Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1626632ybh;
        Sun, 15 Mar 2020 07:16:04 -0700 (PDT)
X-Google-Smtp-Source: ADFU+vtPAjVoG5oo4MSuua+opj8bSDaqnHfeTyBB0SqrsNK38mUxyN2E3NubGGsLb6s4rP+uUa0/
X-Received: by 2002:aca:aa12:: with SMTP id t18mr14574380oie.95.1584281764474;
        Sun, 15 Mar 2020 07:16:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1584281764; cv=none;
        d=google.com; s=arc-20160816;
        b=WD1zPMKUv8BAYxkQHSKUqnRPc2WLJ3b7qGFU/o7qeRrDiUKKZLmDEJh5r/70drilsN
         OgRVA2NkUts7sNIxTJc4m5D4M1nuPQIXQ5ZhMUCB0o831PS1HnSjoRmGDQ+h4QivBoEB
         T06fzP59iMnUQUhzw+FUFo0M7bfKlVdzEc9npGen+jGOhBQKyOzPdPxLHpw1wNVuChDv
         0JrSJr4yOkT7KO4CDaLTTRWUJd6VkUr+EEtTdY+B+cPjVkRGq4Mqbv4mPbXA4WAAbbMU
         NeQrudRu9wafm/lEyY1HMPuxhfUpf60QIoTTPE4+710qu5qJC30Uv+eb5MgZW/9zdEoS
         RGXw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from;
        bh=x4A5fFSu+P+kX78mYsLdHzg3Mai6tgwhgxIaDlw0bks=;
        b=pEXSel/H4mNTZnJvta+nR/plQnPgV6Qpw6mGZHK0orFBKJuvoUTgEHEg/fJJsnN6dz
         aRsudNh7BT9otg+qqL1AX0mf5QCF7D2T49jTAZaC85Rm2tMqY0nZRXAmWb1NMFCp452P
         dqddkqLSF6daNPoqB3giBHe56UVaaO1tQ0qtBezD9426PrBzo+uCwXyxcDnwGPuSIec4
         8x44u4Emcp73EsDZg/n8yWDMgdxJmBr7kmoLn62dmmjy/k6kTWbjBlHUuQhhvKjGgGKT
         KahA61ZywP31Spc2uSFaaGEz6gs2ReFqy3DLbanbo7HzGG+hWiS/NXBaqZ1wHprLTeUZ
         /IdQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id q11si8503243otc.153.2020.03.15.07.15.51;
        Sun, 15 Mar 2020 07:16:04 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728295AbgCOOPg (ORCPT <rfc822;zoe.song.ucas@gmail.com>
        + 99 others); Sun, 15 Mar 2020 10:15:36 -0400
Received: from cmccmta3.chinamobile.com ([221.176.66.81]:4864 "EHLO
        cmccmta3.chinamobile.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727778AbgCOOPg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sun, 15 Mar 2020 10:15:36 -0400
Received: from spf.mail.chinamobile.com (unknown[172.16.121.15]) by rmmx-syy-dmz-app10-12010 (RichMail) with SMTP id 2eea5e6e38750a0-cade5; Sun, 15 Mar 2020 22:15:19 +0800 (CST)
X-RM-TRANSID: 2eea5e6e38750a0-cade5
X-RM-TagInfo: emlType=0                                       
X-RM-SPAM-FLAG: 00000000
Received: from localhost (unknown[223.105.0.241])
        by rmsmtp-syy-appsvr08-12008 (RichMail) with SMTP id 2ee85e6e386fc0d-23340;
        Sun, 15 Mar 2020 22:15:19 +0800 (CST)
X-RM-TRANSID: 2ee85e6e386fc0d-23340
From:   Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
To:     Pablo Neira Ayuso <pablo@netfilter.org>,
        Jozsef Kadlecsik <kadlec@netfilter.org>,
        Florian Westphal <fw@strlen.de>
Cc:     netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
        netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
        Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Subject: [PATCH 1/4] netfilter: nf_flow_table: reload ipv6h in nf_flow_nat_ipv6
Date:   Sun, 15 Mar 2020 22:15:02 +0800
Message-Id: <1584281705-26228-1-git-send-email-yanhaishuang@cmss.chinamobile.com>
X-Mailer: git-send-email 1.8.3.1
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Since nf_flow_snat_port and nf_flow_snat_ipv6 call pskb_may_pull()
which may change skb->data, so we need to reload ipv6h at the right
palce.

Fixes: a908fdec3dda ("netfilter: nf_flow_table: move ipv6 offload hook
code to nf_flow_table")
Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
---
 net/netfilter/nf_flow_table_ip.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/net/netfilter/nf_flow_table_ip.c b/net/netfilter/nf_flow_table_ip.c
index 5272721..2e6ebbe 100644
--- a/net/netfilter/nf_flow_table_ip.c
+++ b/net/netfilter/nf_flow_table_ip.c
@@ -417,11 +417,12 @@ static int nf_flow_nat_ipv6(const struct flow_offload *flow,
 
 	if (test_bit(NF_FLOW_SNAT, &flow->flags) &&
 	    (nf_flow_snat_port(flow, skb, thoff, ip6h->nexthdr, dir) < 0 ||
-	     nf_flow_snat_ipv6(flow, skb, ip6h, thoff, dir) < 0))
+	     nf_flow_snat_ipv6(flow, skb, ipv6_hdr(skb), thoff, dir) < 0))
 		return -1;
+	ip6h = ipv6_hdr(skb);
 	if (test_bit(NF_FLOW_DNAT, &flow->flags) &&
 	    (nf_flow_dnat_port(flow, skb, thoff, ip6h->nexthdr, dir) < 0 ||
-	     nf_flow_dnat_ipv6(flow, skb, ip6h, thoff, dir) < 0))
+	     nf_flow_dnat_ipv6(flow, skb, ipv6_hdr(skb), thoff, dir) < 0))
 		return -1;
 
 	return 0;
-- 
1.8.3.1