gre: fix hard header destination address checking

ipgre_header() can be called with zero daddr when the gre device is
configured as multipoint tunnel and still has the NOARP flag set (which is
typically cleared by the userspace arp daemon).  If the NOARP packets are
not dropped, ipgre_tunnel_xmit() will take rt->rt_gateway (= NBMA IP) and
use that for route look up (and may lead to bogus xfrm acquires).

The multicast address check is removed as sending to multicast group should
be ok.  In fact, if gre device has a multicast address as destination
ipgre_header is always called with multicast address.

Signed-off-by: Timo Teras <timo.teras@iki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index c0c5274d02719831b2b3cd9d15488a1119d8a384..f47c9f76754b2f03d900bf2cabe9907f93907bd3 100644 (file)
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -1144,12 +1144,9 @@ static int ipgre_header(struct sk_buff *skb, struct net_device *dev,
 
        if (saddr)
                memcpy(&iph->saddr, saddr, 4);
-
-       if (daddr) {
+       if (daddr)
                memcpy(&iph->daddr, daddr, 4);
-               return t->hlen;
-       }
-       if (iph->daddr && !ipv4_is_multicast(iph->daddr))
+       if (iph->daddr)
                return t->hlen;
 
        return -t->hlen;