This is a note to let you know that I've just added the patch titled batman-adv: Make TT capability changes atomic to the 4.2-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: batman-adv-make-tt-capability-changes-atomic.patch and it can be found in the queue-4.2 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From ac4eebd48461ec993e7cb614d5afe7df8c72e6b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Linus=20L=C3=BCssing?= <linus.luessing@xxxxxxxxx> Date: Tue, 16 Jun 2015 17:10:24 +0200 Subject: batman-adv: Make TT capability changes atomic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: =?UTF-8?q?Linus=20L=C3=BCssing?= <linus.luessing@xxxxxxxxx> commit ac4eebd48461ec993e7cb614d5afe7df8c72e6b7 upstream. Bitwise OR/AND assignments in C aren't guaranteed to be atomic. One OGM handler might undo the set/clear of a specific bit from another handler run in between. Fix this by using the atomic set_bit()/clear_bit()/test_bit() functions. Fixes: e17931d1a61d ("batman-adv: introduce capability initialization bitfield") Signed-off-by: Linus Lüssing <linus.luessing@xxxxxxxxx> Signed-off-by: Marek Lindner <mareklindner@xxxxxxxxxxxxx> Signed-off-by: Antonio Quartulli <antonio@xxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- net/batman-adv/translation-table.c | 8 +++++--- net/batman-adv/types.h | 4 ++-- 2 files changed, 7 insertions(+), 5 deletions(-) --- a/net/batman-adv/translation-table.c +++ b/net/batman-adv/translation-table.c @@ -19,6 +19,7 @@ #include "main.h" #include <linux/atomic.h> +#include <linux/bitops.h> #include <linux/bug.h> #include <linux/byteorder/generic.h> #include <linux/compiler.h> @@ -1882,7 +1883,7 @@ void batadv_tt_global_del_orig(struct ba } spin_unlock_bh(list_lock); } - orig_node->capa_initialized &= ~BATADV_ORIG_CAPA_HAS_TT; + clear_bit(BATADV_ORIG_CAPA_HAS_TT, &orig_node->capa_initialized); } static bool batadv_tt_global_to_purge(struct batadv_tt_global_entry *tt_global, @@ -2841,7 +2842,7 @@ static void _batadv_tt_update_changes(st return; } } - orig_node->capa_initialized |= BATADV_ORIG_CAPA_HAS_TT; + set_bit(BATADV_ORIG_CAPA_HAS_TT, &orig_node->capa_initialized); } static void batadv_tt_fill_gtable(struct batadv_priv *bat_priv, @@ -3343,7 +3344,8 @@ static void batadv_tt_update_orig(struct bool has_tt_init; tt_vlan = (struct batadv_tvlv_tt_vlan_data *)tt_buff; - has_tt_init = orig_node->capa_initialized & BATADV_ORIG_CAPA_HAS_TT; + has_tt_init = test_bit(BATADV_ORIG_CAPA_HAS_TT, + &orig_node->capa_initialized); /* orig table not initialised AND first diff is in the OGM OR the ttvn * increased by one -> we can apply the attached changes --- a/net/batman-adv/types.h +++ b/net/batman-adv/types.h @@ -274,7 +274,7 @@ struct batadv_orig_node { struct hlist_node mcast_want_all_ipv6_node; #endif unsigned long capabilities; - uint8_t capa_initialized; + unsigned long capa_initialized; atomic_t last_ttvn; unsigned char *tt_buff; int16_t tt_buff_len; @@ -315,7 +315,7 @@ struct batadv_orig_node { enum batadv_orig_capabilities { BATADV_ORIG_CAPA_HAS_DAT, BATADV_ORIG_CAPA_HAS_NC, - BATADV_ORIG_CAPA_HAS_TT = BIT(2), + BATADV_ORIG_CAPA_HAS_TT, BATADV_ORIG_CAPA_HAS_MCAST = BIT(3), }; Patches currently in stable-queue which might be from linus.luessing@xxxxxxxxx are queue-4.2/batman-adv-fix-potential-synchronization-issues-in-mcast-tvlv-handler.patch queue-4.2/batman-adv-make-tt-capability-changes-atomic.patch queue-4.2/batman-adv-make-dat-capability-changes-atomic.patch queue-4.2/batman-adv-make-nc-capability-changes-atomic.patch queue-4.2/batman-adv-fix-potentially-broken-skb-network-header-access.patch queue-4.2/batman-adv-make-mcast-capability-changes-atomic.patch -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html