For better or worse libfdt recent grew a lot of code that checks the
validity of the device tree in great detail. When using unsigned or
unverified data this makes things safer, but it does add to code size.

Add some controls to select the trade-off between safety and code size.

Signed-off-by: Simon Glass <s...@chromium.org>
---

 lib/Kconfig         | 33 +++++++++++++++++++++++++++++++++
 lib/libfdt/Makefile |  3 ++-
 2 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/lib/Kconfig b/lib/Kconfig
index 135f0b372b..b8a8509d72 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -464,6 +464,17 @@ config OF_LIBFDT
          particular compatible nodes. The library operates on a flattened
          version of the device tree.
 
+config OF_LIBFDT_ASSUME_MASK
+       hex "Mask of conditions to assume for libfdt"
+       depends on OF_LIBFDT || FIT
+       default 0
+       help
+         Use this to change the assumptions made by libfdt about the
+         device tree it is working with. A value of 0 means that no assumptions
+         are made, and libfdt is able to deal with malicious data. A value of
+         0xff means all assumptions are made and any invalid data may cause
+         unsafe execution. See FDT_ASSUME_PERFECT, etc. in libfdt_internal.h
+
 config OF_LIBFDT_OVERLAY
        bool "Enable the FDT library overlay support"
        depends on OF_LIBFDT
@@ -481,6 +492,17 @@ config SPL_OF_LIBFDT
          particular compatible nodes. The library operates on a flattened
          version of the device tree.
 
+config SPL_OF_LIBFDT_ASSUME_MASK
+       hex "Mask of conditions to assume for libfdt"
+       depends on SPL_OF_LIBFDT || FIT
+       default 0xff
+       help
+         Use this to change the assumptions made by libfdt in SPL about the
+         device tree it is working with. A value of 0 means that no assumptions
+         are made, and libfdt is able to deal with malicious data. A value of
+         0xff means all assumptions are made and any invalid data may cause
+         unsafe execution. See FDT_ASSUME_PERFECT, etc. in libfdt_internal.h
+
 config TPL_OF_LIBFDT
        bool "Enable the FDT library for TPL"
        default y if TPL_OF_CONTROL
@@ -491,6 +513,17 @@ config TPL_OF_LIBFDT
          particular compatible nodes. The library operates on a flattened
          version of the device tree.
 
+config TPL_OF_LIBFDT_ASSUME_MASK
+       hex "Mask of conditions to assume for libfdt"
+       depends on TPL_OF_LIBFDT || FIT
+       default 0xff
+       help
+         Use this to change the assumptions made by libfdt in TPL about the
+         device tree it is working with. A value of 0 means that no assumptions
+         are made, and libfdt is able to deal with malicious data. A value of
+         0xff means all assumptions are made and any invalid data may cause
+         unsafe execution. See FDT_ASSUME_PERFECT, etc. in libfdt_internal.h
+
 config FDT_FIXUP_PARTITIONS
        bool "overwrite MTD partitions in DTS through defined in 'mtdparts'"
        depends on OF_LIBFDT
diff --git a/lib/libfdt/Makefile b/lib/libfdt/Makefile
index ef5b6e29d4..5d3ae4e2f1 100644
--- a/lib/libfdt/Makefile
+++ b/lib/libfdt/Makefile
@@ -22,4 +22,5 @@ obj-y += fdt_ro.o
 # U-Boot own file
 obj-y += fdt_region.o
 
-ccflags-y := -I$(srctree)/scripts/dtc/libfdt
+ccflags-y := -I$(srctree)/scripts/dtc/libfdt \
+       -DFDT_ASSUME_MASK=$(CONFIG_$(SPL_TPL_)OF_LIBFDT_ASSUME_MASK)
-- 
2.24.0.rc0.303.g954a862665-goog

_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot

Reply via email to