From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Sven Eckelmann <sven@narfation.org>,
Simon Wunderlich <sw@simonwunderlich.de>,
Sasha Levin <alexander.levin@microsoft.com>
Subject: [PATCH 4.9 06/35] batman-adv: Prevent duplicated global TT entry
Date: Thu, 18 Oct 2018 19:54:35 +0200 [thread overview]
Message-ID: <20181018175423.410360298@linuxfoundation.org> (raw)
In-Reply-To: <20181018175422.506152522@linuxfoundation.org>
4.9-stable review patch. If anyone has any objections, please let me know.
------------------
From: Sven Eckelmann <sven@narfation.org>
[ Upstream commit e7136e48ffdfb9f37b0820f619380485eb407361 ]
The function batadv_tt_global_orig_entry_add is responsible for adding new
tt_orig_list_entry to the orig_list. It first checks whether the entry
already is in the list or not. If it is, then the creation of a new entry
is aborted.
But the lock for the list is only held when the list is really modified.
This could lead to duplicated entries because another context could create
an entry with the same key between the check and the list manipulation.
The check and the manipulation of the list must therefore be in the same
locked code section.
Fixes: d657e621a0f5 ("batman-adv: add reference counting for type batadv_tt_orig_list_entry")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Simon Wunderlich <sw@simonwunderlich.de>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/batman-adv/translation-table.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- a/net/batman-adv/translation-table.c
+++ b/net/batman-adv/translation-table.c
@@ -1550,6 +1550,8 @@ batadv_tt_global_orig_entry_add(struct b
{
struct batadv_tt_orig_list_entry *orig_entry;
+ spin_lock_bh(&tt_global->list_lock);
+
orig_entry = batadv_tt_global_orig_entry_find(tt_global, orig_node);
if (orig_entry) {
/* refresh the ttvn: the current value could be a bogus one that
@@ -1570,16 +1572,16 @@ batadv_tt_global_orig_entry_add(struct b
orig_entry->ttvn = ttvn;
kref_init(&orig_entry->refcount);
- spin_lock_bh(&tt_global->list_lock);
kref_get(&orig_entry->refcount);
hlist_add_head_rcu(&orig_entry->list,
&tt_global->orig_list);
- spin_unlock_bh(&tt_global->list_lock);
atomic_inc(&tt_global->orig_list_count);
out:
if (orig_entry)
batadv_tt_orig_list_entry_put(orig_entry);
+
+ spin_unlock_bh(&tt_global->list_lock);
}
/**
next prev parent reply other threads:[~2018-10-18 18:04 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-18 17:54 [PATCH 4.9 00/35] 4.9.135-stable review Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 01/35] media: af9035: prevent buffer overflow on write Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 02/35] batman-adv: Fix segfault when writing to throughput_override Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 03/35] batman-adv: Fix segfault when writing to sysfs elp_interval Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 04/35] batman-adv: Prevent duplicated nc_node entry Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 05/35] batman-adv: Prevent duplicated softif_vlan entry Greg Kroah-Hartman
2018-10-18 17:54 ` Greg Kroah-Hartman [this message]
2018-10-18 17:54 ` [PATCH 4.9 07/35] batman-adv: Prevent duplicated tvlv handler Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 08/35] batman-adv: fix backbone_gw refcount on queue_work() failure Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 09/35] batman-adv: fix hardif_neigh " Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 10/35] clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 11/35] scsi: ibmvscsis: Fix a stringop-overflow warning Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 12/35] scsi: ibmvscsis: Ensure partition name is properly NUL terminated Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 13/35] Input: atakbd - fix Atari keymap Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 14/35] Input: atakbd - fix Atari CapsLock behaviour Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 15/35] ravb: do not write 1 to reserved bits Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 16/35] drm: mali-dp: Call drm_crtc_vblank_reset on device init Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 17/35] scsi: sd: dont crash the host on invalid commands Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 18/35] net/mlx4: Use cpumask_available for eq->affinity_mask Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 19/35] RISC-V: include linux/ftrace.h in asm-prototypes.h Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 20/35] powerpc/tm: Fix userspace r13 corruption Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 21/35] powerpc/tm: Avoid possible userspace r1 corruption on reclaim Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 22/35] iommu/amd: Return devid as alias for ACPI HID devices Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 23/35] mremap: properly flush TLB before releasing the page Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 24/35] mm: Preserve _PAGE_DEVMAP across mprotect() calls Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 25/35] netfilter: check for seqadj ext existence before adding it in nf_nat_setup_info Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 26/35] ARC: build: Get rid of toolchain check Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 27/35] ARC: build: Dont set CROSS_COMPILE in archs Makefile Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 28/35] HID: quirks: fix support for Apple Magic Keyboards Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 29/35] usb: gadget: serial: fix oops when data rxd after close Greg Kroah-Hartman
2018-10-18 17:54 ` [PATCH 4.9 30/35] sched/cputime: Convert kcpustat to nsecs Greg Kroah-Hartman
2018-10-18 17:55 ` [PATCH 4.9 31/35] macintosh/rack-meter: Convert cputime64_t use to u64 Greg Kroah-Hartman
2018-10-18 17:55 ` [PATCH 4.9 32/35] sched/cputime: Increment kcpustat directly on irqtime account Greg Kroah-Hartman
2018-10-18 17:55 ` [PATCH 4.9 33/35] sched/cputime: Fix ksoftirqd cputime accounting regression Greg Kroah-Hartman
2018-10-18 17:55 ` [PATCH 4.9 34/35] ext4: avoid running out of journal credits when appending to an inline file Greg Kroah-Hartman
2018-10-18 17:55 ` [PATCH 4.9 35/35] HV: properly delay KVP packets when negotiation is in progress Greg Kroah-Hartman
2018-10-19 1:41 ` [PATCH 4.9 00/35] 4.9.135-stable review Nathan Chancellor
2018-10-19 13:20 ` Rafael David Tinoco
2018-10-19 15:48 ` Guenter Roeck
2018-10-19 20:46 ` Shuah Khan
2018-10-19 20:55 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181018175423.410360298@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=alexander.levin@microsoft.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=sven@narfation.org \
--cc=sw@simonwunderlich.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox