From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out-179.mta0.migadu.com (out-179.mta0.migadu.com [91.218.175.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CF191357A2C for ; Wed, 29 Oct 2025 18:56:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.179 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761764176; cv=none; b=Kh+90YnaFlB0t9FaRfeN4UZYGVPNlm2/F5Xm+BxXF4ovTdsQJ4rCaGMGpNYtO3Mj7YX3zmqAyua6CsjF9sHyzxPWnVmYV0DsDtrvH2UC6vtcqQnnrat4UYIxoN5NWBmAHYMbK1+fNh0AdbCgkqYXC3aLCWbsHQ+UNuXyHzycz/k= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1761764176; c=relaxed/simple; bh=YyljAPDJiqtE/jnUOuW9bS3tb5HTi64M1ANWZDyljTc=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=Kp5v6n8kOpddtYkgpvke+iTO2pktnSVMnRUd1SDW3pOd+JgMUR2Xctmb07dOR+tYtH5M2xlobHeH9d3u5r39UYPdvCd9m60vlsZ8t4T6+o17OgEbBazRN+P0CJKeUX+wmeOyY/Tb2gbOEFA35+CtwS3bAP68BdK6YNfkDGtJTZY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=hzzwgYlu; arc=none smtp.client-ip=91.218.175.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="hzzwgYlu" Message-ID: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1761764162; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=+2pYp4p8PNxFqeH30IMWWJnC3qP005Egf5/0hOU6M/k=; b=hzzwgYlu7/H6J6edv0nYQwyTHO1vdUOF+qLxNlxIwVczMP8CpSRvGq8n2wEidIREbyXj+O QM1OfkCpdgoW6YiusQMYNujrnaVj6JfvwHfuXOwHUYOGPGvdHRB2EojK+OGpZ0dIfva4pD r5zS6WsGwz25FAzjTRiKB5+E3ShZxow= Date: Wed, 29 Oct 2025 18:55:59 +0000 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Subject: Re: [PATCH] ptp: guard ptp_clock_gettime() if neither gettimex64 nor To: Tim Hostetler Cc: Kuniyuki Iwashima , Jakub Kicinski , richardcochran@gmail.com, andrew+netdev@lunn.ch, davem@davemloft.net, edumazet@google.com, junjie.cao@intel.com, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, syzbot+c8c0e7ccabd456541612@syzkaller.appspotmail.com, syzkaller-bugs@googlegroups.com References: <20251028155318.2537122-1-kuniyu@google.com> <20251028161309.596beef2@kernel.org> <9e1ccd0f-ecb6-438e-9763-5ba04bce5928@linux.dev> Content-Language: en-US X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Vadim Fedorenko In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT On 29/10/2025 16:37, Tim Hostetler wrote: > On Tue, Oct 28, 2025 at 4:57 PM Vadim Fedorenko > wrote: >> >> On 28.10.2025 23:54, Kuniyuki Iwashima wrote: >>> On Tue, Oct 28, 2025 at 4:45 PM Vadim Fedorenko >>> wrote: >>>> >>>> On 28.10.2025 23:13, Jakub Kicinski wrote: >>>>> On Tue, 28 Oct 2025 15:51:50 +0000 Kuniyuki Iwashima wrote: >>>>>> From: Richard Cochran >>>>>> Date: Tue, 28 Oct 2025 07:09:41 -0700 >>>>>>> On Tue, Oct 28, 2025 at 05:51:43PM +0800, Junjie Cao wrote: >>>>>>>> Syzbot reports a NULL function pointer call on arm64 when >>>>>>>> ptp_clock_gettime() falls back to ->gettime64() and the driver provides >>>>>>>> neither ->gettimex64() nor ->gettime64(). This leads to a crash in the >>>>>>>> posix clock gettime path. >>>>>>> >>>>>>> Drivers must provide a gettime method. >>>>>>> >>>>>>> If they do not, then that is a bug in the driver. >>>>>> >>>>>> AFAICT, only GVE does not have gettime() and settime(), and >>>>>> Tim (CCed) was preparing a fix and mostly ready to post it. >>>>> >>>>> cc: Vadim who promised me a PTP driver test :) Let's make sure we >>>>> tickle gettime/setting in that test.. >>>> >>>> Heh, call gettime/settime is easy. But in case of absence of these callbacks >>>> the kernel will crash - not sure we can gather good signal in such case? >>> >>> At least we could catch it on NIPA. >>> >>> but I suggested Tim adding WARN_ON_ONCE(!info->gettime64 && >>> !info-> getimex64) in ptp_clock_register() so that a developer can >>> notice that even while loading a buggy module. >> >> Yeah, that looks like a solution > > Yes, I was actually going to post the fix to gve today (I'll still do > that as ptp_clock_gettime() is not the only function to assume a > gettime64 or gettimex64 implementation) and shortly after posting > Kuniyuki's suggested fix to ptp_clock_register() as such: > > diff --git a/drivers/ptp/ptp_clock.c b/drivers/ptp/ptp_clock.c > index ef020599b771..f2d9cf4a455e 100644 > --- a/drivers/ptp/ptp_clock.c > +++ b/drivers/ptp/ptp_clock.c > @@ -325,6 +325,9 @@ struct ptp_clock *ptp_clock_register(struct > ptp_clock_info *info, > if (info->n_alarm > PTP_MAX_ALARMS) > return ERR_PTR(-EINVAL); > > + if (WARN_ON_ONCE(!info->gettimex64 && !info->gettime64)) > + return ERR_PTR(-EINVAL); > + > /* Initialize a clock structure. */ > ptp = kzalloc(sizeof(struct ptp_clock), GFP_KERNEL); > if (!ptp) { > -- > > I also have a similar patch for checking for settime64's function pointer. > > But I have no objections to Junjie posting a v2 in this manner instead > of waiting for me. WARN_ON_ONCE is better in terms of reducing the amount of review work. Driver developers will be automatically notified about improper implementation while Junjie's patch will simply hide the problem.