Re: [PATCH v3] lan743x: fix for potential NULL pointer dereference with bare card
From: Jakub Kicinski
Date: Tue Nov 03 2020 - 20:38:37 EST
On Mon, 2 Nov 2020 01:35:55 +0300 Sergej Bauer wrote:
> This is the 3rd revision of the patch fix for potential null pointer dereference
> with lan743x card.
>
> The simpliest way to reproduce: boot with bare lan743x and issue "ethtool ethN"
> commant where ethN is the interface with lan743x card. Example:
>
> $ sudo ethtool eth7
> dmesg:
> [ 103.510336] BUG: kernel NULL pointer dereference, address: 0000000000000340
> ...
> [ 103.510836] RIP: 0010:phy_ethtool_get_wol+0x5/0x30 [libphy]
> ...
> [ 103.511629] Call Trace:
> [ 103.511666] lan743x_ethtool_get_wol+0x21/0x40 [lan743x]
> [ 103.511724] dev_ethtool+0x1507/0x29d0
> [ 103.511769] ? avc_has_extended_perms+0x17f/0x440
> [ 103.511820] ? tomoyo_init_request_info+0x84/0x90
> [ 103.511870] ? tomoyo_path_number_perm+0x68/0x1e0
> [ 103.511919] ? tty_insert_flip_string_fixed_flag+0x82/0xe0
> [ 103.511973] ? inet_ioctl+0x187/0x1d0
> [ 103.512016] dev_ioctl+0xb5/0x560
> [ 103.512055] sock_do_ioctl+0xa0/0x140
> [ 103.512098] sock_ioctl+0x2cb/0x3c0
> [ 103.512139] __x64_sys_ioctl+0x84/0xc0
> [ 103.512183] do_syscall_64+0x33/0x80
> [ 103.512224] entry_SYSCALL_64_after_hwframe+0x44/0xa9
> [ 103.512274] RIP: 0033:0x7f54a9cba427
Applied, thanks!