On Wed, May 04, 2022 at 08:47:03AM -0300, Fabio Estevam wrote:
From: Fabio Estevam festevam@denx.de
Since commit f1131b9c23fb ("net: phy: micrel: use kszphy_suspend()/kszphy_resume for irq aware devices") the following NULL pointer dereference is observed on a board with KSZ8061:
# udhcpc -i eth0 udhcpc: started, v1.35.0 8<--- cut here --- Unable to handle kernel NULL pointer dereference at virtual address 00000008 pgd = f73cef4e [00000008] *pgd=00000000 Internal error: Oops: 5 [#1] SMP ARM Modules linked in: CPU: 0 PID: 196 Comm: ifconfig Not tainted 5.15.37-dirty #94 Hardware name: Freescale i.MX6 SoloX (Device Tree) PC is at kszphy_config_reset+0x10/0x114 LR is at kszphy_resume+0x24/0x64 ...
The KSZ8061 phy_driver structure does not have the .probe/..driver_data fields, which means that priv is not allocated.
This causes the NULL pointer dereference inside kszphy_config_reset().
Fix the problem by using the generic suspend/resume functions as before.
Hi Fabio
Thanks for the fix. What you fail to mention is why not call kszphy_probe() to populate priv? What makes this PHY special that it does not need the probe call?
Looking at the ksphy_driver structure, this seems to affect PHY_ID_KS8737 and PHY_ID_KSZ8061
Thanks Andrew