[IPSEC]: Set skb->data to payload in x->mode->output

[mirror_ubuntu-jammy-kernel.git] / net / ipv6 / xfrm6_mode_tunnel.c

diff --git a/net/ipv6/xfrm6_mode_tunnel.c b/net/ipv6/xfrm6_mode_tunnel.c
index 498f17b5c42f87684ce540162e6d1180150ab0aa..01bd7d11ea1b13d7ea9a74024c4ea58f2a7a98dd 100644 (file)
--- a/net/ipv6/xfrm6_mode_tunnel.c
+++ b/net/ipv6/xfrm6_mode_tunnel.c
@@ -18,8 +18,8 @@
 
 static inline void ipip6_ecn_decapsulate(struct sk_buff *skb)
 {
-       struct ipv6hdr *outer_iph = skb->nh.ipv6h;
-       struct ipv6hdr *inner_iph = skb->h.ipv6h;
+       struct ipv6hdr *outer_iph = ipv6_hdr(skb);
+       struct ipv6hdr *inner_iph = ipipv6_hdr(skb);
 
        if (INET_ECN_is_ce(ipv6_get_dsfield(outer_iph)))
                IP6_ECN_set_ce(inner_iph);
@@ -27,8 +27,8 @@ static inline void ipip6_ecn_decapsulate(struct sk_buff *skb)
 
 static inline void ip6ip_ecn_decapsulate(struct sk_buff *skb)
 {
-       if (INET_ECN_is_ce(ipv6_get_dsfield(skb->nh.ipv6h)))
-                       IP_ECN_set_ce(skb->h.ipiph);
+       if (INET_ECN_is_ce(ipv6_get_dsfield(ipv6_hdr(skb))))
+                       IP_ECN_set_ce(ipip_hdr(skb));
 }
 
 /* Add encapsulation header.
@@ -38,10 +38,11 @@ static inline void ip6ip_ecn_decapsulate(struct sk_buff *skb)
  *     payload_len
  *
  * On exit, skb->h will be set to the start of the encapsulation header to be
- * filled in by x->type->output and skb->nh will be set to the nextheader field
- * of the extension header directly preceding the encapsulation header, or in
- * its absence, that of the top IP header.  The value of skb->data will always
- * point to the top IP header.
+ * filled in by x->type->output and the mac header will be set to the
+ * nextheader field of the extension header directly preceding the
+ * encapsulation header, or in its absence, that of the top IP header.
+ * The value of the network header will always point to the top IP header
+ * while skb->data will point to the payload.
  */
 static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
 {
@@ -50,13 +51,14 @@ static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
        struct ipv6hdr *iph, *top_iph;
        int dsfield;
 
-       skb_push(skb, x->props.header_len);
-       iph = skb->nh.ipv6h;
+       iph = ipv6_hdr(skb);
 
-       skb_reset_network_header(skb);
-       top_iph = skb->nh.ipv6h;
-       skb->nh.raw = &top_iph->nexthdr;
-       skb->h.ipv6h = top_iph + 1;
+       skb_set_mac_header(skb, offsetof(struct ipv6hdr, nexthdr) -
+                               x->props.header_len);
+       skb_set_network_header(skb, -x->props.header_len);
+       skb_set_transport_header(skb, sizeof(struct ipv6hdr) -
+                                     x->props.header_len);
+       top_iph = ipv6_hdr(skb);
 
        top_iph->version = 6;
        if (xdst->route->ops->family == AF_INET6) {
@@ -80,6 +82,7 @@ static int xfrm6_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
        top_iph->hop_limit = dst_metric(dst->child, RTAX_HOPLIMIT);
        ipv6_addr_copy(&top_iph->saddr, (struct in6_addr *)&x->props.saddr);
        ipv6_addr_copy(&top_iph->daddr, (struct in6_addr *)&x->id.daddr);
+       skb->protocol = htons(ETH_P_IPV6);
        return 0;
 }
 
@@ -102,7 +105,7 @@ static int xfrm6_tunnel_input(struct xfrm_state *x, struct sk_buff *skb)
        nh = skb_network_header(skb);
        if (nh[IP6CB(skb)->nhoff] == IPPROTO_IPV6) {
                if (x->props.flags & XFRM_STATE_DECAP_DSCP)
-                       ipv6_copy_dscp(skb->nh.ipv6h, skb->h.ipv6h);
+                       ipv6_copy_dscp(ipv6_hdr(skb), ipipv6_hdr(skb));
                if (!(x->props.flags & XFRM_STATE_NOECN))
                        ipip6_ecn_decapsulate(skb);
        } else {