On Fri, Nov 21, 2025 at 10:40:13AM -0700, Simon Glass wrote: > Hi Marek, > > On Fri, 21 Nov 2025 at 10:34, Marek Vasut <[email protected]> wrote: > > > > On 11/21/25 5:20 PM, Simon Glass wrote: > > > > Hello Simon, > > > > >>> - create a new VALID_OFFSET assumption (split out from VALID_DTB) > > >>> which checks offsets in fdt_next_tag() > > >>> > > >>> The latter might be best. It would likely be very cheap in terms of > > >>> code size. In fact, I should have thought of this at the time. > > >> Wouldn't it be better to not misuse libfdt ? > > > > > > It actually isn't a misuse. It is perfectly OK to pass an invalid > > > offset and libfdt has defined behaviour in that case, absent any > > > 'assumptions' we force. > > > > It actually isn't OK to pass in invalid offset if we compile FDT with > > disabled tree validity checks. > > We are saying exactly the same thing, if you read both of the above :-) > > > > > > Remember, in Linux these checks are enabled. We added the 'assume' > > > thing to reduce code size. Here you have found a situation where it > > > breaks stuff, so we should back off the assumption a bit. > > U-Boot also has those checks enabled, SPL does not, and things break > > when OF_PLATDATA is enabled and there is no valid node associated with > > the udevice. > > Right, so add SPL_OF_LIBFDT_ASSUME_MASK for SPL and check the code > size. If it is too much, add a new level FDT_ASSUME_EXISTS before > FDT_ASSUME_SANE and use that for the necessary checks (there will only > be a few, from my reading of the code).
We already have different mask values for each xPL and then full U-Boot. It doesn't seem like there is a good reason to allow this behavior in xPL is the problem. -- Tom
signature.asc
Description: PGP signature
