• S
    batman-adv: Force mac header to start of data on xmit · 9114daa8
    Sven Eckelmann 提交于
    The caller of ndo_start_xmit may not already have called
    skb_reset_mac_header. The returned value of skb_mac_header/eth_hdr
    therefore can be in the wrong position and even outside the current skbuff.
    This for example happens when the user binds to the device using a
    PF_PACKET-SOCK_RAW with enabled qdisc-bypass:
    
      int opt = 4;
      setsockopt(sock, SOL_PACKET, PACKET_QDISC_BYPASS, &opt, sizeof(opt));
    
    Since eth_hdr is used all over the codebase, the batadv_interface_tx
    function must always take care of resetting it.
    
    Fixes: c6c8fea2 ("net: Add batman-adv meshing protocol")
    Reported-by: syzbot+9d7405c7faa390e60b4e@syzkaller.appspotmail.com
    Reported-by: syzbot+7d20bc3f1ddddc0f9079@syzkaller.appspotmail.com
    Signed-off-by: NSven Eckelmann <sven@narfation.org>
    Signed-off-by: NSimon Wunderlich <sw@simonwunderlich.de>
    9114daa8
soft-interface.c 32.6 KB