xfrm6: Fix transport header offset in _decode_session6. skb->transport_header might not be valid when we do a reverse decode because the ipv6 tunnel error handlers don't update it to the inner transport header. This leads to a wrong offset calculation and to wrong layer 4 informations. We fix this by using the size of the ipv6 header as the first offset. Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

commit: de3b7a06dfe15bda3e66a52285d422b954bb4832 [log] [tgz]
author: Steffen Klassert <steffen.klassert@secunet.com> Thu Dec 04 09:46:20 2014 +0100
committer: Steffen Klassert <steffen.klassert@secunet.com> Mon Dec 08 07:38:14 2014 +0100
tree: 9cf16ff37aaf5f29642b09650fe535f170a7a0bc
parent: f2a01517f2a1040a0b156f171a7cefd748f2fd03 [diff] [blame]
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 5f98364..aa48302 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c

@@ -130,8 +130,8 @@
 {
 	struct flowi6 *fl6 = &fl->u.ip6;
 	int onlyproto = 0;
-	u16 offset = skb_network_header_len(skb);
 	const struct ipv6hdr *hdr = ipv6_hdr(skb);
+	u16 offset = sizeof(*hdr);
 	struct ipv6_opt_hdr *exthdr;
 	const unsigned char *nh = skb_network_header(skb);
 	u8 nexthdr = nh[IP6CB(skb)->nhoff];
commit	de3b7a06dfe15bda3e66a52285d422b954bb4832	[log] [tgz]
author	Steffen Klassert <steffen.klassert@secunet.com>	Thu Dec 04 09:46:20 2014 +0100
committer	Steffen Klassert <steffen.klassert@secunet.com>	Mon Dec 08 07:38:14 2014 +0100
tree	9cf16ff37aaf5f29642b09650fe535f170a7a0bc
parent	f2a01517f2a1040a0b156f171a7cefd748f2fd03 [diff] [blame]