Commit ec20b283 authored by Guillaume Nault's avatar Guillaume Nault Committed by David S. Miller

ipv4: Set scope explicitly in ip_route_output().

Add a "scope" parameter to ip_route_output() so that callers don't have
to override the tos parameter with the RTO_ONLINK flag if they want a
local scope.

This will allow converting flowi4_tos to dscp_t in the future, thus
allowing static analysers to flag invalid interactions between
"tos" (the DSCP bits) and ECN.

Only three users ask for local scope (bonding, arp and atm). The others
continue to use RT_SCOPE_UNIVERSE. While there, add a comment to warn
users about the limitations of ip_route_output().
Signed-off-by: default avatarGuillaume Nault <gnault@redhat.com>
Acked-by: Leon Romanovsky <leonro@nvidia.com> # infiniband
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 22978397
...@@ -1985,7 +1985,8 @@ static int irdma_addr_resolve_neigh(struct irdma_device *iwdev, u32 src_ip, ...@@ -1985,7 +1985,8 @@ static int irdma_addr_resolve_neigh(struct irdma_device *iwdev, u32 src_ip,
__be32 dst_ipaddr = htonl(dst_ip); __be32 dst_ipaddr = htonl(dst_ip);
__be32 src_ipaddr = htonl(src_ip); __be32 src_ipaddr = htonl(src_ip);
rt = ip_route_output(&init_net, dst_ipaddr, src_ipaddr, 0, 0); rt = ip_route_output(&init_net, dst_ipaddr, src_ipaddr, 0, 0,
RT_SCOPE_UNIVERSE);
if (IS_ERR(rt)) { if (IS_ERR(rt)) {
ibdev_dbg(&iwdev->ibdev, "CM: ip_route_output fail\n"); ibdev_dbg(&iwdev->ibdev, "CM: ip_route_output fail\n");
return -EINVAL; return -EINVAL;
......
...@@ -447,7 +447,8 @@ qedr_addr4_resolve(struct qedr_dev *dev, ...@@ -447,7 +447,8 @@ qedr_addr4_resolve(struct qedr_dev *dev,
struct rtable *rt = NULL; struct rtable *rt = NULL;
int rc = 0; int rc = 0;
rt = ip_route_output(&init_net, dst_ip, src_ip, 0, 0); rt = ip_route_output(&init_net, dst_ip, src_ip, 0, 0,
RT_SCOPE_UNIVERSE);
if (IS_ERR(rt)) { if (IS_ERR(rt)) {
DP_ERR(dev, "ip_route_output returned error\n"); DP_ERR(dev, "ip_route_output returned error\n");
return -EINVAL; return -EINVAL;
......
...@@ -3014,8 +3014,8 @@ static void bond_arp_send_all(struct bonding *bond, struct slave *slave) ...@@ -3014,8 +3014,8 @@ static void bond_arp_send_all(struct bonding *bond, struct slave *slave)
tags = NULL; tags = NULL;
/* Find out through which dev should the packet go */ /* Find out through which dev should the packet go */
rt = ip_route_output(dev_net(bond->dev), targets[i], 0, rt = ip_route_output(dev_net(bond->dev), targets[i], 0, 0, 0,
RTO_ONLINK, 0); RT_SCOPE_LINK);
if (IS_ERR(rt)) { if (IS_ERR(rt)) {
/* there's no route to target - try to send arp /* there's no route to target - try to send arp
* probe to generate any traffic (arp_validate=0) * probe to generate any traffic (arp_validate=0)
......
...@@ -3682,7 +3682,8 @@ static int cnic_get_v4_route(struct sockaddr_in *dst_addr, ...@@ -3682,7 +3682,8 @@ static int cnic_get_v4_route(struct sockaddr_in *dst_addr,
#if defined(CONFIG_INET) #if defined(CONFIG_INET)
struct rtable *rt; struct rtable *rt;
rt = ip_route_output(&init_net, dst_addr->sin_addr.s_addr, 0, 0, 0); rt = ip_route_output(&init_net, dst_addr->sin_addr.s_addr, 0, 0, 0,
RT_SCOPE_UNIVERSE);
if (!IS_ERR(rt)) { if (!IS_ERR(rt)) {
*dst = &rt->dst; *dst = &rt->dst;
return 0; return 0;
......
...@@ -141,15 +141,22 @@ static inline struct rtable *ip_route_output_key(struct net *net, struct flowi4 ...@@ -141,15 +141,22 @@ static inline struct rtable *ip_route_output_key(struct net *net, struct flowi4
return ip_route_output_flow(net, flp, NULL); return ip_route_output_flow(net, flp, NULL);
} }
/* Simplistic IPv4 route lookup function.
* This is only suitable for some particular use cases: since the flowi4
* structure is only partially set, it may bypass some fib-rules.
*/
static inline struct rtable *ip_route_output(struct net *net, __be32 daddr, static inline struct rtable *ip_route_output(struct net *net, __be32 daddr,
__be32 saddr, u8 tos, int oif) __be32 saddr, u8 tos, int oif,
__u8 scope)
{ {
struct flowi4 fl4 = { struct flowi4 fl4 = {
.flowi4_oif = oif, .flowi4_oif = oif,
.flowi4_tos = tos, .flowi4_tos = tos,
.flowi4_scope = scope,
.daddr = daddr, .daddr = daddr,
.saddr = saddr, .saddr = saddr,
}; };
return ip_route_output_key(net, &fl4); return ip_route_output_key(net, &fl4);
} }
......
...@@ -463,7 +463,7 @@ static int clip_setentry(struct atm_vcc *vcc, __be32 ip) ...@@ -463,7 +463,7 @@ static int clip_setentry(struct atm_vcc *vcc, __be32 ip)
unlink_clip_vcc(clip_vcc); unlink_clip_vcc(clip_vcc);
return 0; return 0;
} }
rt = ip_route_output(&init_net, ip, 0, 1, 0); rt = ip_route_output(&init_net, ip, 0, 0, 0, RT_SCOPE_LINK);
if (IS_ERR(rt)) if (IS_ERR(rt))
return PTR_ERR(rt); return PTR_ERR(rt);
neigh = __neigh_lookup(&arp_tbl, &ip, rt->dst.dev, 1); neigh = __neigh_lookup(&arp_tbl, &ip, rt->dst.dev, 1);
......
...@@ -399,7 +399,8 @@ static int br_nf_pre_routing_finish(struct net *net, struct sock *sk, struct sk_ ...@@ -399,7 +399,8 @@ static int br_nf_pre_routing_finish(struct net *net, struct sock *sk, struct sk_
goto free_skb; goto free_skb;
rt = ip_route_output(net, iph->daddr, 0, rt = ip_route_output(net, iph->daddr, 0,
RT_TOS(iph->tos), 0); RT_TOS(iph->tos), 0,
RT_SCOPE_UNIVERSE);
if (!IS_ERR(rt)) { if (!IS_ERR(rt)) {
/* - Bridged-and-DNAT'ed traffic doesn't /* - Bridged-and-DNAT'ed traffic doesn't
* require ip_forwarding. */ * require ip_forwarding. */
......
...@@ -456,7 +456,8 @@ static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev) ...@@ -456,7 +456,8 @@ static int arp_filter(__be32 sip, __be32 tip, struct net_device *dev)
/*unsigned long now; */ /*unsigned long now; */
struct net *net = dev_net(dev); struct net *net = dev_net(dev);
rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev)); rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev),
RT_SCOPE_UNIVERSE);
if (IS_ERR(rt)) if (IS_ERR(rt))
return 1; return 1;
if (rt->dst.dev != dev) { if (rt->dst.dev != dev) {
...@@ -1056,7 +1057,8 @@ static int arp_req_set(struct net *net, struct arpreq *r, ...@@ -1056,7 +1057,8 @@ static int arp_req_set(struct net *net, struct arpreq *r,
if (r->arp_flags & ATF_PERM) if (r->arp_flags & ATF_PERM)
r->arp_flags |= ATF_COM; r->arp_flags |= ATF_COM;
if (!dev) { if (!dev) {
struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); struct rtable *rt = ip_route_output(net, ip, 0, 0, 0,
RT_SCOPE_LINK);
if (IS_ERR(rt)) if (IS_ERR(rt))
return PTR_ERR(rt); return PTR_ERR(rt);
...@@ -1188,7 +1190,8 @@ static int arp_req_delete(struct net *net, struct arpreq *r, ...@@ -1188,7 +1190,8 @@ static int arp_req_delete(struct net *net, struct arpreq *r,
ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr; ip = ((struct sockaddr_in *)&r->arp_pa)->sin_addr.s_addr;
if (!dev) { if (!dev) {
struct rtable *rt = ip_route_output(net, ip, 0, RTO_ONLINK, 0); struct rtable *rt = ip_route_output(net, ip, 0, 0, 0,
RT_SCOPE_LINK);
if (IS_ERR(rt)) if (IS_ERR(rt))
return PTR_ERR(rt); return PTR_ERR(rt);
dev = rt->dst.dev; dev = rt->dst.dev;
......
...@@ -1842,7 +1842,8 @@ static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr) ...@@ -1842,7 +1842,8 @@ static struct in_device *ip_mc_find_dev(struct net *net, struct ip_mreqn *imr)
if (!dev) { if (!dev) {
struct rtable *rt = ip_route_output(net, struct rtable *rt = ip_route_output(net,
imr->imr_multiaddr.s_addr, imr->imr_multiaddr.s_addr,
0, 0, 0); 0, 0, 0,
RT_SCOPE_UNIVERSE);
if (!IS_ERR(rt)) { if (!IS_ERR(rt)) {
dev = rt->dst.dev; dev = rt->dst.dev;
ip_rt_put(rt); ip_rt_put(rt);
......
...@@ -594,7 +594,7 @@ static struct net_device *inet_fib_lookup_dev(struct net *net, ...@@ -594,7 +594,7 @@ static struct net_device *inet_fib_lookup_dev(struct net *net,
struct in_addr daddr; struct in_addr daddr;
memcpy(&daddr, addr, sizeof(struct in_addr)); memcpy(&daddr, addr, sizeof(struct in_addr));
rt = ip_route_output(net, daddr.s_addr, 0, 0, 0); rt = ip_route_output(net, daddr.s_addr, 0, 0, 0, RT_SCOPE_UNIVERSE);
if (IS_ERR(rt)) if (IS_ERR(rt))
return ERR_CAST(rt); return ERR_CAST(rt);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment