aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2010-03-02 23:01:13 -0500
committerDavid S. Miller <davem@davemloft.net>2010-03-04 03:53:52 -0500
commit6d55cb91a0020ac0d78edcad61efd6c8cf5785a3 (patch)
tree9aabbb2dac62f2e3ddcb8347da94df76f8976da7 /net
parentc839d30a41dd92eb32d7fcfa2b4e99042fc64bf2 (diff)
gre: fix hard header destination address checking
ipgre_header() can be called with zero daddr when the gre device is configured as multipoint tunnel and still has the NOARP flag set (which is typically cleared by the userspace arp daemon). If the NOARP packets are not dropped, ipgre_tunnel_xmit() will take rt->rt_gateway (= NBMA IP) and use that for route look up (and may lead to bogus xfrm acquires). The multicast address check is removed as sending to multicast group should be ok. In fact, if gre device has a multicast address as destination ipgre_header is always called with multicast address. Signed-off-by: Timo Teras <timo.teras@iki.fi> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/ip_gre.c7
1 files changed, 2 insertions, 5 deletions
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index c0c5274d0271..f47c9f76754b 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -1144,12 +1144,9 @@ static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
1144 1144
1145 if (saddr) 1145 if (saddr)
1146 memcpy(&iph->saddr, saddr, 4); 1146 memcpy(&iph->saddr, saddr, 4);
1147 1147 if (daddr)
1148 if (daddr) {
1149 memcpy(&iph->daddr, daddr, 4); 1148 memcpy(&iph->daddr, daddr, 4);
1150 return t->hlen; 1149 if (iph->daddr)
1151 }
1152 if (iph->daddr && !ipv4_is_multicast(iph->daddr))
1153 return t->hlen; 1150 return t->hlen;
1154 1151
1155 return -t->hlen; 1152 return -t->hlen;