From: Willem de Bruijn <willemdebruijn.ker...@gmail.com>
Date: Thu, 24 May 2018 18:10:30 -0400
> From: Willem de Bruijn <will...@google.com>
>
> Commit b84bbaf7a6c8 ("packet: in packet_snd start writing at link
> layer allocation") ensures that packet_snd always starts writing
> the link layer header in reserved headroom allocated for this
> purpose.
>
> This is needed because packets may be shorter than hard_header_len,
> in which case the space up to hard_header_len may be zeroed. But
> that necessary padding is not accounted for in skb->len.
>
> The fix, however, is buggy. It calls skb_push, which grows skb->len
> when moving skb->data back. But in this case packet length should not
> change.
>
> Instead, call skb_reserve, which moves both skb->data and skb->tail
> back, without changing length.
>
> Fixes: b84bbaf7a6c8 ("packet: in packet_snd start writing at link layer
> allocation")
> Reported-by: Tariq Toukan <tar...@mellanox.com>
> Signed-off-by: Willem de Bruijn <will...@google.com>
> Acked-by: Soheil Hassas Yeganeh <soh...@google.com>
Applied and queued up for -stable.
