On Wed, Jul 24, 2019 at 08:00:42PM +0800, Haishuang Yan wrote:
> Since ip6_tnl_parse_tlv_enc_lim() can call pskb_may_pull()
> which may change skb->data, so we need to re-load ipv6h at
> the right place.
>
> Fixes: 898b29798e36 ("ip6_gre: Refactor ip6gre xmit codes")
> Cc: William Tu <u9012...@gmail.com>
> Signed-off-by: Haishuang Yan <yanhaishu...@cmss.chinamobile.com>
LGTM, thanks for the fix
Acked-by: William Tu <u9012...@gmail.com>
> ---
> net/ipv6/ip6_gre.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c
> index c2049c7..dd2d0b96 100644
> --- a/net/ipv6/ip6_gre.c
> +++ b/net/ipv6/ip6_gre.c
> @@ -660,12 +660,13 @@ static int prepare_ip6gre_xmit_ipv6(struct sk_buff *skb,
> struct flowi6 *fl6, __u8 *dsfield,
> int *encap_limit)
> {
> - struct ipv6hdr *ipv6h = ipv6_hdr(skb);
> + struct ipv6hdr *ipv6h;
> struct ip6_tnl *t = netdev_priv(dev);
> __u16 offset;
>
> offset = ip6_tnl_parse_tlv_enc_lim(skb, skb_network_header(skb));
> /* ip6_tnl_parse_tlv_enc_lim() might have reallocated skb->head */
> + ipv6h = ipv6_hdr(skb);
>
> if (offset > 0) {
> struct ipv6_tlv_tnl_enc_lim *tel;
> --
> 1.8.3.1
>
>
>
