With -Wsign-compare, compilers warn about a mismatching signedness
in comparisons in fdt_move().
This stems from "bufsize" being passed in as a signed integer, even
though we would expect a buffer size to be positive.
Short of changing the prototype, check that bufsize is not negative, and
cast it to an unsigned type in the comparison.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20201001164630.4980-3-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness
in a comparison in fdt_add_string_().
Make all variables unsigned, and express the negative offset trick via
subtractions in the code.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20201001164630.4980-2-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness
in a comparison in fdt_node_offset_by_phandle().
Uses a better suited bitwise NOT operator to denote the special value of
-1, which automatically results in an unsigned type.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-14-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness
in a comparison in fdt_resize().
A negative buffer size will surely do us no good, so let's rule this
case out first.
In the actual comparison we then know that a cast to an unsigned type is
safe.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-10-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness in
comparisons in fdt_get_string().
In the first two cases, we have just established that the signed values
are not negative, so it's safe to cast the values to an unsigned type.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-7-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about a mismatching signedness
in a comparison in fdt_grab_space_().
All the involved values cannot be negative, so let's switch the types of
the local variables to unsigned to make the compiler happy.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-4-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
With -Wsign-compare, compilers warn about mismatching signedness in
comparisons in fdt_offset_ptr().
This mostly stems from "offset" being passed in as a signed integer,
even though the function would not really tolerate negative values.
Short of changing the prototype, check that offset is not negative, and
use an unsigned type internally.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Message-Id: <20200921165303.9115-2-andre.przywara@arm.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
fdt_check_node_offset_() checks for a valid offset but also changes the
offset by calling fdt_next_tag(). Hence, do not skip this function if
ASSUME_VALID_INPUT is set but only omit the initial offset check in that
case.
As this function works very similar to fdt_check_prop_offset_(), do the
offset check there as well depending on ASSUME_VALID_INPUT.
Message-Id: <1913141.TlUzK5foHS@noys4>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
libfdt: fix undefined behaviour in fdt_splice_()
Along the lines of commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour
in fdt_offset_ptr()"), fdt_splice_() similarly may not use pointer
arithmetic to do overflow checks. (The left side of the checks added by
d4c7c25c9ed1 ["libfdt: check for potential overrun in _fdt_splice()"]
doesn't really lend itself to similar replacement though.)
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Message-Id: <f2d09e81-7cb8-c5cc-9699-1ac05b0626ff@suse.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Using rtems_interrupt_entry_install() instead of
rtems_interrupt_handler_install() avoids a dependency on the dynamic memory
allocation.
Use Interrupt Manager directives instead of a BSP-specific API. Use inline
functions. In SMP configurations, set an affinity to all online processors and
raise the interrupt on the current processor.
The AArch64 cache implementation does not define
rtems_cache_disable_data(), but declares that it does via
CPU_CACHE_SUPPORT_PROVIDES_DISABLE_DATA. The existing implementation of
_CPU_cache_disable_data() is sufficient to enable this functionality
without the erroneous cache feature flag.
Closes#4569
When the cadence I2C code was moved to a shared directory, the
references were updated but the install locations weren't. This updates
the install locations to match what out-of-tree applications expect.
RTEMS untar implementation had problems with overwriting or integrating
archives into existing directory structures. This patch adapts the
behavior to mimic that of a GNU tar or BSD tar and extends the tar01
test to check for the behavior. That is:
* If a directory structure exists, the files from the archive will be
integrated. Existing files are overwritten.
* If a file exists and the archive contains a directory with the same
name, the file is removed and a directory is created. In the above
example: if l1/l2 is a file it will be overwritten with a new
directory.
* If a directory exists and the archive contains a file with the same
name, the directory will be replaced if it is empty. If it contains
files, the result is an error.
* An archive also can contain only a file without the parent
directories. If in that case one of the parent directories exists as a
file extracting the archive results in an error. In the example: if
l1/l2 is a file and the archive doesn't contain the directories but
only the file l1/l2/x.txt that would be an error.
* In case of an error, it is possible that the archive has been
partially extracted.
Closes#4568
In _Workspace_Initialize_for_one_area(), properly check if there is enough
free memory available for the configured workspace size.
The bug was introduced by commit 3d0620b607.
Since the previous Interrupt Manager Extension API moved to the
Interrupt Manager, we can move the interfaces to <rtems/rtems/intr.h> so
that they are available via #include <rtems.h>.
The BSPs provide memory for the separate C Program Heap initialization
via _Memory_Get(). Most BSPs provide exactly one memory area. Only two
BSPs provide more than one memory area (arm/altera-cyclone-v and
bsps/powerpc/mpc55xxevb). Only if more than one memory area is
provided, there is a need to use _Heap_Extend(). Provide two
implementations to initialize the separate C Program Heap and let the
BSP select one of the implementations based on the number of provided
memory areas. This gets rid of a dependency on _Heap_Extend(). It
also avoids dead code sections for most BSPs.
Change licence to BSD-2-Clause according to file history.
Update #3053.
The BSPs provide memory for the workspace initialization via
_Memory_Get(). Most BSPs provide exactly one memory area. Only two
BSPs provide more than one memory area (arm/altera-cyclone-v and
bsps/powerpc/mpc55xxevb). Only if more than one memory area is
provided, there is a need to use _Heap_Extend(). Provide two
implementations to initialize the workspace handler and let the BSP
select one of the implementations based on the number of provided memory
areas. This gets rid of a dependency on _Heap_Extend(). It also avoids
dead code sections for most BSPs.
Affected components are the GR712RC, UT699, UT699E, UT700, and
LEON3FT-RTAX. Strictly, the workaround is only necessary if the MMU is
enabled. Use __FIX_LEON3FT_B2BST to enable the workaround. This is not
100% appropriate, but the best thing we can use to enable the
workaround.
Close#4551.
The _Thread_queue_Extract() does not deal with potential priority
updates and the SMP locking protocol handling. Use
_Thread_queue_Continue(). For the POSIX signals processing this is
currently probably unnecessary, however, the use case is similar to the
restart so use the same appoach.
Close#4546.
