From ca6e9f552f19b6876ccbdc3f6c9d23036aedcf5c Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sat, 10 Apr 2021 16:15:19 +0200
Subject: [PATCH] 4.4-stable patches

added patches:
	batman-adv-initialize-struct-batadv_tvlv_tt_vlan_data-reserved-field.patch
---
 ...adv_tvlv_tt_vlan_data-reserved-field.patch | 40 +++++++++++++++++++
 queue-4.4/series                              |  1 +
 2 files changed, 41 insertions(+)
 create mode 100644 queue-4.4/batman-adv-initialize-struct-batadv_tvlv_tt_vlan_data-reserved-field.patch

diff --git a/queue-4.4/batman-adv-initialize-struct-batadv_tvlv_tt_vlan_data-reserved-field.patch b/queue-4.4/batman-adv-initialize-struct-batadv_tvlv_tt_vlan_data-reserved-field.patch
new file mode 100644
index 00000000000..5a08fbde433
--- /dev/null
+++ b/queue-4.4/batman-adv-initialize-struct-batadv_tvlv_tt_vlan_data-reserved-field.patch
@@ -0,0 +1,40 @@
+From 08c27f3322fec11950b8f1384aa0f3b11d028528 Mon Sep 17 00:00:00 2001
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Date: Mon, 5 Apr 2021 19:16:50 +0900
+Subject: batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
+
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+
+commit 08c27f3322fec11950b8f1384aa0f3b11d028528 upstream.
+
+KMSAN found uninitialized value at batadv_tt_prepare_tvlv_local_data()
+[1], for commit ced72933a5e8ab52 ("batman-adv: use CRC32C instead of CRC16
+in TT code") inserted 'reserved' field into "struct batadv_tvlv_tt_data"
+and commit 7ea7b4a142758dea ("batman-adv: make the TT CRC logic VLAN
+specific") moved that field to "struct batadv_tvlv_tt_vlan_data" but left
+that field uninitialized.
+
+[1] https://syzkaller.appspot.com/bug?id=07f3e6dba96f0eb3cabab986adcd8a58b9bdbe9d
+
+Reported-by: syzbot <syzbot+50ee810676e6a089487b@syzkaller.appspotmail.com>
+Tested-by: syzbot <syzbot+50ee810676e6a089487b@syzkaller.appspotmail.com>
+Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Fixes: ced72933a5e8ab52 ("batman-adv: use CRC32C instead of CRC16 in TT code")
+Fixes: 7ea7b4a142758dea ("batman-adv: make the TT CRC logic VLAN specific")
+Acked-by: Sven Eckelmann <sven@narfation.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/batman-adv/translation-table.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/net/batman-adv/translation-table.c
++++ b/net/batman-adv/translation-table.c
+@@ -871,6 +871,7 @@ batadv_tt_prepare_tvlv_local_data(struct
+ 
+ 		tt_vlan->vid = htons(vlan->vid);
+ 		tt_vlan->crc = htonl(vlan->tt.crc);
++		tt_vlan->reserved = 0;
+ 
+ 		tt_vlan++;
+ 	}
diff --git a/queue-4.4/series b/queue-4.4/series
index 75fc700c046..5b6de8903c6 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -9,3 +9,4 @@ net-ipv6-check-for-validity-before-dereferencing-cfg-fc_nlinfo.nlh.patch
 ia64-fix-user_stack_pointer-for-ptrace.patch
 fs-direct-io-fix-missing-sdio-boundary.patch
 parisc-parisc-agp-requires-sba-iommu-driver.patch
+batman-adv-initialize-struct-batadv_tvlv_tt_vlan_data-reserved-field.patch
-- 
2.47.3