On 5/28/24 10:24 AM, Willem de Bruijn wrote:
Abhishek Chauhan (ABC) wrote:
+static inline void skb_set_delivery_type_by_clockid(struct sk_buff *skb,
+ ktime_t kt, clockid_t clockid)
+{
+ u8 tstamp_type = SKB_CLOCK_REALTIME;
+
+ switch (clockid) {
+ case CLOCK_REALTIME:
+ break;
+ case CLOCK_MONOTONIC:
+ tstamp_type = SKB_CLOCK_MONOTONIC;
+ break;
+ default:
Willem and Martin, I was thinking we should remove this warn_on_once from below line. Some systems also use panic on warn.
So i think this might result in unnecessary crashes.
Let me know what you think.
Logs which are complaining.
https://syzkaller.appspot.com/x/log.txt?x=118c3ae8980000
I received reports too. Agreed that we need to fix these reports.
The alternative is to limit sk_clockid to supported ones, by failing
setsockopt SO_TXTIME on an unsupported clock.
That changes established ABI behavior. But I don't see how another
clock can be used in any realistic way anyway.
Putting it out there as an option. It's riskier, but in the end I
believe a better fix than just allowing this state to continue.
Failing early would be my preference also. The current ABI is arguably at least
confusing (if not broken) considering other clockid is silently ignored by the
kernel.
A third option would be to not fail the system call, but silently
fall back to CLOCK_REALTIME. Essentially what happens in the datapath
in skb_set_delivery_type_by_clockid now. That is surprising behavior,
we should not do that.
Not sure if it makes sense to go back to this option only after there is
breakage report with a legit usage?