• Linus Lüssing's avatar
    batman-adv: mcast: fix multicast tt/tvlv worker locking · a3c7cd0c
    Linus Lüssing authored
    Syzbot has reported some issues with the locking assumptions made for
    the multicast tt/tvlv worker: It was able to trigger the WARN_ON() in
    batadv_mcast_mla_tt_retract() and batadv_mcast_mla_tt_add().
    While hard/not reproduceable for us so far it seems that the
    delayed_work_pending() we use might not be quite safe from reordering.
    
    Therefore this patch adds an explicit, new spinlock to protect the
    update of the mla_list and flags in bat_priv and then removes the
    WARN_ON(delayed_work_pending()).
    
    Reported-by: syzbot+83f2d54ec6b7e417e13f@syzkaller.appspotmail.com
    Reported-by: syzbot+050927a651272b145a5d@syzkaller.appspotmail.com
    Reported-by: syzbot+979ffc89b87309b1b94b@syzkaller.appspotmail.com
    Reported-by: syzbot+f9f3f388440283da2965@syzkaller.appspotmail.com
    Fixes: cbebd363 ("batman-adv: Use own timer for multicast TT and TVLV updates")
    Signed-off-by: default avatarLinus Lüssing <linus.luessing@c0d3.blue>
    Signed-off-by: default avatarSven Eckelmann <sven@narfation.org>
    Signed-off-by: default avatarSimon Wunderlich <sw@simonwunderlich.de>
    a3c7cd0c
multicast.c 47.7 KB