[PATCH] ARM: mvebu: validate memory node device_type strings

[Andrew Lunn]

On Fri, Apr 03, 2026 at 10:42:46AM +0800, Pengpeng Hou wrote:
> mvebu_scan_mem() fetches the raw device_type property and immediately
> compares it with strcmp(). Flat DT properties are external boot input,
> and this path does not prove that the property is NUL-terminated within
> its declared bounds.
> 
> Use fdt_stringlist_get() so malformed unterminated device_type
> properties are rejected before they are used as C strings.
> 
> Signed-off-by: Pengpeng Hou <pengpeng at iscas.ac.cn>
> ---
>  arch/arm/mach-mvebu/board-v7.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/arm/mach-mvebu/board-v7.c b/arch/arm/mach-mvebu/board-v7.c
> index a0740ab0dca9..f867f6233108 100644
> --- a/arch/arm/mach-mvebu/board-v7.c
> +++ b/arch/arm/mach-mvebu/board-v7.c
> @@ -11,6 +11,7 @@
>  
>  #include <linux/kernel.h>
>  #include <linux/init.h>
> +#include <linux/libfdt.h>
>  #include <linux/of_address.h>
>  #include <linux/of_fdt.h>
>  #include <linux/io.h>
> @@ -66,7 +67,8 @@ void __iomem *mvebu_get_scu_base(void)
>  static int __init mvebu_scan_mem(unsigned long node, const char *uname,
>  				 int depth, void *data)
>  {
> -	const char *type = of_get_flat_dt_prop(node, "device_type", NULL);
> +	const char *type = fdt_stringlist_get(initial_boot_params, node,
> +					      "device_type", 0, NULL);
>  	const __be32 *reg, *endp;
>  	int l;

Did you read the comment?

/*
 * When returning from suspend, the platform goes through the
 * bootloader, which executes its DDR3 training code. This code has
 * the unfortunate idea of using the first 10 KB of each DRAM bank to
 * exercise the RAM and calculate the optimal timings. Therefore, this
 * area of RAM is overwritten, and shouldn't be used by the kernel if
 * suspend/resume is supported.
 */

You probably want to make use of:

 *     -FDT_ERR_BADVALUE if the property value is not NUL-terminated
 *     -FDT_ERR_NOTFOUND if the property does not exist

	Andrew