I am sorry for breaking the mailing list and sending my answer only to Igor, I've never used emails that much. To make it clear, the answer was: "Hi Igor! No, it hasn't been reproduced in reality because I don't have any appropriate device." пн, 4 дек. 2023 г. в 19:06, Igor Russkikh <irusskikh@xxxxxxxxxxx>: > > > Hi Daniil, > > > If is_ptp_ring == true in the loop of __aq_ring_xdp_clean function, > > then a timestamp is stored from a packet in a field of skb object, > > which is not allocated at the moment of the call (skb == NULL). > > > > Generalize aq_ptp_extract_ts and other affected functions so they don't > > work with struct sk_buff*, but with struct skb_shared_hwtstamps*. > > > > Found by Linux Verification Center (linuxtesting.org) with SVACE > > Thanks for finding this and working on this. > > Have you reproduced it in wild, or this just comes out of static analysis? > > I'm asking because looking into the flow you described - it looks like XDP > mode should immediately fail with null pointer access on any rx traffic. > But that was never reported. > > I will try to debug and validate the fix, but this may take some time. > > So for now > > Reviewed-by: Igor Russkikh <irusskikh@xxxxxxxxxxx> > > > Thanks > Igor
