Jiri Bohac 6596a02295 xfrm: fix MTU regression ... Commit 749439bfac ("ipv6: fix udpv6 sendmsg crash caused by too small MTU") breaks PMTU for xfrm. A Packet Too Big ICMPv6 message received in response to an ESP packet will prevent all further communication through the tunnel if the reported MTU minus the ESP overhead is smaller than 1280. E.g. in a case of a tunnel-mode ESP with sha256/aes the overhead is 92 bytes. Receiving a PTB with MTU of 1371 or less will result in all further packets in the tunnel dropped. A ping through the tunnel fails with "ping: sendmsg: Invalid argument". Apparently the MTU on the xfrm route is smaller than 1280 and fails the check inside ip6_setup_cork() added by 749439bf. We found this by debugging USGv6/ipv6ready failures. Failing tests are: "Phase-2 Interoperability Test Scenario IPsec" / 5.3.11 and 5.4.11 (Tunnel Mode: Fragmentation). Commit b515d26372 ("xfrm: xfrm_state_mtu should return at least 1280 for ipv6") attempted to fix this but caused another regression in TCP MSS calculations and had to be reverted. The patch below fixes the situation by dropping the MTU check and instead checking for the underflows described in the 749439bf commit message. Signed-off-by: Jiri Bohac <jbohac@suse.cz> Fixes: 749439bfac ("ipv6: fix udpv6 sendmsg crash caused by too small MTU") Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>		2022-01-24 16:51:36 +01:00
..
ila	net: ipv6: check return value of rhashtable_init	2021-09-28 12:59:24 +01:00
netfilter	netfilter: flowtable: remove ipv4/ipv6 modules	2021-12-23 01:07:44 +01:00
addrconf_core.c	ipv6: add net device refcount tracker to struct inet6_dev	2021-12-06 16:05:11 -08:00
addrconf.c	ipv6: add net device refcount tracker to struct inet6_dev	2021-12-06 16:05:11 -08:00
addrlabel.c	ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init	2020-11-25 11:20:16 -08:00
af_inet6.c	net: bpf: Handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND()	2022-01-06 17:08:35 -08:00
ah6.c	ipv6: ah6: use swap() to make code cleaner	2021-11-18 12:00:15 +00:00
anycast.c	ipv6: fix memory leaks on IPV6_ADDRFORM path	2020-07-30 16:30:55 -07:00
calipso.c	cipso,calipso: resolve a number of problems with the DOI refcounts	2021-03-04 15:26:57 -08:00
datagram.c	lsm,selinux: pass flowi_common instead of flowi to the LSM hooks	2020-11-23 18:36:21 -05:00
esp6_offload.c	net: move gro definitions to include/net/gro.h	2021-11-16 13:16:54 +00:00
esp6.c	Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next	2022-01-06 11:54:20 +00:00
exthdrs_core.c	ipv6: remove printk	2019-07-27 14:23:48 -07:00
exthdrs_offload.c
exthdrs.c	ipv6: Remove duplicate statements	2021-11-14 12:20:44 +00:00
fib6_notifier.c	net: fib_notifier: propagate extack down to the notifier block callback	2019-10-04 11:10:56 -07:00
fib6_rules.c	fib: rules: remove duplicated nla policies	2021-12-16 07:18:35 -08:00
fou6.c	net: Add MODULE_DESCRIPTION entries to network modules	2020-06-20 21:33:57 -07:00
icmp.c	icmp: ICMPV6: Examine invoking packet for Segment Route Headers.	2022-01-04 12:17:35 +00:00
inet6_connection_sock.c	lsm,selinux: pass flowi_common instead of flowi to the LSM hooks	2020-11-23 18:36:21 -05:00
inet6_hashtables.c	bpf: Add ingress_ifindex to bpf_sk_lookup	2021-11-10 16:29:58 -08:00
ioam6_iptunnel.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-10-14 16:50:14 -07:00
ioam6.c	ipv6: ioam: Support for Queue depth data field	2022-01-02 12:15:13 +00:00
ip6_checksum.c
ip6_fib.c	ipv6: annotate accesses to fn->fn_sernum	2022-01-20 20:18:37 -08:00
ip6_flowlabel.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next	2020-08-05 20:13:21 -07:00
ip6_gre.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2022-01-09 17:00:17 -08:00
ip6_icmp.c	net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending	2021-02-23 11:29:52 -08:00
ip6_input.c	ipv6: weaken the v4mapped source check	2021-03-18 11:19:23 -07:00
ip6_offload.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-12-02 11:44:56 -08:00
ip6_offload.h
ip6_output.c	xfrm: fix MTU regression	2022-01-24 16:51:36 +01:00
ip6_tunnel.c	ipv6_tunnel: Rate limit warning messages	2022-01-20 11:38:17 +00:00
ip6_udp_tunnel.c	net: Make locking in sock_bindtoindex optional	2020-06-01 14:57:14 -07:00
ip6_vti.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2021-12-30 12:12:12 -08:00
ip6mr.c	fib: rules: remove duplicated nla policies	2021-12-16 07:18:35 -08:00
ipcomp6.c	xfrm: remove hdr_offset indirection	2021-06-11 14:48:50 +02:00
ipv6_sockglue.c	net-ipv6: changes to ->tclass (via IPV6_TCLASS) should sk_dst_reset()	2021-11-24 18:57:23 -08:00
Kconfig	ipv6: ioam: Add support for the ip6ip6 encapsulation	2021-10-04 12:53:35 +01:00
Makefile	net: ipv6: use ipv6-y directly instead of ipv6-objs	2021-09-28 13:13:40 +01:00
mcast_snoop.c	net: bridge: mcast: fix broken length + header check for MRDv6 Adv.	2021-04-27 14:02:06 -07:00
mcast.c	ipv6: change return type from int to void for mld_process_v2	2021-09-02 11:29:55 +01:00
mip6.c	xfrm: ipv6: move mip6_rthdr_offset into xfrm core	2021-06-11 14:48:50 +02:00
ndisc.c	net: ndisc: introduce ndisc_evict_nocarrier sysctl parameter	2021-11-01 19:57:14 -07:00
netfilter.c	netfilter: Dissect flow after packet mangling	2021-04-18 22:04:16 +02:00
output_core.c	ipv6: use prandom_u32() for ID generation	2021-05-31 22:12:08 -07:00
ping.c	net: bpf: Handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND()	2022-01-06 17:08:35 -08:00
proc.c	net: udp: introduce UDP_MIB_MEMERRORS for udp_mem	2020-11-09 15:34:44 -08:00
protocol.c
raw.c	ipv6: raw: check passed optlen before reading	2021-12-29 12:32:56 -08:00
reassembly.c	ipv6: record frag_max_size in atomic fragments in input path	2021-05-21 15:02:25 -07:00
route.c	ipv6: annotate accesses to fn->fn_sernum	2022-01-20 20:18:37 -08:00
rpl_iptunnel.c	net: ipv6: rpl_iptunnel: simplify the return expression of rpl_do_srh()	2020-12-08 16:22:54 -08:00
rpl.c	net: ipv6: rpl*: Fix strange kerneldoc warnings due to bad header	2020-10-30 12:12:52 -07:00
seg6_hmac.c	net: ipv6: check return value of rhashtable_init	2021-09-28 12:59:24 +01:00
seg6_iptunnel.c	seg6: fix the iif in the IPv6 socket control block	2021-12-09 07:55:42 -08:00
seg6_local.c	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2022-01-05 14:36:10 -08:00
seg6.c	icmp: ICMPV6: Examine invoking packet for Segment Route Headers.	2022-01-04 12:17:35 +00:00
sit.c	sit: allow encapsulated IPv6 traffic to be delivered locally	2022-01-12 13:56:07 -08:00
syncookies.c	net: align static siphash keys	2021-11-16 19:07:54 -08:00
sysctl_net_ipv6.c	ipv6: ioam: Data plane support for Pre-allocated Trace	2021-07-21 08:14:33 -07:00
tcp_ipv6.c	net: bpf: Handle return value of BPF_CGROUP_RUN_PROG_INET{4,6}_POST_BIND()	2022-01-06 17:08:35 -08:00
tcpv6_offload.c	net: move gro definitions to include/net/gro.h	2021-11-16 13:16:54 +00:00
tunnel6.c	tunnel6: add tunnel6_input_afinfo for ipip and ipv6 tunnels	2020-07-09 12:52:37 +02:00
udp_impl.h	net: pass a sockptr_t into ->setsockopt	2020-07-24 15:41:54 -07:00
udp_offload.c	gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers	2021-11-24 17:21:42 -08:00
udp.c	Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next	2022-01-06 18:07:26 -08:00
udplite.c	net/ipv6: remove compat_ipv6_{get,set}sockopt	2020-07-19 18:16:41 -07:00
xfrm6_input.c	xfrm: state: remove extract_input indirection from xfrm_state_afinfo	2020-05-06 09:40:08 +02:00
xfrm6_output.c	net: ipv6: fix return value of ip6_skb_dst_mtu	2021-07-02 11:57:01 -07:00
xfrm6_policy.c	xfrm: use net device refcount tracker helpers	2021-12-09 11:51:45 -08:00
xfrm6_protocol.c	xfrm: add support for UDPv6 encapsulation of ESP	2020-04-28 11:28:36 +02:00
xfrm6_state.c	xfrm: remove output_finish indirection from xfrm_state_afinfo	2020-05-06 09:40:08 +02:00
xfrm6_tunnel.c	xfrm: remove description from xfrm_type struct	2021-06-09 09:38:52 +02:00