lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <IA1PR11MB628928A8735D0B5BDBEBB05489E92@IA1PR11MB6289.namprd11.prod.outlook.com>
Date: Thu, 30 Jan 2025 19:10:49 +0000
From: "Joshi, Sreedevi" <sreedevi.joshi@...el.com>
To: Andrew Lunn <andrew@...n.ch>, sreedevi.joshi
	<joshisre@...mtp.an.intel.com>
CC: "hkallweit1@...il.com" <hkallweit1@...il.com>, "linux@...linux.org.uk"
	<linux@...linux.org.uk>, "edumazet@...gle.com" <edumazet@...gle.com>,
	"kuba@...nel.org" <kuba@...nel.org>, "pabeni@...hat.com" <pabeni@...hat.com>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: RE: [PATCH net] phy: fix null pointer issue in phy_attach_direct()


> -----Original Message-----
> From: Andrew Lunn <andrew@...n.ch>
> Sent: Wednesday, January 29, 2025 2:14 PM
> To: sreedevi.joshi <joshisre@...mtp.an.intel.com>
> Cc: hkallweit1@...il.com; linux@...linux.org.uk; edumazet@...gle.com; kuba@...nel.org; pabeni@...hat.com;
> netdev@...r.kernel.org; Joshi, Sreedevi <sreedevi.joshi@...el.com>
> Subject: Re: [PATCH net] phy: fix null pointer issue in phy_attach_direct()
> 
> On Wed, Jan 29, 2025 at 12:36:38PM -0600, sreedevi.joshi wrote:
> > From: Sreedevi Joshi <sreedevi.joshi@...el.com>
> >
> > When attaching a fixed phy to devices like veth
> 
> Humm. Zoom out. What is the big picture? Why would a veth need a PHY?
> 
> 	Andrew
[] 
This issue was encountered when working on a POC to demo the mii_timestamper timestamp
callback hooks mechanism. We are using veth pairs as we don't have the HW yet. In this demo,
we connect a fixed PHY to veth and attach mii_timestamper hooks that way. However, as veth device
(like any other virtual interfaces) does not have a parent, it causes Kernel Oops and on our system
it needs a reboot to recover the system. With this check in place,
we could connect fixed PHY and mii_timestamper hooks successfully. I understand
it is not a common practice to attach a PHY to a virtual interface. However, having a check for NULL
before accessing the member will be good to avoid issues.

Wanted to check with community if it is worth applying this to the upstream driver.

This was the crash log:
025-01-30T18:26:53.952545+00:00 dregen kernel: BUG: kernel NULL pointer dereference, address: 0000000000000068
2025-01-30T18:26:53.952570+00:00 dregen kernel: #PF: supervisor read access in kernel mode
2025-01-30T18:26:53.952571+00:00 dregen kernel: #PF: error_code(0x0000) - not-present page
2025-01-30T18:26:53.952572+00:00 dregen kernel: PGD 0 P4D 0
2025-01-30T18:26:53.952573+00:00 dregen kernel: Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI
2025-01-30T18:26:53.952573+00:00 dregen kernel: CPU: 80 UID: 0 PID: 7734 Comm: ip Not tainted 6.11.0+ #100
2025-01-30T18:26:53.952574+00:00 dregen kernel: Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0011.032620200659 03/26/2020
2025-01-30T18:26:53.952576+00:00 dregen kernel: RIP: 0010:phy_attach_direct+0x34/0x3f0
2025-01-30T18:26:53.952577+00:00 dregen kernel: Code: 55 45 31 ed 41 54 49 89 f4 55 89 d5 53 48 89 fb 48 83 ec 08 4c 8b b6 e0 02 00 00 89 0c 24 48 85 ff 74 0f 48 8b 87 78 05 00 00 <48> 8b 40 68 4c 8b 68 10 49 8b 3e 4c 39 ef 74 0d e8 27 a6 85 ff 84
2025-01-30T18:26:53.952577+00:00 dregen kernel: RSP: 0018:ffffb6b4337c7698 EFLAGS: 00010286
2025-01-30T18:26:53.952578+00:00 dregen kernel: RAX: 0000000000000000 RBX: ffff9dbd9a3c5000 RCX: 0000000000000002
2025-01-30T18:26:53.952578+00:00 dregen kernel: RDX: 0000000000000000 RSI: ffff9dbda39f9800 RDI: ffff9dbd9a3c5000
2025-01-30T18:26:53.952579+00:00 dregen kernel: RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
2025-01-30T18:26:53.952579+00:00 dregen kernel: R10: 0000000000000000 R11: 0000000000000000 R12: ffff9dbda39f9800
2025-01-30T18:26:53.952581+00:00 dregen kernel: R13: 0000000000000000 R14: ffff9d014dc48000 R15: ffff9dbda39f9000
2025-01-30T18:26:53.952582+00:00 dregen kernel: FS:  00007f6e30b20b80(0000) GS:ffff9e778bb00000(0000) knlGS:0000000000000000
2025-01-30T18:26:53.952582+00:00 dregen kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
2025-01-30T18:26:53.952582+00:00 dregen kernel: CR2: 0000000000000068 CR3: 000000bd51444002 CR4: 00000000007706f0
2025-01-30T18:26:53.952583+00:00 dregen kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
2025-01-30T18:26:53.952583+00:00 dregen kernel: DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
2025-01-30T18:26:53.952585+00:00 dregen kernel: PKRU: 55555554
2025-01-30T18:26:53.952585+00:00 dregen kernel: Call Trace:
2025-01-30T18:26:53.952586+00:00 dregen kernel:  <TASK>
2025-01-30T18:26:53.952586+00:00 dregen kernel:  ? __die+0x1f/0x60
2025-01-30T18:26:53.952586+00:00 dregen kernel:  ? page_fault_oops+0x15c/0x450
2025-01-30T18:26:53.952587+00:00 dregen kernel:  ? klist_next+0x145/0x150
2025-01-30T18:26:53.952589+00:00 dregen kernel:  ? exc_page_fault+0x77/0x160
2025-01-30T18:26:53.952589+00:00 dregen kernel:  ? asm_exc_page_fault+0x22/0x30
2025-01-30T18:26:53.952590+00:00 dregen kernel:  ? phy_attach_direct+0x34/0x3f0
2025-01-30T18:26:53.952590+00:00 dregen kernel:  ? __pfx_veth_adjust_link+0x10/0x10 [veth]
2025-01-30T18:26:53.952591+00:00 dregen kernel:  phy_connect_direct+0x21/0x70
2025-01-30T18:26:53.952591+00:00 dregen kernel:  veth_newlink+0x1f7/0x550 [veth]
2025-01-30T18:26:53.952591+00:00 dregen kernel:  __rtnl_newlink+0x70f/0x980
2025-01-30T18:26:53.952593+00:00 dregen kernel:  ? avc_has_perm_noaudit+0x67/0xf0
2025-01-30T18:26:53.952593+00:00 dregen kernel:  rtnl_newlink+0x43/0x70
2025-01-30T18:26:53.952594+00:00 dregen kernel:  rtnetlink_rcv_msg+0x14b/0x3f0
2025-01-30T18:26:53.952594+00:00 dregen kernel:  ? dl_server_stop+0x2b/0x40
2025-01-30T18:26:53.952594+00:00 dregen kernel:  ? __perf_event_task_sched_in+0x8c/0x200
2025-01-30T18:26:53.952595+00:00 dregen kernel:  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
2025-01-30T18:26:53.952597+00:00 dregen kernel:  netlink_rcv_skb+0x54/0x100
2025-01-30T18:26:53.952597+00:00 dregen kernel:  netlink_unicast+0x23e/0x390
2025-01-30T18:26:53.952598+00:00 dregen kernel:  netlink_sendmsg+0x1f3/0x440
2025-01-30T18:26:53.952598+00:00 dregen kernel:  ____sys_sendmsg+0x2d7/0x310
2025-01-30T18:26:53.952598+00:00 dregen kernel:  ? copy_msghdr_from_user+0x6d/0xa0
2025-01-30T18:26:53.952599+00:00 dregen kernel:  ___sys_sendmsg+0x86/0xd0
2025-01-30T18:26:53.952599+00:00 dregen kernel:  ? do_fault+0x2a4/0x5d0
2025-01-30T18:26:53.952601+00:00 dregen kernel:  ? __handle_mm_fault+0x55f/0xff0
2025-01-30T18:26:53.952601+00:00 dregen kernel:  __sys_sendmsg+0x57/0xa0
2025-01-30T18:26:53.952602+00:00 dregen kernel:  do_syscall_64+0x3b/0xc0
2025-01-30T18:26:53.952602+00:00 dregen kernel:  entry_SYSCALL_64_after_hwframe+0x76/0x7e

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ