Hi,
This second version adds a few more cases I could spot which look like trouble.
Secondly, instead of copying the destination mac on the stack it simply uses eth_hdr().
Why do we need no skb_reset_mac_header() or skb_set_mac_header()? Because batadv_skb_head_push() calls skb_headers_offset_update() after the reallocation (via skb_cow_head()->__skb_cow()->pskb_expand_head()-> skb_headers_offset_update().
I also checked that the ether header in the newly allocated buffer is not going to end up being fragmented. But looks like pskb_expand_head() actually reserves enough space for both the old ethernet header plus the newly requested head space.
So if the mac header was set correctly before, then eth_hdr() will point us to the right one already.
This patch is maybe not so straight forward, you need to read quite skb code. At least not as straight forward as the previous version of this patch. So I leave it up to you to decide whether this is suitable for next or whether you think there's a potential for unseen pitfalls, therefore making it suitable for master only :).
This patch fixed the kernel panic I was reproduceably getting just as well. (Which was while sending multicast packets through the unicast functions while having a bridge on top of bat0)
Cheers, Linus