Richard Hill reported an occasional NULL pointer deference in
port_delay_request() when in hybrid mode.
if (p->hybrid_e2e) {
struct ptp_message *dst = TAILQ_FIRST(&p->best->messages);
msg->address = dst->address;
...
}
The code assumes that the p->best->messages list can't be empty
because:
The function, port_delay_request(), is called only when
FD_DELAY_TIMER expires. That timer is only set by the function,
port_set_delay_tmo(), which is called:
1. from process_delay_resp(), but only when state is UNCALIBRATED
or SLAVE.
2. from port_e2e_transition(), but only when state is UNCALIBRATED
or SLAVE.
Looking at handle_state_decision_event(), a port can only enter
UNCALIBRATED or SLAVE when it has a valid foreign master record,
ie p->best->messages is not null.
A port also only clears p->best->messages when it leaves
UNCALIBRATED or SLAVE, at which point the FD_DELAY_TIMER is also
cleared.
*However* the p->best->messages list *can* be empty if the
FD_ANNOUNCE_TIMER and the FD_DELAY_TIMER expire at the same time. In
this case, the poll() call indicates events on both file descriptors.
The announce timeout is handled like this:
case FD_ANNOUNCE_TIMER:
case FD_SYNC_RX_TIMER:
if (p->best)
fc_clear(p->best);
So then the port_delay_request() call de-references the null
TAILQ_FIRST message pointer.
This patch fixes the issue by re-ordering the timer file descriptors
within the polling list.
Signed-off-by: Richard Cochran <richardcochran@gmail.com>
Reported-by: Richard Hill <plonta@gmx.de>
With rtnl socket we can track link status per port(except UDS port).
We can make sure we get the correct interface and latest status with function
port_link_status().
At the same time we need to set clock sde after link down. But we return
EV_FAULT_DETECTED in port_event(), which will not set clock sde. So we need
to set it in port_link_status().
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
This patch adds a new timer for use in 802.1AS-2011 applications. When
running as a slave in gPTP mode, the program must monitor both announce
and sync messages from the master. If either one goes missing, then we
trigger a BMC election. The sync timeout is actually reset by a valid
sync/follow up pair of messages.
Signed-off-by: Richard Cochran <richardcochran@gmail.com>
This patch renames the per-port timer in order to make room in the
namespace for a timer that detects a sync message input timeout.
Signed-off-by: Richard Cochran <richardcochran@gmail.com>
It was a cute idea to have the raw Ethernet layer use just one socket,
but it ended up not working on some specific PTP time stamping hardware.
Signed-off-by: Richard Cochran <richardcochran@gmail.com>
Richard Cochran
Hangbin Liu