On Thu, Dec 10, 2020 at 03:38:44PM +0100, Greg Kroah-Hartman wrote: > On Thu, Dec 10, 2020 at 03:32:12PM +0100, Eric Dumazet wrote: > > On Thu, Dec 10, 2020 at 3:26 PM Greg Kroah-Hartman > > <gregkh@xxxxxxxxxxxxxxxxxxx> wrote: > > > > > > From: Eric Dumazet <edumazet@xxxxxxxxxx> > > > > > > IP_ECN_decapsulate() and IP6_ECN_decapsulate() assume > > > IP header is already pulled. > > > > > > geneve does not ensure this yet. > > > > > > Fixing this generically in IP_ECN_decapsulate() and > > > IP6_ECN_decapsulate() is not possible, since callers > > > pass a pointer that might be freed by pskb_may_pull() > > > > > > syzbot reported : > > > > > > > Note that we had to revert this patch, so you can either scratp this > > backport, or make sure to backport the revert. > > I'll drop it thanks. Odd I lost the upstream git id on this patch, let > me check what went wrong... What is the git id of the revert? This ended up already in 4.19.y, 5.4.y, and 5.9.y so needs to be reverted there. thanks, greg k-h
