[U-Boot,v2,3/4] image: fdt: copy possible optee nodes to a loaded devicetree
diff mbox series

Message ID 20191022190428.14868-3-heiko@sntech.de
State Superseded
Delegated to: Simon Glass
Headers show
Series
  • [U-Boot,v2,1/4] fdtdec: protect against another NULL phandlep in fdtdec_add_reserved_memory()
Related show

Commit Message

Heiko Stuebner Oct. 22, 2019, 7:04 p.m. UTC
From: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>

The loading convention for optee or any other tee on arm64 is as bl32
parameter to the trusted-firmware. So TF-A gets invoked with the TEE as
bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps
into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33.

All of them get passed a devicetree as parameter and all components often
get loaded from a FIT image.

OP-TEE will create additional nodes in that devicetree namely a firmware
node and possibly multiple reserved-memory nodes.

While this devicetree is used in main u-boot, in most cases it won't be
the one passed to the actual kernel. Instead most boot commands will load
a new devicetree from somewhere like mass storage of the network, so if
that happens u-boot should transfer the optee nodes to that new devicetree.

To make that happen introduce optee_copy_fdt_nodes() called from the dt
setup function in image-fdt which after checking for the optee presence
in the u-boot dt will make sure a optee node is present in the kernel dt
and transfer any reserved-memory regions it can find.

Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
---
changes in v2:
- don't create a new optee firmware-node, but instead copy the
  compatible+method properties from the old fdt blob.

 common/image-fdt.c  |   8 +++
 include/tee/optee.h |   9 +++
 lib/optee/optee.c   | 132 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 149 insertions(+)

Comments

Jens Wiklander Oct. 23, 2019, 6:46 a.m. UTC | #1
On Tue, Oct 22, 2019 at 09:04:27PM +0200, Heiko Stuebner wrote:
> From: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> 
> The loading convention for optee or any other tee on arm64 is as bl32
> parameter to the trusted-firmware. So TF-A gets invoked with the TEE as
> bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps
> into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33.
> 
> All of them get passed a devicetree as parameter and all components often
> get loaded from a FIT image.
> 
> OP-TEE will create additional nodes in that devicetree namely a firmware
> node and possibly multiple reserved-memory nodes.
> 
> While this devicetree is used in main u-boot, in most cases it won't be
> the one passed to the actual kernel. Instead most boot commands will load
> a new devicetree from somewhere like mass storage of the network, so if
> that happens u-boot should transfer the optee nodes to that new devicetree.
> 
> To make that happen introduce optee_copy_fdt_nodes() called from the dt
> setup function in image-fdt which after checking for the optee presence
> in the u-boot dt will make sure a optee node is present in the kernel dt
> and transfer any reserved-memory regions it can find.
> 
> Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> ---
> changes in v2:
> - don't create a new optee firmware-node, but instead copy the
>   compatible+method properties from the old fdt blob.
> 
>  common/image-fdt.c  |   8 +++
>  include/tee/optee.h |   9 +++
>  lib/optee/optee.c   | 132 ++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 149 insertions(+)
> 
[snip]

Looks good to me:
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

Cheers,
Jens
Patrick Delaunay Oct. 23, 2019, 7:10 a.m. UTC | #2
Hi Jens and Heiko,

> From: U-Boot <u-boot-bounces@lists.denx.de> On Behalf Of Jens Wiklander
> Sent: mercredi 23 octobre 2019 08:46
> 
> On Tue, Oct 22, 2019 at 09:04:27PM +0200, Heiko Stuebner wrote:
> > From: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> >
> > The loading convention for optee or any other tee on arm64 is as bl32
> > parameter to the trusted-firmware. So TF-A gets invoked with the TEE
> > as
> > bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps
> > into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33.
> >
> > All of them get passed a devicetree as parameter and all components
> > often get loaded from a FIT image.
> >
> > OP-TEE will create additional nodes in that devicetree namely a
> > firmware node and possibly multiple reserved-memory nodes.
> >
> > While this devicetree is used in main u-boot, in most cases it won't
> > be the one passed to the actual kernel. Instead most boot commands
> > will load a new devicetree from somewhere like mass storage of the
> > network, so if that happens u-boot should transfer the optee nodes to that new
> devicetree.
> >
> > To make that happen introduce optee_copy_fdt_nodes() called from the
> > dt setup function in image-fdt which after checking for the optee
> > presence in the u-boot dt will make sure a optee node is present in
> > the kernel dt and transfer any reserved-memory regions it can find.
> >
> > Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> > ---
> > changes in v2:
> > - don't create a new optee firmware-node, but instead copy the
> >   compatible+method properties from the old fdt blob.
> >
> >  common/image-fdt.c  |   8 +++
> >  include/tee/optee.h |   9 +++
> >  lib/optee/optee.c   | 132 ++++++++++++++++++++++++++++++++++++++++++++
> >  3 files changed, 149 insertions(+)
> >
> [snip]

On STM32MP1 platform (armv7 with TF-A support), 
we can use BL32 = OP-TEE or spmin provide by TF-A

So we are plan to have the same type of feature but with an inversed logical:

- Op-Tee nodes (firmwares and reserved) are present in kernel device tree
- U-Boot deactivated these nodes when TEE is not present, with the next function called in ft_system_setup:

static void stm32_fdt_disable_optee(void *blob)
{
	int off, node;

	off = fdt_node_offset_by_compatible(blob, -1, "linaro,optee-tz");
	if (off >= 0 && fdtdec_get_is_enabled(blob, off))
		fdt_status_disabled(blob, off);

	/* Disabled "optee@..." reserved-memory node */
	off = fdt_path_offset(blob, "/reserved-memory/");
	if (off < 0)
		return;
	for (node = fdt_first_subnode(blob, off);
	     node >= 0;
	     node = fdt_next_subnode(blob, node)) {
		if (!strncmp(fdt_get_name(blob, node, NULL), "optee@", 6))
			fdt_status_disabled(blob, node);
	}
}

What is  the better for you ?
1/ Copy the U-Boot op-tee nodes in kernel device tree (where op-tee nodes was present)
or 
2/ Deactivate the op-tee nodes in kernel device tree (where op-tee nodes are present)

The advantage of us is to upstream a Linux Kernel device tree with the correct op-tee nodes...

Regards

> Looks good to me:
> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
> 
> Cheers,
> Jens

Patrick
Heiko Stuebner Oct. 23, 2019, 8:32 a.m. UTC | #3
Hi Patrick,

Am Mittwoch, 23. Oktober 2019, 09:10:52 CEST schrieb Patrick DELAUNAY:
> Hi Jens and Heiko,
> 
> > From: U-Boot <u-boot-bounces@lists.denx.de> On Behalf Of Jens Wiklander
> > Sent: mercredi 23 octobre 2019 08:46
> > 
> > On Tue, Oct 22, 2019 at 09:04:27PM +0200, Heiko Stuebner wrote:
> > > From: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> > >
> > > The loading convention for optee or any other tee on arm64 is as bl32
> > > parameter to the trusted-firmware. So TF-A gets invoked with the TEE
> > > as
> > > bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps
> > > into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33.
> > >
> > > All of them get passed a devicetree as parameter and all components
> > > often get loaded from a FIT image.
> > >
> > > OP-TEE will create additional nodes in that devicetree namely a
> > > firmware node and possibly multiple reserved-memory nodes.
> > >
> > > While this devicetree is used in main u-boot, in most cases it won't
> > > be the one passed to the actual kernel. Instead most boot commands
> > > will load a new devicetree from somewhere like mass storage of the
> > > network, so if that happens u-boot should transfer the optee nodes to that new
> > devicetree.
> > >
> > > To make that happen introduce optee_copy_fdt_nodes() called from the
> > > dt setup function in image-fdt which after checking for the optee
> > > presence in the u-boot dt will make sure a optee node is present in
> > > the kernel dt and transfer any reserved-memory regions it can find.
> > >
> > > Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> > > ---
> > > changes in v2:
> > > - don't create a new optee firmware-node, but instead copy the
> > >   compatible+method properties from the old fdt blob.
> > >
> > >  common/image-fdt.c  |   8 +++
> > >  include/tee/optee.h |   9 +++
> > >  lib/optee/optee.c   | 132 ++++++++++++++++++++++++++++++++++++++++++++
> > >  3 files changed, 149 insertions(+)
> > >
> > [snip]
> 
> On STM32MP1 platform (armv7 with TF-A support), 
> we can use BL32 = OP-TEE or spmin provide by TF-A

That is the same I'm hoping to have at some point for the RK3288
soc I'm also working on :-D .

But why do you need different handling then? Except BL32 being baked
into the TF-A binary on arm32, shouldn't the loading patch be somewhat
similar (SPL -> TF-A -> OP-Tee -> U-Boot) so that OP-Tee also can insert its
nodes there?

(Haven't looked too deeply at this yet)

> So we are plan to have the same type of feature but with an inversed logical:
> 
> - Op-Tee nodes (firmwares and reserved) are present in kernel device tree
> - U-Boot deactivated these nodes when TEE is not present, with the next function called in ft_system_setup:

Having the OP-Tee nodes hard-coded in the devicetree in kernel sources
sounds somewhat counter intuitive to me.

For the firmware node it shouldn't matter much, except that there may
also be other TEEs other than OP-Tee that people may want to load.

But when the reserved memory is hard-coded in the kernel, you bind
yourself to one specific version of your TEE. I.e. what happens when
a future version of your platform support wants to move the memory
region OP-Tee wants to occupy. With OP-Tee handling the reservation
this should be somewhat transparent to bootloader and kernel, as
just the reserved-memory changes.


> static void stm32_fdt_disable_optee(void *blob)
> {
> 	int off, node;
> 
> 	off = fdt_node_offset_by_compatible(blob, -1, "linaro,optee-tz");
> 	if (off >= 0 && fdtdec_get_is_enabled(blob, off))
> 		fdt_status_disabled(blob, off);
> 
> 	/* Disabled "optee@..." reserved-memory node */
> 	off = fdt_path_offset(blob, "/reserved-memory/");
> 	if (off < 0)
> 		return;
> 	for (node = fdt_first_subnode(blob, off);
> 	     node >= 0;
> 	     node = fdt_next_subnode(blob, node)) {
> 		if (!strncmp(fdt_get_name(blob, node, NULL), "optee@", 6))
> 			fdt_status_disabled(blob, node);
> 	}
> }
> 
> What is  the better for you ?
> 1/ Copy the U-Boot op-tee nodes in kernel device tree (where op-tee nodes was present)
> or 
> 2/ Deactivate the op-tee nodes in kernel device tree (where op-tee nodes are present)
> 
> The advantage of us is to upstream a Linux Kernel device tree with the correct op-tee nodes...

In any case, the copying we're doing here should not affect any present
OP-Tee nodes in the kernel dts and only proceed if both
(a) U-Boot dts does contain an OP-Tee node
(b) Kernel dts does _not yet_ contain an OP-Tee node

are valid.


Heiko

> > Looks good to me:
> > Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
> > 
> > Cheers,
> > Jens
> 
> Patrick
>
Patrick Delaunay Oct. 23, 2019, 3:53 p.m. UTC | #4
Hi Heiko,

> 
> Hi Patrick,
> 
> Am Mittwoch, 23. Oktober 2019, 09:10:52 CEST schrieb Patrick DELAUNAY:
> > Hi Jens and Heiko,
> >
> > > From: U-Boot <u-boot-bounces@lists.denx.de> On Behalf Of Jens
> > > Wiklander
> > > Sent: mercredi 23 octobre 2019 08:46
> > >
> > > On Tue, Oct 22, 2019 at 09:04:27PM +0200, Heiko Stuebner wrote:
> > > > From: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
> > > >
> > > > The loading convention for optee or any other tee on arm64 is as
> > > > bl32 parameter to the trusted-firmware. So TF-A gets invoked with
> > > > the TEE as
> > > > bl32 and main u-boot as bl33. Once it has done its startup TF-A
> > > > jumps into the bl32 for the TEE startup, returns to TF-A and then jumps to
> bl33.
> > > >
> > > > All of them get passed a devicetree as parameter and all
> > > > components often get loaded from a FIT image.
> > > >
> > > > OP-TEE will create additional nodes in that devicetree namely a
> > > > firmware node and possibly multiple reserved-memory nodes.
> > > >
> > > > While this devicetree is used in main u-boot, in most cases it
> > > > won't be the one passed to the actual kernel. Instead most boot
> > > > commands will load a new devicetree from somewhere like mass
> > > > storage of the network, so if that happens u-boot should transfer
> > > > the optee nodes to that new
> > > devicetree.
> > > >
> > > > To make that happen introduce optee_copy_fdt_nodes() called from
> > > > the dt setup function in image-fdt which after checking for the
> > > > optee presence in the u-boot dt will make sure a optee node is
> > > > present in the kernel dt and transfer any reserved-memory regions it can find.
> > > >
> > > > Signed-off-by: Heiko Stuebner
> > > > <heiko.stuebner@theobroma-systems.com>
> > > > ---
> > > > changes in v2:
> > > > - don't create a new optee firmware-node, but instead copy the
> > > >   compatible+method properties from the old fdt blob.
> > > >
> > > >  common/image-fdt.c  |   8 +++
> > > >  include/tee/optee.h |   9 +++
> > > >  lib/optee/optee.c   | 132
> ++++++++++++++++++++++++++++++++++++++++++++
> > > >  3 files changed, 149 insertions(+)
> > > >
> > > [snip]
> >
> > On STM32MP1 platform (armv7 with TF-A support), we can use BL32 =
> > OP-TEE or spmin provide by TF-A
> 
> That is the same I'm hoping to have at some point for the RK3288 soc I'm also
> working on :-D .
> 
> But why do you need different handling then? Except BL32 being baked into the
> TF-A binary on arm32, shouldn't the loading patch be somewhat similar (SPL ->
> TF-A -> OP-Tee -> U-Boot) so that OP-Tee also can insert its nodes there?

We have official 2 boot chains support by STM32MP15 serie in U-Boot

ROM code => TF-A (BL2 & spmin) => U-Boot => kernel
= stm32mp15_trusted_defconfig

ROM code => TF-A (BL2) => OP-TEE => U-Boot => kernel
= stm32mp15_optee_defconfig

We have also SPL but only for U-Boot test and with 
minimal PSCI support in u-boot (no low-power mode,
no security support)

ROM code => SPL => U-Boot (install PSCI) => kernel
= stm32mp15_basic_defconfig

For details:
https://wiki.st.com/stm32mpu/index.php/Boot_chains_overview#STM32MP15_case


> (Haven't looked too deeply at this yet)
> 
> > So we are plan to have the same type of feature but with an inversed logical:
> >
> > - Op-Tee nodes (firmwares and reserved) are present in kernel device
> > tree
> > - U-Boot deactivated these nodes when TEE is not present, with the next
> function called in ft_system_setup:
> 
> Having the OP-Tee nodes hard-coded in the devicetree in kernel sources sounds
> somewhat counter intuitive to me.
> 
> For the firmware node it shouldn't matter much, except that there may also be
> other TEEs other than OP-Tee that people may want to load.
> 
> But when the reserved memory is hard-coded in the kernel, you bind yourself to
> one specific version of your TEE. I.e. what happens when a future version of your
> platform support wants to move the memory region OP-Tee wants to occupy. With
> OP-Tee handling the reservation this should be somewhat transparent to
> bootloader and kernel, as just the reserved-memory changes.

I don't check the code and architecture of OP-TEE since a long time
and with your answer I just discover the non-secure device tree 
modification done by the OP-Tee (even it is present since v2.1.0)

> 
> > static void stm32_fdt_disable_optee(void *blob) {
> > 	int off, node;
> >
> > 	off = fdt_node_offset_by_compatible(blob, -1, "linaro,optee-tz");
> > 	if (off >= 0 && fdtdec_get_is_enabled(blob, off))
> > 		fdt_status_disabled(blob, off);
> >
> > 	/* Disabled "optee@..." reserved-memory node */
> > 	off = fdt_path_offset(blob, "/reserved-memory/");
> > 	if (off < 0)
> > 		return;
> > 	for (node = fdt_first_subnode(blob, off);
> > 	     node >= 0;
> > 	     node = fdt_next_subnode(blob, node)) {
> > 		if (!strncmp(fdt_get_name(blob, node, NULL), "optee@", 6))
> > 			fdt_status_disabled(blob, node);
> > 	}
> > }
> >
> > What is  the better for you ?
> > 1/ Copy the U-Boot op-tee nodes in kernel device tree (where op-tee
> > nodes was present) or 2/ Deactivate the op-tee nodes in kernel device
> > tree (where op-tee nodes are present)
> >
> > The advantage of us is to upstream a Linux Kernel device tree with the correct
> op-tee nodes...
> 
> In any case, the copying we're doing here should not affect any present OP-Tee
> nodes in the kernel dts and only proceed if both
> (a) U-Boot dts does contain an OP-Tee node
> (b) Kernel dts does _not yet_ contain an OP-Tee node
> 
> are valid.


Now I understood your patch....

I need to check to correctly handle this behavior on my side
as stm32mp15 TF-A don't using FIT and SPL is not used.

But I think that the U-Boot device tree need to be loaded by BL2 and no more integrated in
U-Boot image thus OP-Tee can modify it.

ROM code => TF-A (BL2) = Load TF-A spmin & U-Boot & Device Tree  
			   => spmin => U-Boot => kernel

ROM code => TF-A (BL2) = Load OP-TEE & U-Boot & Device Tree 
                                          => OP-TEE => U-Boot => kernel
 
> 
> Heiko
> 

Thanks again for the answer.

Patrick

Patch
diff mbox series

diff --git a/common/image-fdt.c b/common/image-fdt.c
index 4247dcee0c..48388488d9 100644
--- a/common/image-fdt.c
+++ b/common/image-fdt.c
@@ -17,6 +17,7 @@ 
 #include <linux/libfdt.h>
 #include <mapmem.h>
 #include <asm/io.h>
+#include <tee/optee.h>
 
 #ifndef CONFIG_SYS_FDT_PAD
 #define CONFIG_SYS_FDT_PAD 0x3000
@@ -561,6 +562,13 @@  int image_setup_libfdt(bootm_headers_t *images, void *blob,
 		}
 	}
 
+	fdt_ret = optee_copy_fdt_nodes(gd->fdt_blob, blob);
+	if (fdt_ret) {
+		printf("ERROR: transfer of optee nodes to new fdt failed: %s\n",
+		       fdt_strerror(fdt_ret));
+		goto err;
+	}
+
 	/* Delete the old LMB reservation */
 	if (lmb)
 		lmb_free(lmb, (phys_addr_t)(u32)(uintptr_t)blob,
diff --git a/include/tee/optee.h b/include/tee/optee.h
index 9446928fd4..121b30a303 100644
--- a/include/tee/optee.h
+++ b/include/tee/optee.h
@@ -67,4 +67,13 @@  static inline int optee_verify_bootm_image(unsigned long image_addr,
 }
 #endif
 
+#if defined(CONFIG_OPTEE) && defined(CONFIG_OF_LIBFDT)
+int optee_copy_fdt_nodes(const void *old_blob, void *new_blob);
+#else
+static inline int optee_copy_fdt_nodes(const void *old_blob, void *new_blob)
+{
+	return 0;
+}
+#endif
+
 #endif /* _OPTEE_H */
diff --git a/lib/optee/optee.c b/lib/optee/optee.c
index db92cd9af2..2f71ded536 100644
--- a/lib/optee/optee.c
+++ b/lib/optee/optee.c
@@ -5,6 +5,8 @@ 
  */
 
 #include <common.h>
+#include <malloc.h>
+#include <linux/libfdt.h>
 #include <tee/optee.h>
 
 #define optee_hdr_err_msg \
@@ -63,3 +65,133 @@  error:
 
 	return ret;
 }
+
+#if defined(CONFIG_OF_LIBFDT)
+static int optee_copy_firmware_node(const void *old_blob, void *fdt_blob)
+{
+	int old_offs, offs, ret, len;
+	const void *prop;
+
+	if (fdt_path_offset(fdt_blob, "/firmware/optee") >= 0) {
+		debug("OP-TEE Device Tree node already exists");
+		return 0;
+	}
+
+	old_offs = fdt_path_offset(old_blob, "/firmware/optee");
+	if (old_offs < 0) {
+		debug("Original OP-TEE Device Tree node not found");
+		return old_offs;
+	}
+
+	offs = fdt_path_offset(fdt_blob, "/firmware");
+	if (offs < 0) {
+		offs = fdt_path_offset(fdt_blob, "/");
+		if (offs < 0)
+			return offs;
+
+		offs = fdt_add_subnode(fdt_blob, offs, "firmware");
+		if (offs < 0)
+			return offs;
+	}
+
+	offs = fdt_add_subnode(fdt_blob, offs, "optee");
+	if (offs < 0)
+		return ret;
+
+	/* copy the compatible property */
+	prop = fdt_getprop(old_blob, old_offs, "compatible", &len);
+	if (!prop) {
+		debug("missing OP-TEE compatible property");
+		return -EINVAL;
+	}
+
+	ret = fdt_setprop(fdt_blob, offs, "compatible", prop, len);
+	if (ret < 0)
+		return ret;
+
+	/* copy the method property */
+	prop = fdt_getprop(old_blob, old_offs, "method", &len);
+	if (!prop) {
+		debug("missing OP-TEE method property");
+		return -EINVAL;
+	}
+
+	ret = fdt_setprop(fdt_blob, offs, "method", prop, len);
+	if (ret < 0)
+		return ret;
+
+	return 0;
+}
+
+int optee_copy_fdt_nodes(const void *old_blob, void *new_blob)
+{
+	int nodeoffset, subnode, ret;
+	struct fdt_resource res;
+
+	if (fdt_check_header(old_blob))
+		return -EINVAL;
+
+	/* only proceed if there is an /firmware/optee node */
+	if (fdt_path_offset(old_blob, "/firmware/optee") < 0) {
+		debug("No OP-TEE firmware node in old fdt, nothing to do");
+		return 0;
+	}
+
+	ret = optee_copy_firmware_node(old_blob, new_blob);
+	if (ret < 0) {
+		printf("Failed to add OP-TEE firmware node\n");
+		return ret;
+	}
+
+	/* optee inserts its memory regions as reserved-memory nodes */
+	nodeoffset = fdt_subnode_offset(old_blob, 0, "reserved-memory");
+	if (nodeoffset >= 0) {
+		subnode = fdt_first_subnode(old_blob, nodeoffset);
+		while (subnode >= 0) {
+			const char *name = fdt_get_name(old_blob,
+							subnode, NULL);
+			if (!name)
+				return -EINVAL;
+
+			/* only handle optee reservations */
+			if (strncmp(name, "optee", 5))
+				continue;
+
+			/* check if this subnode has a reg property */
+			ret = fdt_get_resource(old_blob, subnode, "reg", 0,
+					       &res);
+			if (!ret) {
+				struct fdt_memory carveout = {
+					.start = res.start,
+					.end = res.end,
+				};
+				char *oldname, *nodename, *tmp;
+
+				oldname = strdup(name);
+				if (!oldname)
+					return -ENOMEM;
+
+				tmp = oldname;
+				nodename = strsep(&tmp, "@");
+				if (!nodename) {
+					free(oldname);
+					return -EINVAL;
+				}
+
+				ret = fdtdec_add_reserved_memory(new_blob,
+								 nodename,
+								 &carveout,
+								 NULL);
+				free(oldname);
+
+				if (ret < 0)
+					return ret;
+			}
+
+			subnode = fdt_next_subnode(old_blob, subnode);
+		}
+	}
+
+	return 0;
+}
+#endif