From: Sven Eckelmann Date: Mon, 4 May 2026 19:32:24 +0000 (+0200) Subject: batman-adv: use neigh_node's orig_node only as id X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3bd64ca11d9a1672d67d3130a7264c2cf7f93cdf;p=thirdparty%2Flinux.git batman-adv: use neigh_node's orig_node only as id The orig_node member of struct batadv_neigh_node is no longer used in B.A.T.M.A.N. IV. But batadv_neigh_node_create() is still storing it. Only batadv_v_ogm_route_update() uses it to check if we route toward it - not needing the data stored in the batadv_orig_node object itself, but merely a pointer to identify the originator. The field cannot hold a proper reference because that would create a reference cycle, so it must never be dereferenced. Rename it to orig_node_id and mark it __private to make any future attempt to dereference it immediately noticeable. Signed-off-by: Sven Eckelmann --- diff --git a/net/batman-adv/bat_v_ogm.c b/net/batman-adv/bat_v_ogm.c index 2c4dca639709..5936d0048be0 100644 --- a/net/batman-adv/bat_v_ogm.c +++ b/net/batman-adv/bat_v_ogm.c @@ -719,7 +719,7 @@ static bool batadv_v_ogm_route_update(struct batadv_priv *bat_priv, * don't route towards it */ router = batadv_orig_router_get(orig_node, if_outgoing); - if (router && router->orig_node != orig_node && !orig_neigh_router) { + if (router && ACCESS_PRIVATE(router, orig_node_id) != orig_node && !orig_neigh_router) { batadv_dbg(BATADV_DBG_BATMAN, bat_priv, "Drop packet: OGM via unknown neighbor!\n"); goto out; diff --git a/net/batman-adv/originator.c b/net/batman-adv/originator.c index d05c8240426b..15d660ca7937 100644 --- a/net/batman-adv/originator.c +++ b/net/batman-adv/originator.c @@ -693,9 +693,12 @@ batadv_neigh_node_create(struct batadv_orig_node *orig_node, kref_get(&hard_iface->refcount); ether_addr_copy(neigh_node->addr, neigh_addr); neigh_node->if_incoming = hard_iface; - neigh_node->orig_node = orig_node; neigh_node->last_seen = jiffies; +#ifdef CONFIG_BATMAN_ADV_BATMAN_V + ACCESS_PRIVATE(neigh_node, orig_node_id) = orig_node; +#endif + /* increment unique neighbor refcount */ kref_get(&hardif_neigh->refcount); neigh_node->hardif_neigh = hardif_neigh; diff --git a/net/batman-adv/types.h b/net/batman-adv/types.h index 4e25057359b0..19c7316889b6 100644 --- a/net/batman-adv/types.h +++ b/net/batman-adv/types.h @@ -663,8 +663,15 @@ struct batadv_neigh_node { /** @list: list node for &batadv_orig_node.neigh_list */ struct hlist_node list; - /** @orig_node: pointer to corresponding orig_node */ - struct batadv_orig_node *orig_node; +#ifdef CONFIG_BATMAN_ADV_BATMAN_V + /** + * @orig_node_id: pointer to corresponding orig_node. It must only be used + * to identify the node but must NEVER be dereferenced. The reference counter + * was not increased when this was assigned because it would otherwise create + * a reference cycle. + */ + struct batadv_orig_node *__private orig_node_id; +#endif /** @addr: the MAC address of the neighboring interface */ u8 addr[ETH_ALEN];