Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2517748imm;
        Tue, 4 Sep 2018 05:58:20 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdbcztjMAN6ZPmC8Oj03pMjPiJkgoYRk/SUnYvlCiw3kBgnThGL2ggXfSrUJ4yNM9T8+2yRs
X-Received: by 2002:a17:902:7b96:: with SMTP id w22-v6mr32926956pll.24.1536065899915;
        Tue, 04 Sep 2018 05:58:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536065899; cv=none;
        d=google.com; s=arc-20160816;
        b=JCHTnNn7W34Cp2v8b/p+pWiJKn+JNxyQkzyuJllRaEuqYny6koCv/n3wLMBeO8k3l4
         zm8F92kIxkj6BFUxgKi57Re+mNIqQuhQPVX+ndFv6KQXj8iEM6Y22XBvpcmDV3ErYsb7
         +vWM6NAvpTyUy4tRqjnh/Z2oJqJSfFp2voeFEhcv3ySrdos8z6uSN8bXCKUjjC01IPAQ
         dPp9n9nhdzyWZSViOKpgHXm2H/D0LlO7ymeni7cz6vE0wOJKEXK+Fg5fZaXj/rpBbkiY
         vE2BshZvaCmGNitte+caLDAmiCFAVoPqQ0SXdgstepOz3FZaKO7+DWfIy0zWxOUUo7o1
         88ug==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=W4e35L913xDSr0j/xovhj2vcLPquVwCJsUv7PuGFvYU=;
        b=RR0XPAlXdz90X7slySO26Fbr2LaiklWPUsrgQ1m4cYdpxHX8t53tLwHQVyoeDbSda8
         GU+TqlUFmDqE8C91DITeRJDZeWHpivk70wiMge2QlnAiDdHRMBDna94vzvkRrrA9zh3i
         xTitOhksVijVi/V6jI/6gSzOKuG/gOoFI9+KwqR7FVx5K/Ssy1bOJ9Iorl9ce+KM+lDL
         cqBSifInl5F4c0vrU+hf9ynTPZhb+Ah8QSjjISGxwEKAQOlwvpSAfeqShHcupvZWpcXf
         3EyOp9cvL2rPmh5fssdpEvVVQ6utth/mUvgZhcBgLPjBqVjToZFxQXXWZmISgqVXrkxc
         InFQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=IYLpMfRi;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m29-v6si21327785pgl.304.2018.09.04.05.58.03;
        Tue, 04 Sep 2018 05:58:19 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@gmail.com header.s=20161025 header.b=IYLpMfRi;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727486AbeIDRVU (ORCPT <rfc822;zzmahb@gmail.com> + 99 others);
        Tue, 4 Sep 2018 13:21:20 -0400
Received: from mail-lj1-f195.google.com ([209.85.208.195]:42246 "EHLO
        mail-lj1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726213AbeIDRVT (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Sep 2018 13:21:19 -0400
Received: by mail-lj1-f195.google.com with SMTP id f1-v6so3034892ljc.9;
        Tue, 04 Sep 2018 05:56:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=sender:date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=W4e35L913xDSr0j/xovhj2vcLPquVwCJsUv7PuGFvYU=;
        b=IYLpMfRi1dgbLag2986Kx1Jsyg9gUkpTcCpaltlCOwgG+BvBkncL4WBvOphT5NZAYl
         ZVQN6tYboV0K9x5RNtNlk9jCrcVcuHTPSJY2Wr7FU48iWQ7EvwHqW8KOyoRF8gQm/Wcw
         cZ5EBZk56OF5jyLiHr6JGCV3OsFSYye/cEGDmLhKk88U2g5p87Km8jbZPKE51ohvthbH
         cV9amOipakYnHOwPtm381RicX7G7iY+S2NpBjQ1mtyp9302UpfU5lYQRAft1uqx2Aexl
         NyF+hbgKb9/Tned0d9eNSjWZi5/ojNvW19227GFVgvuMZ+yOK69PAfL6Hx5aA/KImJvR
         adKg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:date:from:to:cc:subject:message-id
         :references:mime-version:content-disposition:in-reply-to:user-agent;
        bh=W4e35L913xDSr0j/xovhj2vcLPquVwCJsUv7PuGFvYU=;
        b=i2n7hDsPbk/lKGrwbobpjLXQ+0NfIKaB2gj54/Oqx3IlRInRkFVJNpHpdwQ3QOduVp
         o+3DwLkhkQy7BTFfzAaRKJzIfwEP+DcSfkcAz609LlyTwFLFMj3/sPvxKlU1YX1b8wPT
         A6rlsnWtK70NLbuVFWcP7p+i0aSsvwH/Xe8W9a7z4pa8DNJ3Gfn4haHy0DKlVH/0Ovnn
         GumPo4jBqBNPBELXt7ONCkH+cmTEiwxN76iLzZ4IOgXLJpFoiTElsadVOYKXlt40w8GB
         LflZFCWc0yaRnImPMvIJpuOO73NNMB2gxEWQ+myfJvE4ER2DGkTw3PGOm/ZioOtPs6dr
         nBwg==
X-Gm-Message-State: APzg51D5pZ/xp0Hz+gjn/84Xx8rKhRHmMkeDwIq5ESaOlLTWvwB+3fgG
        +hvLKYJDuGzbeSbDTaFWapgvUHor
X-Received: by 2002:a2e:4745:: with SMTP id u66-v6mr7007740lja.76.1536065776240;
        Tue, 04 Sep 2018 05:56:16 -0700 (PDT)
Received: from xi.terra (c-74bee655.07-184-6d6c6d4.bbcust.telenor.se. [85.230.190.116])
        by smtp.gmail.com with ESMTPSA id p9-v6sm4040926ljh.0.2018.09.04.05.56.15
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 04 Sep 2018 05:56:15 -0700 (PDT)
Received: from johan by xi.terra with local (Exim 4.91)
        (envelope-from <johan@kernel.org>)
        id 1fxAsa-0001eB-Dc; Tue, 04 Sep 2018 14:56:24 +0200
Date:   Tue, 4 Sep 2018 14:56:24 +0200
From:   Johan Hovold <johan@kernel.org>
To:     Florian Fainelli <f.fainelli@gmail.com>
Cc:     Johan Hovold <johan@kernel.org>, Rob Herring <robh+dt@kernel.org>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Frank Rowand <frowand.list@gmail.com>,
        devicetree@vger.kernel.org, linux-kernel@vger.kernel.org,
        stable <stable@vger.kernel.org>,
        "David S . Miller" <davem@davemloft.net>
Subject: Re: [PATCH v2 6/9] net: bcmgenet: fix OF child-node lookup
Message-ID: <20180904125624.GS28861@localhost>
References: <20180827082153.22537-1-johan@kernel.org>
 <20180827082153.22537-7-johan@kernel.org>
 <683bdf11-a662-d17e-8bc5-b3cfd238e463@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <683bdf11-a662-d17e-8bc5-b3cfd238e463@gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Aug 30, 2018 at 05:47:33PM -0700, Florian Fainelli wrote:
> On 08/27/2018 01:21 AM, Johan Hovold wrote:
> > Use the new of_get_compatible_child() helper to lookup the mdio child
> > node instead of using of_find_compatible_node(), which searches the
> > entire tree from a given start node and thus can return an unrelated
> > (i.e. non-child) node.
> > 
> > This also addresses a potential use-after-free (e.g. after probe
> > deferral) as the tree-wide helper drops a reference to its first
> > argument (i.e. the node of the device being probed).
> > 
> > Fixes: aa09677cba42 ("net: bcmgenet: add MDIO routines")
> > Cc: stable <stable@vger.kernel.org>     # 3.15
> > Cc: Florian Fainelli <f.fainelli@gmail.com>
> > Cc: David S. Miller <davem@davemloft.net>
> > Signed-off-by: Johan Hovold <johan@kernel.org>
> 
> Reviewed-by: Florian Fainelli <f.fainelli@gmail.com>

Thanks for reviewing.

Rob's gotten the helper into -rc2:

	36156f9241cb of: add helper to lookup compatible child node

so feel free to pick this one up directly to whichever net tree you
prefer. I've been able to trigger crashes after probe deferrals due to
the use-after-free, but this seems unlikely to be exploitable.

Thanks,
Johan