ipv4: Set scope explicitly in ip_route_output().

Add a "scope" parameter to ip_route_output() so that callers don't have to override the tos parameter with the RTO_ONLINK flag if they want a local scope. This will allow converting flowi4_tos to dscp_t in the future, thus allowing static analysers to flag invalid interactions between "tos" (the DSCP bits) and ECN. Only three users ask for local scope (bonding, arp and atm). The others continue to use RT_SCOPE_UNIVERSE. While there, add a comment to warn users about the limitations of ip_route_output(). Signed-off-by: Guillaume Nault <gnault@redhat.com> Acked-by: Leon Romanovsky <leonro@nvidia.com> # infiniband Signed-off-by: David S. Miller <davem@davemloft.net>
author: Guillaume Nault <gnault@redhat.com> 2024-04-05 22:05:00 +0200
committer: David S. Miller <davem@davemloft.net> 2024-04-08 13:20:51 +0100
commit: ec20b283009346adc66d5a460b1f8fb5adafbcfe (patch)
tree: 36b9dfa207e7d4d663dd41d84f8aae36da254627 /net/bridge
parent: 229783970838887e72083820efb9270b7f276a11 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/net/bridge/br_netfilter_hooks.c b/net/bridge/br_netfilter_hooks.c
index 35e10c5a766d..4242447be322 100644
--- a/net/bridge/br_netfilter_hooks.c
+++ b/net/bridge/br_netfilter_hooks.c
@@ -399,7 +399,8 @@ static int br_nf_pre_routing_finish(struct net *net, struct sock *sk, struct sk_
 				goto free_skb;
 
 			rt = ip_route_output(net, iph->daddr, 0,
-					     RT_TOS(iph->tos), 0);
+					     RT_TOS(iph->tos), 0,
+					     RT_SCOPE_UNIVERSE);
 			if (!IS_ERR(rt)) {
 				/* - Bridged-and-DNAT'ed traffic doesn't
 				 *   require ip_forwarding. */
author	Guillaume Nault <gnault@redhat.com>	2024-04-05 22:05:00 +0200
committer	David S. Miller <davem@davemloft.net>	2024-04-08 13:20:51 +0100
commit	ec20b283009346adc66d5a460b1f8fb5adafbcfe (patch)
tree	36b9dfa207e7d4d663dd41d84f8aae36da254627 /net/bridge
parent	229783970838887e72083820efb9270b7f276a11 (diff)