projects / GitHub / LineageOS / G12 / android_kernel_amlogic_linux-4.9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6083f16)
sit: reload iphdr in ipip6_rcv
authorHaishuang Yan <yanhaishuang@cmss.chinamobile.com>
Sun, 4 Jun 2017 06:43:43 +0000 (14:43 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 13 Apr 2018 17:48:19 +0000 (19:48 +0200)
[ Upstream commit b699d0035836f6712917a41e7ae58d84359b8ff9 ]

Since iptunnel_pull_header() can call pskb_may_pull(),
we must reload any pointer that was related to skb->head.

Fixes: a09a4c8dd1ec ("tunnels: Remove encapsulation offloads on decap")
Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/ipv6/sit.c patch | blob | blame | history

diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
index d4d84da28672e650c0bf590050ad4db602c8d5af..181fd958c82ba5bebf37ba23c20808bccee9ef73 100644 (file)
--- a/net/ipv6/sit.c
+++ b/net/ipv6/sit.c
@@ -657,6 +657,7 @@ static int ipip6_rcv(struct sk_buff *skb)
                if (iptunnel_pull_header(skb, 0, htons(ETH_P_IPV6),
                    !net_eq(tunnel->net, dev_net(tunnel->dev))))
                        goto out;
+               iph = ip_hdr(skb);
 
                err = IP_ECN_decapsulate(iph, skb);
                if (unlikely(err)) {