Re: [RESEND] net: phy: fix NULL pointer dereference in phy_polling_mode()

From: Xu Yang
Date: Fri Aug 08 2025 - 06:32:33 EST

Next message: zhouquan: "[PATCH v2 5/6] KVM: riscv: selftests: Add Zicbop extension to get-reg-list test"
Previous message: zhouquan: "[PATCH v2 4/6] RISC-V: KVM: Allow bfloat16 extension for Guest/VM"
In reply to: Xu Yang: "Re: [RESEND] net: phy: fix NULL pointer dereference in phy_polling_mode()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Oleksij,

On Thu, Aug 07, 2025 at 02:45:04PM +0200, Oleksij Rempel wrote:
> On Thu, Aug 07, 2025 at 12:47:02PM +0100, Russell King (Oracle) wrote:
> > On Thu, Aug 07, 2025 at 07:21:46PM +0800, Xu Yang wrote:
> > > Hi Russell and Andrew,
> > >
> > > With more debug on why asix_devices.c driver is creating so many mdio devices,
> > > I found the mdio->phy_mask setting may be missing.
> >
> > mdio->phy_mask is really only a workaround/optimisation to prevent
> > the automatic scanning of the MDIO bus.
> >
> > If we know for certain that we're only interested in a PHY at a
> > certain set of addresses, then it's appropriate to tell the MDIO/phylib
> > layer not to bother scanning the other addresses, but this will mean
> > if the driver uses e.g. phy_find_first(), it will find the first PHY
> > amongst those that phy_mask allows to be scanned, rather than the first
> > on the bus.
> >
> > In other words... it's dependent on the driver.
> >
> > > diff --git a/drivers/net/usb/asix_devices.c b/drivers/net/usb/asix_devices.c
> > > index 9b0318fb50b5..9fba1cb17134 100644
> > > --- a/drivers/net/usb/asix_devices.c
> > > +++ b/drivers/net/usb/asix_devices.c
> > > @@ -676,6 +676,7 @@ static int ax88772_init_mdio(struct usbnet *dev)
> > > priv->mdio->read = &asix_mdio_bus_read;
> > > priv->mdio->write = &asix_mdio_bus_write;
> > > priv->mdio->name = "Asix MDIO Bus";
> > > + priv->mdio->phy_mask = ~BIT(priv->phy_addr);
> > > /* mii bus name is usb-<usb bus number>-<usb device number> */
> > > snprintf(priv->mdio->id, MII_BUS_ID_SIZE, "usb-%03d:%03d",
> > > dev->udev->bus->busnum, dev->udev->devnum);
> > >
> > > Is this the right thing to do?
> >
> > If we're only expecting a MDIO device at priv->phy_addr, then I
> > guess it's fine. Looking at the driver, I don't understand the
> > mixture of dev->mii.* and priv->mdio->*, and sadly I don't have
> > time to look in depth at this driver to work that out.
>
> Hm, I guess, with this change there will be a subtile regression.
> In case of an external PHYs the ax88772_init_phy() is using PHYlib to
> suspend the internal PHY.
>
> May be:
> priv->mdio->phy_mask = ~(BIT(priv->phy_addr) | BIT(AX_EMBD_PHY_ADDR));

I test it and it works. I think this one could be the final solution.

If phy_addr is external phy addr, then the driver need create external and
internal phy device.

So mdio->phy_mask = ~(BIT(priv->phy_addr) | BIT(AX_EMBD_PHY_ADDR)) applies.

If phy_addr is internal phy addr, then the driver need only create internal
phy device.

So mdio->phy_mask = ~(BIT(priv->phy_addr) | BIT(AX_EMBD_PHY_ADDR)) is equal
to mdio->phy_mask = ~BIT(priv->phy_addr).

Thanks,
Xu Yang

>
> --
> Pengutronix e.K. | |
> Steuerwalder Str. 21 | http://www.pengutronix.de/ |
> 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
> Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |

Next message: zhouquan: "[PATCH v2 5/6] KVM: riscv: selftests: Add Zicbop extension to get-reg-list test"
Previous message: zhouquan: "[PATCH v2 4/6] RISC-V: KVM: Allow bfloat16 extension for Guest/VM"
In reply to: Xu Yang: "Re: [RESEND] net: phy: fix NULL pointer dereference in phy_polling_mode()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]