From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steffen Klassert <steffen.klassert@secunet.com>
Subject: Re: [PATCH ipsec-next] xfrm: don't pull esp/auth header in
 xfrm_parse_spi
Date: Mon, 6 Nov 2017 10:38:03 +0100
Message-ID: <20171106093803.GF23855@secunet.com>
References: <20171102125410.20203-1-fw@strlen.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: <netdev@vger.kernel.org>
To: Florian Westphal <fw@strlen.de>
Return-path: <netdev-owner@vger.kernel.org>
Received: from a.mx.secunet.com ([62.96.220.36]:53956 "EHLO a.mx.secunet.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752212AbdKFJiF (ORCPT <rfc822;netdev@vger.kernel.org>);
        Mon, 6 Nov 2017 04:38:05 -0500
Content-Disposition: inline
In-Reply-To: <20171102125410.20203-1-fw@strlen.de>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

On Thu, Nov 02, 2017 at 01:54:10PM +0100, Florian Westphal wrote:
> syzbot reported an issue where pointer to ip header content was not
> reloaded after xfrm_parse_spi().
> 
> Its not intuitive that this function changes skb->head, so switch to
> skb_pointer_header.

I have to admit that this is not intuitive, but we pull
these headers later anyway. So using skb_header_pointer()
here might add another memcpy that could be avoided.

I think I'll stay with the fix you submitted for the ipsec
tree already.