On Freitag, 31. August 2018 16:46:47 CEST Sven Eckelmann wrote:
The per hardif sysfs file "batman_adv/throughput_override" prints the resulting change as info text when the users writes to this file. It uses the helper function batadv_info to add it at the same time to the kernel ring buffer and to the batman-adv debug log (when CONFIG_BATMAN_ADV_DEBUG is enabled).
The function batadv_info requires as first parameter the batman-adv softif net_device. This parameter is then used to find the private buffer which contains the debug log for this batman-adv interface. But batadv_store_throughput_override used as first argument the slave net_device. This slave device doesn't have the batadv_priv private data which is access by batadv_info.
Writing to this file with CONFIG_BATMAN_ADV_DEBUG enabled can either lead to a segfault or to memory corruption.
[...]
Added both patches as ddf99b78e255 [1] and 848be9859b01 [2]
Kind regards, Sven
[1] https://git.open-mesh.org/batman-adv.git/commit/ddf99b78e255530cbadc0f67656a... [2] https://git.open-mesh.org/batman-adv.git/commit/848be9859b0109a6e428f92f21f2...