From patchwork Sun Jan 19 23:26:08 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Linus_L=C3=BCssing?= <linus.luessing@web.de>
X-Patchwork-Id: 3713
Return-Path: <linus.luessing@web.de>
Received-SPF: None (no SPF record) identity=mailfrom; client-ip=212.227.17.12;
	helo=mout.web.de; envelope-from=linus.luessing@web.de;
	receiver=b.a.t.m.a.n@lists.open-mesh.org
Received: from mout.web.de (mout.web.de [212.227.17.12])
	by open-mesh.org (Postfix) with ESMTPS id BC4A46006E1
	for <b.a.t.m.a.n@lists.open-mesh.org>;
	Mon, 20 Jan 2014 00:25:42 +0100 (CET)
Received: from localhost ([95.211.148.154]) by smtp.web.de (mrweb103) with
	ESMTPSA (Nemesis) id 0M73SD-1V93Mv19Rl-00wlbi for
	<b.a.t.m.a.n@lists.open-mesh.org>; Mon, 20 Jan 2014 00:25:41 +0100
From: =?UTF-8?q?Linus=20L=C3=BCssing?= <linus.luessing@web.de>
To: b.a.t.m.a.n@lists.open-mesh.org
Date: Mon, 20 Jan 2014 00:26:08 +0100
Message-Id: <1390173968-8670-1-git-send-email-linus.luessing@web.de>
X-Mailer: git-send-email 1.8.5.2
MIME-Version: 1.0
X-Provags-ID: V03:K0:4UMyIU8Zden7El5iRhQPZSmUJCpT0axUwSMk2dgPJq11/jAoKNg
	DJwl6+sl+nwUHO7WBdO2a9C/OXV5CmiDVuX0+gX9W1iPpn3d6+qa2JWrrdL1HS99Ztdq31j
	SXxW/UEr4Axxp925RV2YEJb/mUpDrtjx2D49CktzZe7hsyts173RtN11XC1mvbR1ywCYRso
	ZH6bA0zqrf/Bltu0ZUQLA==
Subject: [B.A.T.M.A.N.] [PATCHv2 next] batman-adv: fix potential kernel
	paging error for unicast transmissions
X-BeenThere: b.a.t.m.a.n@lists.open-mesh.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n@lists.open-mesh.org>
List-Id: The list for a Better Approach To Mobile Ad-hoc Networking
	<b.a.t.m.a.n.lists.open-mesh.org>
List-Unsubscribe: <https://lists.open-mesh.org/mm/options/b.a.t.m.a.n>,
	<mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=unsubscribe>
List-Archive: <http://lists.open-mesh.org/pipermail/b.a.t.m.a.n/>
List-Post: <mailto:b.a.t.m.a.n@lists.open-mesh.org>
List-Help: <mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=help>
List-Subscribe: <https://lists.open-mesh.org/mm/listinfo/b.a.t.m.a.n>,
	<mailto:b.a.t.m.a.n-request@lists.open-mesh.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jan 2014 23:25:42 -0000

batadv_send_skb_prepare_unicast(_4addr) might reallocate the skb's
data. If it does then our ethhdr pointer is not valid anymore in
batadv_send_skb_unicast(), resulting in a kernel paging error.

Fixing this by refetching the ethhdr pointer after the potential
reallocation.

~~~
NOTE TO LINUX STABLE MAINTAINERS:

For kernels < 3.9 you will need an additional skb_reset_mac_header(skb)
call in the beginning of batadv_send_skb_unicast().

For kernels >= 3.9 this is not necessary thanks to:

"net: reset mac header in dev_start_xmit()" (6d1ccff627)
~~~

Signed-off-by: Linus Lüssing <linus.luessing@web.de>
---
Note: this patch shouldn't be used in an off-tree module on
kernels < 3.9 without the compat hunk provided by:

"batman-adv: use vlan_/eth_hdr() instead of skb->data in interface_tx path"


 send.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/send.c b/send.c
index 579f5f0..8b312e3 100644
--- a/send.c
+++ b/send.c
@@ -279,6 +279,10 @@ static int batadv_send_skb_unicast(struct batadv_priv *bat_priv,
 		goto out;
 	}
 
+	/* skb->data might have been reallocated by
+	 * batadv_send_skb_prepare_unicast*
+	 */
+	ethhdr = eth_hdr(skb);
 	unicast_packet = (struct batadv_unicast_packet *)skb->data;
 
 	/* inform the destination node that we are still missing a correct route