From patchwork Sat Dec 16 02:25:25 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Haishuang Yan X-Patchwork-Id: 849447 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3yzB4y1R3Lz9s71 for ; Sat, 16 Dec 2017 13:26:42 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756597AbdLPC0g (ORCPT ); Fri, 15 Dec 2017 21:26:36 -0500 Received: from cmccmta1.chinamobile.com ([221.176.66.79]:22269 "EHLO cmccmta1.chinamobile.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755978AbdLPC0e (ORCPT ); Fri, 15 Dec 2017 21:26:34 -0500 Received: from spf.mail.chinamobile.com (unknown[172.16.121.15]) by rmmx-syy-dmz-app04-12004 (RichMail) with SMTP id 2ee45a348457851-485ff; Sat, 16 Dec 2017 10:26:31 +0800 (CST) X-RM-TRANSID: 2ee45a348457851-485ff X-RM-TagInfo: emlType=0 X-RM-SPAM-FLAG: 00000000 Received: from localhost (unknown[223.105.0.240]) by rmsmtp-syy-appsvr08-12008 (RichMail) with SMTP id 2ee85a3484562e0-8316e; Sat, 16 Dec 2017 10:26:31 +0800 (CST) X-RM-TRANSID: 2ee85a3484562e0-8316e From: Haishuang Yan To: "David S. Miller" , Alexey Kuznetsov , Hideaki YOSHIFUJI Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Haishuang Yan , William Tu Subject: [PATCH v2, net-next] ip6_gre: fix a pontential issue in ip6erspan_rcv Date: Sat, 16 Dec 2017 10:25:25 +0800 Message-Id: <1513391125-28227-1-git-send-email-yanhaishuang@cmss.chinamobile.com> X-Mailer: git-send-email 1.8.3.1 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org pskb_may_pull() can change skb->data, so we need to load ipv6h/ershdr at the right place. Fixes: 5a963eb61b7c ("ip6_gre: Add ERSPAN native tunnel support") Acked-by: William Tu Cc: William Tu Signed-off-by: Haishuang Yan --- Change since v2: * Rebase on latest master. --- net/ipv6/ip6_gre.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c index f210f9c..aa1512e 100644 --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -507,12 +507,11 @@ static int ip6erspan_rcv(struct sk_buff *skb, int gre_hdr_len, struct ip6_tnl *tunnel; u8 ver; - ipv6h = ipv6_hdr(skb); - ershdr = (struct erspan_base_hdr *)skb->data; - if (unlikely(!pskb_may_pull(skb, sizeof(*ershdr)))) return PACKET_REJECT; + ipv6h = ipv6_hdr(skb); + ershdr = (struct erspan_base_hdr *)skb->data; ver = (ntohs(ershdr->ver_vlan) & VER_MASK) >> VER_OFFSET; tpi->key = cpu_to_be32(ntohs(ershdr->session_id) & ID_MASK); pkt_md = (struct erspan_metadata *)(ershdr + 1);