 *
723 * Initialize @ovcs. Populate @ovcs->fragments with node information from
724 * the top level of @tree. The relevant top level nodes are the fragment
725 * nodes and the __symbols__ node. Any other top level node will be ignored.
726 *
727 * Returns 0 on success, -ENOMEM if memory allocation failure, -EINVAL if error
728 * detected in @tree, or -ENOSPC if idr_alloc() error.
729 */
init_overlay_changeset(struct overlay_changeset * ovcs,const void * fdt,struct device_node * tree)730 static int init_overlay_changeset(struct overlay_changeset *ovcs,
731 const void *fdt, struct device_node *tree)
732 {
733 struct device_node *node, *overlay_node;
734 struct fragment *fragment;
735 struct fragment *fragments;
736 int cnt, id, ret;
737
738 /*
739 * Warn for some issues. Can not return -EINVAL for these until
740 * of_unittest_apply_overlay() is fixed to pass these checks.
741 */
742 if (!of_node_check_flag(tree, OF_DYNAMIC))
743 pr_debug("%s() tree is not dynamic\n", __func__);
744
745 if (!of_node_check_flag(tree, OF_DETACHED))
746 pr_debug("%s() tree is not detached\n", __func__);
747
748 if (!of_node_is_root(tree))
749 pr_debug("%s() tree is not root\n", __func__);
750
751 ovcs->overlay_tree = tree;
752 ovcs->fdt = fdt;
753
754 INIT_LIST_HEAD(&ovcs->ovcs_list);
755
756 of_changeset_init(&ovcs->cset);
757
758 id = idr_alloc(&ovcs_idr, ovcs, 1, 0, GFP_KERNEL);
759 if (id <= 0)
760 return id;
761
762 cnt = 0;
763
764 /* fragment nodes */
765 for_each_child_of_node(tree, node) {
766 overlay_node = of_get_child_by_name(node, "__overlay__");
767 if (overlay_node) {
768 cnt++;
769 of_node_put(overlay_node);
770 }
771 }
772
773 node = of_get_child_by_name(tree, "__symbols__");
774 if (node) {
775 cnt++;
776 of_node_put(node);
777 }
778
779 fragments = kcalloc(cnt, sizeof(*fragments), GFP_KERNEL);
780 if (!fragments) {
781 ret = -ENOMEM;
782 goto err_free_idr;
783 }
784
785 cnt = 0;
786 for_each_child_of_node(tree, node) {
787 overlay_node = of_get_child_by_name(node, "__overlay__");
788 if (!overlay_node)
789 continue;
790
791 fragment = &fragments[cnt];
792 fragment->overlay = overlay_node;
793 fragment->target = find_target(node);
794 if (!fragment->target) {
795 of_node_put(fragment->overlay);
796 ret = -EINVAL;
797 goto err_free_fragments;
798 }
799
800 cnt++;
801 }
802
803 /*
804 * if there is a symbols fragment in ovcs->fragments[i] it is
805 * the final element in the array
806 */
807 node = of_get_child_by_name(tree, "__symbols__");
808 if (node) {
809 ovcs->symbols_fragment = 1;
810 fragment = &fragments[cnt];
811 fragment->overlay = node;
812 fragment->target = of_find_node_by_path("/__symbols__");
813
814 if (!fragment->target) {
815 pr_err("symbols in overlay, but not in live tree\n");
816 ret = -EINVAL;
817 goto err_free_fragments;
818 }
819
820 cnt++;
821 }
822
823 if (!cnt) {
824 pr_err("no fragments or symbols in overlay\n");
825 ret = -EINVAL;
826 goto err_free_fragments;
827 }
828
829 ovcs->id = id;
830 ovcs->count = cnt;
831 ovcs->fragments = fragments;
832
833 return 0;
834
835 err_free_fragments:
836 kfree(fragments);
837 err_free_idr:
838 idr_remove(&ovcs_idr, id);
839
840 pr_err("%s() failed, ret = %d\n", __func__, ret);
841
842 return ret;
843 }
844
free_overlay_changeset(struct overlay_changeset * ovcs)845 static void free_overlay_changeset(struct overlay_changeset *ovcs)
846 {
847 int i;
848
849 if (ovcs->cset.entries.next)
850 of_changeset_destroy(&ovcs->cset);
851
852 if (ovcs->id)
853 idr_remove(&ovcs_idr, ovcs->id);
854
855 for (i = 0; i < ovcs->count; i++) {
856 of_node_put(ovcs->fragments[i].target);
857 of_node_put(ovcs->fragments[i].overlay);
858 }
859 kfree(ovcs->fragments);
860 /*
861 * There should be no live pointers into ovcs->overlay_tree and
862 * ovcs->fdt due to the policy that overlay notifiers are not allowed
863 * to retain pointers into the overlay devicetree.
864 */
865 kfree(ovcs->overlay_tree);
866 kfree(ovcs->fdt);
867 kfree(ovcs);
868 }
869
870 /*
871 * internal documentation
872 *
873 * of_overlay_apply() - Create and apply an overlay changeset
874 * @fdt: the FDT that was unflattened to create @tree
875 * @tree: Expanded overlay device tree
876 * @ovcs_id: Pointer to overlay changeset id
877 *
878 * Creates and applies an overlay changeset.
879 *
880 * If an error occurs in a pre-apply notifier, then no changes are made
881 * to the device tree.
882 *
883
884 * A non-zero return value will not have created the changeset if error is from:
885 * - parameter checks
886 * - building the changeset
887 * - overlay changeset pre-apply notifier
888 *
889 * If an error is returned by an overlay changeset pre-apply notifier
890 * then no further overlay changeset pre-apply notifier will be called.
891 *
892 * A non-zero return value will have created the changeset if error is from:
893 * - overlay changeset entry notifier
894 * - overlay changeset post-apply notifier
895 *
896 * If an error is returned by an overlay changeset post-apply notifier
897 * then no further overlay changeset post-apply notifier will be called.
898 *
899 * If more than one notifier returns an error, then the last notifier
900 * error to occur is returned.
901 *
902 * If an error occurred while applying the overlay changeset, then an
903 * attempt is made to revert any changes that were made to the
904 * device tree. If there were any errors during the revert attempt
905 * then the state of the device tree can not be determined, and any
906 * following attempt to apply or remove an overlay changeset will be
907 * refused.
908 *
909 * Returns 0 on success, or a negative error number. Overlay changeset
910 * id is returned to *ovcs_id.
911 */
912
of_overlay_apply(const void * fdt,struct device_node * tree,int * ovcs_id)913 static int of_overlay_apply(const void *fdt, struct device_node *tree,
914 int *ovcs_id)
915 {
916 struct overlay_changeset *ovcs;
917 int ret = 0, ret_revert, ret_tmp;
918
919 /*
920 * As of this point, fdt and tree belong to the overlay changeset.
921 * overlay changeset code is responsible for freeing them.
922 */
923
924 if (devicetree_corrupt()) {
925 pr_err("devicetree state suspect, refuse to apply overlay\n");
926 kfree(fdt);
927 kfree(tree);
928 ret = -EBUSY;
929 goto out;
930 }
931
932 ovcs = kzalloc(sizeof(*ovcs), GFP_KERNEL);
933 if (!ovcs) {
934 kfree(fdt);
935 kfree(tree);
936 ret = -ENOMEM;
937 goto out;
938 }
939
940 of_overlay_mutex_lock();
941 mutex_lock(&of_mutex);
942
943 ret = of_resolve_phandles(tree);
944 if (ret)
945 goto err_free_tree;
946
947 ret = init_overlay_changeset(ovcs, fdt, tree);
948 if (ret)
949 goto err_free_tree;
950
951 /*
952 * after overlay_notify(), ovcs->overlay_tree related pointers may have
953 * leaked to drivers, so can not kfree() tree, aka ovcs->overlay_tree;
954 * and can not free fdt, aka ovcs->fdt
955 */
956 ret = overlay_notify(ovcs, OF_OVERLAY_PRE_APPLY);
957 if (ret) {
958 pr_err("overlay changeset pre-apply notify error %d\n", ret);
959 goto err_free_overlay_changeset;
960 }
961
962 ret = build_changeset(ovcs);
963 if (ret)
964 goto err_free_overlay_changeset;
965
966 ret_revert = 0;
967 ret = __of_changeset_apply_entries(&ovcs->cset, &ret_revert);
968 if (ret) {
969 if (ret_revert) {
970 pr_debug("overlay changeset revert error %d\n",
971 ret_revert);
972 devicetree_state_flags |= DTSF_APPLY_FAIL;
973 }
974 goto err_free_overlay_changeset;
975 }
976
977 of_populate_phandle_cache();
978
979 ret = __of_changeset_apply_notify(&ovcs->cset);
980 if (ret)
981 pr_err("overlay apply changeset entry notify error %d\n", ret);
982 /* notify failure is not fatal, continue */
983
984 list_add_tail(&ovcs->ovcs_list, &ovcs_list);
985 *ovcs_id = ovcs->id;
986
987 ret_tmp = overlay_notify(ovcs, OF_OVERLAY_POST_APPLY);
988 if (ret_tmp) {
989 pr_err("overlay changeset post-apply notify error %d\n",
990 ret_tmp);
991 if (!ret)
992 ret = ret_tmp;
993 }
994
995 goto out_unlock;
996
997 err_free_tree:
998 kfree(fdt);
999 kfree(tree);
1000
1001 err_free_overlay_changeset:
1002 free_overlay_changeset(ovcs);
1003
1004 out_unlock:
1005 mutex_unlock(&of_mutex);
1006 of_overlay_mutex_unlock();
1007
1008 out:
1009 pr_debug("%s() err=%d\n", __func__, ret);
1010
1011 return ret;
1012 }
1013
of_overlay_fdt_apply(const void * overlay_fdt,u32 overlay_fdt_size,int * ovcs_id)1014 int of_overlay_fdt_apply(const void *overlay_fdt, u32 overlay_fdt_size,
1015 int *ovcs_id)
1016 {
1017 const void *new_fdt;
1018 int ret;
1019 u32 size;
1020 struct device_node *overlay_root;
1021
1022 *ovcs_id = 0;
1023 ret = 0;
1024
1025 if (overlay_fdt_size < sizeof(struct fdt_header) ||
1026 fdt_check_header(overlay_fdt)) {
1027 pr_err("Invalid overlay_fdt header\n");
1028 return -EINVAL;
1029 }
1030
1031 size = fdt_totalsize(overlay_fdt);
1032 if (overlay_fdt_size < size)
1033 return -EINVAL;
1034
1035 /*
1036 * Must create permanent copy of FDT because of_fdt_unflatten_tree()
1037 * will create pointers to the passed in FDT in the unflattened tree.
1038 */
1039 new_fdt = kmemdup(overlay_fdt, size, GFP_KERNEL);
1040 if (!new_fdt)
1041 return -ENOMEM;
1042
1043 of_fdt_unflatten_tree(new_fdt, NULL, &overlay_root);
1044 if (!overlay_root) {
1045 pr_err("unable to unflatten overlay_fdt\n");
1046 ret = -EINVAL;
1047 goto out_free_new_fdt;
1048 }
1049
1050 ret = of_overlay_apply(new_fdt, overlay_root, ovcs_id);
1051 if (ret < 0) {
1052 /*
1053 * new_fdt and overlay_root now belong to the overlay
1054 * changeset.
1055 * overlay changeset code is responsible for freeing them.
1056 */
1057 goto out;
1058 }
1059
1060 return 0;
1061
1062
1063 out_free_new_fdt:
1064 kfree(new_fdt);
1065
1066 out:
1067 return ret;
1068 }
1069 EXPORT_SYMBOL_GPL(of_overlay_fdt_apply);
1070
1071 /*
1072 * Find @np in @tree.
1073 *
1074 * Returns 1 if @np is @tree or is contained in @tree, else 0
1075 */
find_node(struct device_node * tree,struct device_node * np)1076 static int find_node(struct device_node *tree, struct device_node *np)
1077 {
1078 struct device_node *child;
1079
1080 if (tree == np)
1081 return 1;
1082
1083 for_each_child_of_node(tree, child) {
1084 if (find_node(child, np)) {
1085 of_node_put(child);
1086 return 1;
1087 }
1088 }
1089
1090 return 0;
1091 }
1092
1093 /*
1094 * Is @remove_ce_node a child of, a parent of, or the same as any
1095 * node in an overlay changeset more topmost than @remove_ovcs?
1096 *
1097 * Returns 1 if found, else 0
1098 */
node_overlaps_later_cs(struct overlay_changeset * remove_ovcs,struct device_node * remove_ce_node)1099 static int node_overlaps_later_cs(struct overlay_changeset *remove_ovcs,
1100 struct device_node *remove_ce_node)
1101 {
1102 struct overlay_changeset *ovcs;
1103 struct of_changeset_entry *ce;
1104
1105 list_for_each_entry_reverse(ovcs, &ovcs_list, ovcs_list) {
1106 if (ovcs == remove_ovcs)
1107 break;
1108
1109 list_for_each_entry(ce, &ovcs->cset.entries, node) {
1110 if (find_node(ce->np, remove_ce_node)) {
1111 pr_err("%s: #%d overlaps with #%d @%pOF\n",
1112 __func__, remove_ovcs->id, ovcs->id,
1113 remove_ce_node);
1114 return 1;
1115 }
1116 if (find_node(remove_ce_node, ce->np)) {
1117 pr_err("%s: #%d overlaps with #%d @%pOF\n",
1118 __func__, remove_ovcs->id, ovcs->id,
1119 remove_ce_node);
1120 return 1;
1121 }
1122 }
1123 }
1124
1125 return 0;
1126 }
1127
1128 /*
1129 * We can safely remove the overlay only if it's the top-most one.
1130 * Newly applied overlays are inserted at the tail of the overlay list,
1131 * so a top most overlay is the one that is closest to the tail.
1132 *
1133 * The topmost check is done by exploiting this property. For each
1134 * affected device node in the log list we check if this overlay is
1135 * the one closest to the tail. If another overlay has affected this
1136 * device node and is closest to the tail, then removal is not permited.
1137 */
overlay_removal_is_ok(struct overlay_changeset * remove_ovcs)1138 static int overlay_removal_is_ok(struct overlay_changeset *remove_ovcs)
1139 {
1140 struct of_changeset_entry *remove_ce;
1141
1142 list_for_each_entry(remove_ce, &remove_ovcs->cset.entries, node) {
1143 if (node_overlaps_later_cs(remove_ovcs, remove_ce->np)) {
1144 pr_err("overlay #%d is not topmost\n", remove_ovcs->id);
1145 return 0;
1146 }
1147 }
1148
1149 return 1;
1150 }
1151
1152 /**
1153 * of_overlay_remove() - Revert and free an overlay changeset
1154 * @ovcs_id: Pointer to overlay changeset id
1155 *
1156 * Removes an overlay if it is permissible. @ovcs_id was previously returned
1157 * by of_overlay_fdt_apply().
1158 *
1159 * If an error occurred while attempting to revert the overlay changeset,
1160 * then an attempt is made to re-apply any changeset entry that was
1161 * reverted. If an error occurs on re-apply then the state of the device
1162 * tree can not be determined, and any following attempt to apply or remove
1163 * an overlay changeset will be refused.
1164 *
1165 * A non-zero return value will not revert the changeset if error is from:
1166 * - parameter checks
1167 * - overlay changeset pre-remove notifier
1168 * - overlay changeset entry revert
1169 *
1170 * If an error is returned by an overlay changeset pre-remove notifier
1171 * then no further overlay changeset pre-remove notifier will be called.
1172 *
1173 * If more than one notifier returns an error, then the last notifier
1174 * error to occur is returned.
1175 *
1176 * A non-zero return value will revert the changeset if error is from:
1177 * - overlay changeset entry notifier
1178 * - overlay changeset post-remove notifier
1179 *
1180 * If an error is returned by an overlay changeset post-remove notifier
1181 * then no further overlay changeset post-remove notifier will be called.
1182 *
1183 * Returns 0 on success, or a negative error number. *ovcs_id is set to
1184 * zero after reverting the changeset, even if a subsequent error occurs.
1185 */
of_overlay_remove(int * ovcs_id)1186 int of_overlay_remove(int *ovcs_id)
1187 {
1188 struct overlay_changeset *ovcs;
1189 int ret, ret_apply, ret_tmp;
1190
1191 ret = 0;
1192
1193 if (devicetree_corrupt()) {
1194 pr_err("suspect devicetree state, refuse to remove overlay\n");
1195 ret = -EBUSY;
1196 goto out;
1197 }
1198
1199 mutex_lock(&of_mutex);
1200
1201 ovcs = idr_find(&ovcs_idr, *ovcs_id);
1202 if (!ovcs) {
1203 ret = -ENODEV;
1204 pr_err("remove: Could not find overlay #%d\n", *ovcs_id);
1205 goto out_unlock;
1206 }
1207
1208 if (!overlay_removal_is_ok(ovcs)) {
1209 ret = -EBUSY;
1210 goto out_unlock;
1211 }
1212
1213 ret = overlay_notify(ovcs, OF_OVERLAY_PRE_REMOVE);
1214 if (ret) {
1215 pr_err("overlay changeset pre-remove notify error %d\n", ret);
1216 goto out_unlock;
1217 }
1218
1219 list_del(&ovcs->ovcs_list);
1220
1221 /*
1222 * Disable phandle cache. Avoids race condition that would arise
1223 * from removing cache entry when the associated node is deleted.
1224 */
1225 of_free_phandle_cache();
1226
1227 ret_apply = 0;
1228 ret = __of_changeset_revert_entries(&ovcs->cset, &ret_apply);
1229
1230 of_populate_phandle_cache();
1231
1232 if (ret) {
1233 if (ret_apply)
1234 devicetree_state_flags |= DTSF_REVERT_FAIL;
1235 goto out_unlock;
1236 }
1237
1238 ret = __of_changeset_revert_notify(&ovcs->cset);
1239 if (ret)
1240 pr_err("overlay remove changeset entry notify error %d\n", ret);
1241 /* notify failure is not fatal, continue */
1242
1243 *ovcs_id = 0;
1244
1245 ret_tmp = overlay_notify(ovcs, OF_OVERLAY_POST_REMOVE);
1246 if (ret_tmp) {
1247 pr_err("overlay changeset post-remove notify error %d\n",
1248 ret_tmp);
1249 if (!ret)
1250 ret = ret_tmp;
1251 }
1252
1253 free_overlay_changeset(ovcs);
1254
1255 out_unlock:
1256 mutex_unlock(&of_mutex);
1257
1258 out:
1259 pr_debug("%s() err=%d\n", __func__, ret);
1260
1261 return ret;
1262 }
1263 EXPORT_SYMBOL_GPL(of_overlay_remove);
1264
1265 /**
1266 * of_overlay_remove_all() - Reverts and frees all overlay changesets
1267 *
1268 * Removes all overlays from the system in the correct order.
1269 *
1270 * Returns 0 on success, or a negative error number
1271 */
of_overlay_remove_all(void)1272 int of_overlay_remove_all(void)
1273 {
1274 struct overlay_changeset *ovcs, *ovcs_n;
1275 int ret;
1276
1277 /* the tail of list is guaranteed to be safe to remove */
1278 list_for_each_entry_safe_reverse(ovcs, ovcs_n, &ovcs_list, ovcs_list) {
1279 ret = of_overlay_remove(&ovcs->id);
1280 if (ret)
1281 return ret;
1282 }
1283
1284 return 0;
1285 }
1286 EXPORT_SYMBOL_GPL(of_overlay_remove_all);
1287