[PATCH 4.20 005/145] tap: call skb_probe_transport_header after setting skb->dev

[Greg Kroah-Hartman]

4.20-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Willem de Bruijn <will...@google.com>

[ Upstream commit 8c76e77f9069f10505c08e02646c3ee11ad79038 ]

The BPF flow dissector expects either skb->sk or skb->dev set on
all skbs. Delay flow dissection until after skb->dev is set.

This requires calling from within an rcu read-side critical section.
That is fine, see also the call from tun_xdp_one.

Fixes: d0e13a1488ad ("flow_dissector: lookup netns by skb->sk if skb->dev is 
NULL")
Reported-by: Christian Borntraeger <borntrae...@de.ibm.com>
Signed-off-by: Willem de Bruijn <will...@google.com>
Signed-off-by: David S. Miller <da...@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
---
 drivers/net/tap.c |    3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

--- a/drivers/net/tap.c
+++ b/drivers/net/tap.c
@@ -1177,8 +1177,6 @@ static int tap_get_user_xdp(struct tap_q
                        goto err_kfree;
        }
 
-       skb_probe_transport_header(skb, ETH_HLEN);
-
        /* Move network header to the right position for VLAN tagged packets */
        if ((skb->protocol == htons(ETH_P_8021Q) ||
             skb->protocol == htons(ETH_P_8021AD)) &&
@@ -1189,6 +1187,7 @@ static int tap_get_user_xdp(struct tap_q
        tap = rcu_dereference(q->tap);
        if (tap) {
                skb->dev = tap->dev;
+               skb_probe_transport_header(skb, ETH_HLEN);
                dev_queue_xmit(skb);
        } else {
                kfree_skb(skb);