From patchwork Wed Mar  3 14:01:13 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Timo Teras <timo.teras@iki.fi>
X-Patchwork-Id: 46805
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 36E76B7CEC
	for <patchwork-incoming@ozlabs.org>;
	Thu,  4 Mar 2010 01:01:56 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754350Ab0CCOBv (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Wed, 3 Mar 2010 09:01:51 -0500
Received: from mail-ew0-f220.google.com ([209.85.219.220]:47207 "EHLO
	mail-ew0-f220.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754211Ab0CCOBu (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 3 Mar 2010 09:01:50 -0500
Received: by ewy20 with SMTP id 20so924178ewy.21
	for <netdev@vger.kernel.org>; Wed, 03 Mar 2010 06:01:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:received:received:sender:from:to:cc:subject
	:date:message-id:x-mailer;
	bh=N2TXc7uhuhLtNs5pjwIRsNT2PcLHmI7BIiYuxkrCeu4=;
	b=u/Mdfy4EKSpzATt4R2MytNZuwYaZGbxea26zbuZ+3jKB6QleFPpuAzbxUvROYBlAq0
	YTfuYDpZ+aO+1bzAfzb1wqh+k8LyPm97XBT3M64ATVyaw16eqvFMKB9gaMjkFA3fwfeb
	9NDfi+CeTutv3YN6Du0pkjHcYULOjdUNDGnlk=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=sender:from:to:cc:subject:date:message-id:x-mailer;
	b=Cv3WN5nwIRswB9nRZmBO/F0qvxRhZsC/a89To03+89qiy7nzhvhD+5mTXVlahC4xqK
	C4xbmH2EQg79vXbP6gwoBSU515rc/Jfre7+uw8ItfeKBY4Jd6lEhZ5CJk70ZWSuWZeWC
	P5CEolHmMQz3pGEANd40wdgjdLpDWD1LDnrsg=
Received: by 10.213.40.133 with SMTP id k5mr5786928ebe.94.1267624908655;
	Wed, 03 Mar 2010 06:01:48 -0800 (PST)
Received: from localhost.localdomain (letku109.adsl.netsonic.fi
	[194.29.195.109]) by mx.google.com with ESMTPS id
	23sm16142926eya.34.2010.03.03.06.01.47
	(version=SSLv3 cipher=RC4-MD5);
	Wed, 03 Mar 2010 06:01:47 -0800 (PST)
From: Timo Teras <timo.teras@iki.fi>
To: netdev@vger.kernel.org
Cc: Timo Teras <timo.teras@iki.fi>
Subject: [PATCH 1/2] gre: fix hard header destination address checking
Date: Wed,  3 Mar 2010 16:01:13 +0200
Message-Id: <1267624874-22326-1-git-send-email-timo.teras@iki.fi>
X-Mailer: git-send-email 1.6.3.3
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

ipgre_header() can be called with zero daddr when the gre device is
configured as multipoint tunnel and still has the NOARP flag set (which is
typically cleared by the userspace arp daemon).  If the NOARP packets are
not dropped, ipgre_tunnel_xmit() will take rt->rt_gateway (= NBMA IP) and
use that for route look up (and may lead to bogus xfrm acquires).

The multicast address check is removed as sending to multicast group should
be ok.  In fact, if gre device has a multicast address as destination
ipgre_header is always called with multicast address.

Signed-off-by: Timo Teras <timo.teras@iki.fi>
---
 net/ipv4/ip_gre.c |    7 ++-----
 1 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index c0c5274..f47c9f7 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -1144,12 +1144,9 @@ static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
 
 	if (saddr)
 		memcpy(&iph->saddr, saddr, 4);
-
-	if (daddr) {
+	if (daddr)
 		memcpy(&iph->daddr, daddr, 4);
-		return t->hlen;
-	}
-	if (iph->daddr && !ipv4_is_multicast(iph->daddr))
+	if (iph->daddr)
 		return t->hlen;
 
 	return -t->hlen;