Home Home > GIT Browse > stable
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJiri Slaby <jslaby@suse.cz>2019-02-15 10:23:48 +0100
committerJiri Slaby <jslaby@suse.cz>2019-02-15 10:24:18 +0100
commit541d0a16769d5208db6177beb6e2c8e051a2911b (patch)
tree0c703b0f70d98d085394f96da1ea8cba7f1526a0
parent25b689e914e74318b9a11a6d64d87743fcab8e93 (diff)
batman-adv: Force mac header to start of data on xmit
-rw-r--r--patches.kernel.org/4.20.9-050-batman-adv-Force-mac-header-to-start-of-data-o.patch48
-rw-r--r--series.conf1
2 files changed, 49 insertions, 0 deletions
diff --git a/patches.kernel.org/4.20.9-050-batman-adv-Force-mac-header-to-start-of-data-o.patch b/patches.kernel.org/4.20.9-050-batman-adv-Force-mac-header-to-start-of-data-o.patch
new file mode 100644
index 0000000000..0b3c29eeca
--- /dev/null
+++ b/patches.kernel.org/4.20.9-050-batman-adv-Force-mac-header-to-start-of-data-o.patch
@@ -0,0 +1,48 @@
+From: Sven Eckelmann <sven@narfation.org>
+Date: Mon, 31 Dec 2018 22:31:01 +0100
+Subject: [PATCH] batman-adv: Force mac header to start of data on xmit
+References: bnc#1012628
+Patch-mainline: 4.20.9
+Git-commit: 9114daa825fc3f335f9bea3313ce667090187280
+
+commit 9114daa825fc3f335f9bea3313ce667090187280 upstream.
+
+The caller of ndo_start_xmit may not already have called
+skb_reset_mac_header. The returned value of skb_mac_header/eth_hdr
+therefore can be in the wrong position and even outside the current skbuff.
+This for example happens when the user binds to the device using a
+PF_PACKET-SOCK_RAW with enabled qdisc-bypass:
+
+ int opt = 4;
+ setsockopt(sock, SOL_PACKET, PACKET_QDISC_BYPASS, &opt, sizeof(opt));
+
+Since eth_hdr is used all over the codebase, the batadv_interface_tx
+function must always take care of resetting it.
+
+Fixes: c6c8fea29769 ("net: Add batman-adv meshing protocol")
+Reported-by: syzbot+9d7405c7faa390e60b4e@syzkaller.appspotmail.com
+Reported-by: syzbot+7d20bc3f1ddddc0f9079@syzkaller.appspotmail.com
+Signed-off-by: Sven Eckelmann <sven@narfation.org>
+Signed-off-by: Simon Wunderlich <sw@simonwunderlich.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jslaby@suse.cz>
+---
+ net/batman-adv/soft-interface.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/net/batman-adv/soft-interface.c b/net/batman-adv/soft-interface.c
+index 5db5a0a4c959..b85ca809e509 100644
+--- a/net/batman-adv/soft-interface.c
++++ b/net/batman-adv/soft-interface.c
+@@ -221,6 +221,8 @@ static netdev_tx_t batadv_interface_tx(struct sk_buff *skb,
+
+ netif_trans_update(soft_iface);
+ vid = batadv_get_vid(skb, 0);
++
++ skb_reset_mac_header(skb);
+ ethhdr = eth_hdr(skb);
+
+ switch (ntohs(ethhdr->h_proto)) {
+--
+2.20.1
+
diff --git a/series.conf b/series.conf
index 31e37e9d65..be55ea9f2f 100644
--- a/series.conf
+++ b/series.conf
@@ -1132,6 +1132,7 @@
patches.kernel.org/4.20.9-047-libceph-avoid-KEEPALIVE_PENDING-races-in-ceph_.patch
patches.kernel.org/4.20.9-048-xfrm-refine-validation-of-template-and-selecto.patch
patches.kernel.org/4.20.9-049-batman-adv-Avoid-WARN-on-net_device-without-pa.patch
+ patches.kernel.org/4.20.9-050-batman-adv-Force-mac-header-to-start-of-data-o.patch
########################################################
# Build fixes that apply to the vanilla kernel too.