CVE-2024-56636

In the Linux kernel, the following vulnerability has been resolved:

geneve: do not assume mac header is set in genevexmitskb()

We should not assume mac header is set in output path.

Use skbethhdr() instead of eth_hdr() to fix the issue.

sysbot reported the following :

WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 skbmacheader include/linux/skbuff.h:3052 [inline] WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 ethhdr include/linux/ifether.h:24 [inline] WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 genevexmitskb drivers/net/geneve.c:898 [inline] WARNING: CPU: 0 PID: 11635 at include/linux/skbuff.h:3052 genevexmit+0x4c38/0x5730 drivers/net/geneve.c:1039 Modules linked in: CPU: 0 UID: 0 PID: 11635 Comm: syz.4.1423 Not tainted 6.12.0-syzkaller-10296-gaaf20f870da0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:skbmacheader include/linux/skbuff.h:3052 [inline] RIP: 0010:ethhdr include/linux/ifether.h:24 [inline] RIP: 0010:genevexmitskb drivers/net/geneve.c:898 [inline] RIP: 0010:genevexmit+0x4c38/0x5730 drivers/net/geneve.c:1039 Code: 21 c6 02 e9 35 d4 ff ff e8 a5 48 4c fb 90 0f 0b 90 e9 fd f5 ff ff e8 97 48 4c fb 90 0f 0b 90 e9 d8 f5 ff ff e8 89 48 4c fb 90 <0f> 0b 90 e9 41 e4 ff ff e8 7b 48 4c fb 90 0f 0b 90 e9 cd e7 ff ff RSP: 0018:ffffc90003b2f870 EFLAGS: 00010283 RAX: 000000000000037a RBX: 000000000000ffff RCX: ffffc9000dc3d000 RDX: 0000000000080000 RSI: ffffffff86428417 RDI: 0000000000000003 RBP: ffffc90003b2f9f0 R08: 0000000000000003 R09: 000000000000ffff R10: 000000000000ffff R11: 0000000000000002 R12: ffff88806603c000 R13: 0000000000000000 R14: ffff8880685b2780 R15: 0000000000000e23 FS: 00007fdc2deed6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b30a1dff8 CR3: 0000000056b8c000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> __netdevstartxmit include/linux/netdevice.h:5002 [inline] netdevstartxmit include/linux/netdevice.h:5011 [inline] __devdirectxmit+0x58a/0x720 net/core/dev.c:4490 devdirectxmit include/linux/netdevice.h:3181 [inline] packetxmit+0x1e4/0x360 net/packet/afpacket.c:285 packetsnd net/packet/afpacket.c:3146 [inline] packetsendmsg+0x2700/0x5660 net/packet/afpacket.c:3178 socksendmsgnosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] __sys_sendto+0x488/0x4f0 net/socket.c:2197 __dosyssendto net/socket.c:2204 [inline] __sesyssendto net/socket.c:2200 [inline] __x64syssendto+0xe0/0x1c0 net/socket.c:2200 dosyscallx64 arch/x86/entry/common.c:52 [inline] dosyscall64+0xcd/0x250 arch/x86/entry/common.c:83 entrySYSCALL64afterhwframe+0x77/0x7f