Re: [PATCH net v3 3/3] net: ti: icss-iep: Fix possible NULL pointer dereference for perout request

From: Paolo Abeni
Date: Thu Apr 03 2025 - 07:25:51 EST

Next message: Borislav Petkov: "Re: [PATCH -tip v2] x86/idle: Work around LLVM assembler bug with MONITOR and MWAIT insn"
Previous message: Thomas Gleixner: "Re: [PATCH 2/6] rust: hrtimer: Add HrTimerCallbackContext and ::forward()"
In reply to: Malladi, Meghana: "Re: [PATCH net v3 3/3] net: ti: icss-iep: Fix possible NULL pointer dereference for perout request"
Next in thread: Roger Quadros: "Re: [PATCH net v3 3/3] net: ti: icss-iep: Fix possible NULL pointer dereference for perout request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/2/25 2:37 PM, Malladi, Meghana wrote:
> On 4/2/2025 5:58 PM, Roger Quadros wrote:
>> On 28/03/2025 12:24, Meghana Malladi wrote:
>>> ICSS IEP driver has flags to check if perout or pps has been enabled
>>> at any given point of time. Whenever there is request to enable or
>>> disable the signal, the driver first checks its enabled or disabled
>>> and acts accordingly.
>>>
>>> After bringing the interface down and up, calling PPS/perout enable
>>> doesn't work as the driver believes PPS is already enabled,
>>
>> How? aren't we calling icss_iep_pps_enable(iep, false)?
>> wouldn't this disable the IEP and clear the iep->pps_enabled flag?
>>
>
> The whole purpose of calling icss_iep_pps_enable(iep, false) is to clear
> iep->pps_enabled flag, because if this flag is not cleared it hinders
> generating new pps signal (with the newly loaded firmware) once any of
> the interfaces are up (check icss_iep_perout_enable()), so instead of
> calling icss_iep_pps_enable(iep, false) I am just clearing the
> iep->pps_enabled flag.

IDK what Roger thinks, but the above is not clear to me. I read it as
you are stating that icss_iep_pps_enable() indeed clears the flag, so i
don't see/follow the reasoning behind this change.

Skimmir over the code, icss_iep_pps_enable() could indeed avoid clearing
the flag under some circumstances is that the reason?

Possibly a more describing commit message would help.

>> And, what if you brought 2 interfaces of the same ICSS instances up
>> but put only 1 interface down and up?
>>
>
> Then the flag need not be disabled if only one interface is brought down
> because the IEP is still alive and all the IEP configuration (including
> pps/perout) is still valid.

I read the above as stating this fix is not correct in such scenario,
leading to the wrong final state.

I think it would be better to either give a better reasoning about this
change in the commit message or refactor it to handle even such scenario,

Thanks,

Paolo

Next message: Borislav Petkov: "Re: [PATCH -tip v2] x86/idle: Work around LLVM assembler bug with MONITOR and MWAIT insn"
Previous message: Thomas Gleixner: "Re: [PATCH 2/6] rust: hrtimer: Add HrTimerCallbackContext and ::forward()"
In reply to: Malladi, Meghana: "Re: [PATCH net v3 3/3] net: ti: icss-iep: Fix possible NULL pointer dereference for perout request"
Next in thread: Roger Quadros: "Re: [PATCH net v3 3/3] net: ti: icss-iep: Fix possible NULL pointer dereference for perout request"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]