drivers/of/platform.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-)
The current global search for nodes in reserved_mem_matches can find
nodes outside "/reserved-memory". These nodes might not have actual
memory reserved (via memblock), leading to drivers (e.g., ramoops)
accessing unreserved memory and causing memory corruption.
Prioritize scanning children of "/reserved-memory" to ensure the device
is backed by reserved memory. A fallback is kept for compatibility.
Proper reference counting is also added.
Signed-off-by: Kenny Cheng <chao.shun.cheng.tw@gmail.com>
---
drivers/of/platform.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/drivers/of/platform.c b/drivers/of/platform.c
index ba591fbceb56..785ffef48c08 100644
--- a/drivers/of/platform.c
+++ b/drivers/of/platform.c
@@ -563,8 +563,17 @@ static int __init of_platform_default_populate_init(void)
* platform_devices for every node in /reserved-memory with a
* "compatible",
*/
- for_each_matching_node(node, reserved_mem_matches)
- of_platform_device_create(node, NULL, NULL);
+ reserved = of_find_node_by_path("/reserved-memory");
+ if (reserved) {
+ for_each_child_of_node(reserved, node) {
+ if (of_match_node(reserved_mem_matches, node))
+ of_platform_device_create(node, NULL, NULL);
+ }
+ of_node_put(reserved);
+ } else {
+ for_each_matching_node(node, reserved_mem_matches)
+ of_platform_device_create(node, NULL, NULL);
+ }
node = of_find_node_by_path("/firmware");
if (node) {
--
2.34.1The current global search for nodes in reserved_mem_matches can find
nodes outside "/reserved-memory". These nodes might not have actual
memory reserved (via memblock), leading to drivers (e.g., ramoops)
accessing unreserved memory and causing memory corruption.
Prioritize scanning children of "/reserved-memory" to ensure the device
is backed by reserved memory. A fallback is kept for compatibility.
Proper reference counting is also added.
Signed-off-by: Kenny Cheng <chao.shun.cheng.tw@gmail.com>
---
v2:
- Fix missing variable declaration for 'reserved'.
---
drivers/of/platform.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/drivers/of/platform.c b/drivers/of/platform.c
index ba591fbceb56..68bba234cbea 100644
--- a/drivers/of/platform.c
+++ b/drivers/of/platform.c
@@ -500,7 +500,7 @@ static const struct of_device_id reserved_mem_matches[] = {
static int __init of_platform_default_populate_init(void)
{
- struct device_node *node;
+ struct device_node *node, *reserved;
device_links_supplier_sync_state_pause();
@@ -563,8 +563,17 @@ static int __init of_platform_default_populate_init(void)
* platform_devices for every node in /reserved-memory with a
* "compatible",
*/
- for_each_matching_node(node, reserved_mem_matches)
- of_platform_device_create(node, NULL, NULL);
+ reserved = of_find_node_by_path("/reserved-memory");
+ if (reserved) {
+ for_each_child_of_node(reserved, node) {
+ if (of_match_node(reserved_mem_matches, node))
+ of_platform_device_create(node, NULL, NULL);
+ }
+ of_node_put(reserved);
+ } else {
+ for_each_matching_node(node, reserved_mem_matches)
+ of_platform_device_create(node, NULL, NULL);
+ }
node = of_find_node_by_path("/firmware");
if (node) {
--
2.34.1© 2016 - 2026 Red Hat, Inc.