40 lines
1.6 KiB
Diff
40 lines
1.6 KiB
Diff
From: Sven Eckelmann <sven@narfation.org>
|
|
Date: Mon, 31 Dec 2018 22:46:09 +0100
|
|
Subject: [PATCH] batman-adv: Force mac header to start of data on xmit
|
|
|
|
The caller of ndo_start_xmit may not already have called
|
|
skb_reset_mac_header. The returned value of skb_mac_header/eth_hdr
|
|
therefore can be in the wrong position and even outside the current skbuff.
|
|
This for example happens when the user binds to the device using a
|
|
PF_PACKET-SOCK_RAW with enabled qdisc-bypass:
|
|
|
|
int opt = 4;
|
|
setsockopt(sock, SOL_PACKET, PACKET_QDISC_BYPASS, &opt, sizeof(opt));
|
|
|
|
Since eth_hdr is used all over the codebase, the batadv_interface_tx
|
|
function must always take care of resetting it.
|
|
|
|
Fixes: fe28a94c01e1 ("batman-adv: receive packets directly using skbs")
|
|
Reported-by: syzbot+9d7405c7faa390e60b4e@syzkaller.appspotmail.com
|
|
Reported-by: syzbot+7d20bc3f1ddddc0f9079@syzkaller.appspotmail.com
|
|
Signed-off-by: Sven Eckelmann <sven@narfation.org>
|
|
|
|
Origin: upstream, https://git.open-mesh.org/batman-adv.git/commit/74c4b0c50f19f986752ee18ed393732f4eed7a66
|
|
---
|
|
net/batman-adv/soft-interface.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c
|
|
index 79d6ab78359db9c6a5df14e2e204c611ab134dfc..d3f540ba2a1388a8aa693a539d01d6a1cad95b44 100644
|
|
--- a/net/batman-adv/soft-interface.c
|
|
+++ b/net/batman-adv/soft-interface.c
|
|
@@ -221,6 +221,8 @@ static int batadv_interface_tx(struct sk_buff *skb,
|
|
|
|
netif_trans_update(soft_iface);
|
|
vid = batadv_get_vid(skb, 0);
|
|
+
|
|
+ skb_reset_mac_header(skb);
|
|
ethhdr = eth_hdr(skb);
|
|
|
|
switch (ntohs(ethhdr->h_proto)) {
|