gpio: sandbox: Avoid calling dev_read_*() if CONFIG_OF_PLATDATA=y

If CONFIG_OF_PLATDATA=y , then the udevice has no valid OF node associated
with it and ofnode_valid(node) evaluates to 0. The dev_read_u32_default()
call ultimately reaches ofnode_read_u32_index() which invokes fdt_getprop()
and passes result of ofnode_to_offset(node) as an offset parameter into it.

The ofnode_to_offset(node) returns -1 for invalid node, which leads to an
fdt_getprop(..., -1, ...) invocation, which will crash sandbox with SIGSEGV
because libfdt can not handle negative node offsets without full tree check,
which U-Boot inhibits to keep size lower.

Since gpio_sandbox_probe() already calls dev_has_ofnode(dev) and assigns
uc_priv->gpio_count to CONFIG_SANDBOX_GPIO_COUNT accordingly, add matching
dev_has_ofnode(dev) check into sandbox_gpio_of_to_plat() and do not call
any of the dev_read_*() functions for devices without valid nodes there
either.

Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>

diff --git a/drivers/gpio/sandbox.c b/drivers/gpio/sandbox.c
index f5be278144387e54ad7badce83ece64588a9ae18..e8f50d815d73b72a85a55607ad28d26a6419d248 100644 (file)
--- a/drivers/gpio/sandbox.c
+++ b/drivers/gpio/sandbox.c
@@ -327,13 +327,14 @@ static const struct dm_gpio_ops gpio_sandbox_ops = {
 
 static int sandbox_gpio_of_to_plat(struct udevice *dev)
 {
-       if (CONFIG_IS_ENABLED(OF_REAL)) {
-               struct gpio_dev_priv *uc_priv = dev_get_uclass_priv(dev);
+       struct gpio_dev_priv *uc_priv = dev_get_uclass_priv(dev);
 
-               uc_priv->gpio_count =
-                       dev_read_u32_default(dev, "sandbox,gpio-count", 0);
-               uc_priv->bank_name = dev_read_string(dev, "gpio-bank-name");
-       }
+       if (!dev_has_ofnode(dev))
+               return 0;
+
+       uc_priv->gpio_count =
+               dev_read_u32_default(dev, "sandbox,gpio-count", 0);
+       uc_priv->bank_name = dev_read_string(dev, "gpio-bank-name");
 
        return 0;
 }