On 12/20/24 11:49, Stefano Garzarella wrote: > ... > Note that non-NULL -> NULL should only occur before a connection is > established, so before any data is passed. Is this a problem for BPF?
Please take a look at vsock_bpf_update_proto(). The condition is to have a transport assigned. BPF assumes transport will stay valid. And currently that's a wrong assumption: transport can transition from non-NULL to NULL (due to a failed reconnect). That's why we hit null ptr deref via vsock_bpf_recvmsg(). That said, I sure hope someone BPF-competent is reading this :)
