2014-01-12 02:02:47

by Bruce Liu

Subject: [PATCH 1/1] When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS. It's possible that skb is NULL because there are other network frames that use several descriptors. So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.

Signed-off-by: damuzi000 <[email protected]>
---
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
index 797b56a..47f2287 100644
--- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
+++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
@@ -332,7 +332,7 @@ static void stmmac_get_tx_hwtstamp(struct stmmac_priv *priv,
return;

/* exit if skb doesn't support hw tstamp */
- if (likely(!(skb_shinfo(skb)->tx_flags & SKBTX_IN_PROGRESS)))
+ if (likely(!skb || !(skb_shinfo(skb)->tx_flags & SKBTX_IN_PROGRESS)))
return;

if (priv->adv_ts)
--
1.7.9.5

2014-01-12 07:20:39

by Hannes Frederic Sowa

Subject: Re: [PATCH 1/1] When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS. It's possible that skb is NULL because there are other network frames that use several descriptors. So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.

On Sun, Jan 12, 2014 at 10:01:35AM +0800, damuzi000 wrote:
>
> Signed-off-by: damuzi000 <[email protected]>

Please use real names in submissions.

Thanks,

Hannes

2014-01-12 09:40:28

by Bruce Liu

Subject: Re: [PATCH 1/1] When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS. It's possible that skb is NULL because there are other network frames that use several descriptors. So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.

When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS.
It's possible that skb is NULL because there are other network frames that use several descriptors.
So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.


Signed-off-by: Bruce Liu <[email protected]>
---
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
index 797b56a..47f2287 100644
--- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
+++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
@@ -332,7 +332,7 @@ static void stmmac_get_tx_hwtstamp(struct stmmac_priv *priv,
return;

/* exit if skb doesn't support hw tstamp */
- if (likely(!(skb_shinfo(skb)->tx_flags & SKBTX_IN_PROGRESS)))
+ if (likely(!skb || !(skb_shinfo(skb)->tx_flags & SKBTX_IN_PROGRESS)))
return;

if (priv->adv_ts)
--
1.7.9.5

2014-01-12 11:38:41

by Daniel Borkmann

Subject: Re: [PATCH 1/1] When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS. It's possible that skb is NULL because there are other network frames that use several descriptors. So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.

On 01/12/2014 10:39 AM, Bruce Liu wrote:
> When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS.
> It's possible that skb is NULL because there are other network frames that use several descriptors.
> So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.
>
>
> Signed-off-by: Bruce Liu <[email protected]>

Please see Documentation/SubmittingPatches +489

You subject line is way too long and should just be something like:

[PATCH net-next] net: stmmac: fix NULL pointer dereference in stmmac_get_tx_hwtstamp

Don't indent your actual commit message with whitespaces as prefix,
and do a line break after around 70 chars.

Btw, I mentioned net-next in the subject since merge window will
open soon anyway.

> ---
> drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
> index 797b56a..47f2287 100644
> --- a/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
> +++ b/drivers/net/ethernet/stmicro/stmmac/stmmac_main.c
> @@ -332,7 +332,7 @@ static void stmmac_get_tx_hwtstamp(struct stmmac_priv *priv,
> return;
>
> /* exit if skb doesn't support hw tstamp */
> - if (likely(!(skb_shinfo(skb)->tx_flags & SKBTX_IN_PROGRESS)))
> + if (likely(!skb || !(skb_shinfo(skb)->tx_flags & SKBTX_IN_PROGRESS)))
> return;
>
> if (priv->adv_ts)
>

2014-01-13 13:55:03

by Bruce Liu

Subject: Re: [PATCH 1/1] When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS. It's possible that skb is NULL because there are other network frames that use several descriptors. So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.

On Sun, Jan 12, 2014 at 12:38:28PM +0100, Daniel Borkmann wrote:
> On 01/12/2014 10:39 AM, Bruce Liu wrote:
> > When timestamping is enabled, stmmac_tx_clean will call stmmac_get_tx_hwtstamp to get tx TS.
> > It's possible that skb is NULL because there are other network frames that use several descriptors.
> > So we must return immediately in stmmac_get_tx_hwtstamp if skb is NULL to avoid system crash.
> >
> >
> >Signed-off-by: Bruce Liu <[email protected]>
>
> Please see Documentation/SubmittingPatches +489
>
> You subject line is way too long and should just be something like:
>
> [PATCH net-next] net: stmmac: fix NULL pointer dereference in stmmac_get_tx_hwtstamp
>
> Don't indent your actual commit message with whitespaces as prefix,
> and do a line break after around 70 chars.
>
> Btw, I mentioned net-next in the subject since merge window will
> open soon anyway.
>

Thanks, and I'll resend the patch.

Bruce.