WSL2-Linux-Kernel/net
Jiri Bohac 8b89349689 Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"
commit a6d95c5a62 upstream.

This reverts commit b515d26372.

Commit b515d26372 ("xfrm: xfrm_state_mtu
should return at least 1280 for ipv6") in v5.14 breaks the TCP MSS
calculation in ipsec transport mode, resulting complete stalls of TCP
connections. This happens when the (P)MTU is 1280 or slighly larger.

The desired formula for the MSS is:
MSS = (MTU - ESP_overhead) - IP header - TCP header

However, the above commit clamps the (MTU - ESP_overhead) to a
minimum of 1280, turning the formula into
MSS = max(MTU - ESP overhead, 1280) -  IP header - TCP header

With the (P)MTU near 1280, the calculated MSS is too large and the
resulting TCP packets never make it to the destination because they
are over the actual PMTU.

The above commit also causes suboptimal double fragmentation in
xfrm tunnel mode, as described in
https://lore.kernel.org/netdev/20210429202529.codhwpc7w6kbudug@dwarf.suse.cz/

The original problem the above commit was trying to fix is now fixed
by commit 6596a02295 ("xfrm: fix MTU
regression").

Signed-off-by: Jiri Bohac <jbohac@suse.cz>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-03-08 19:12:54 +01:00
..
6lowpan
9p 9p/net: fix missing error check in p9_check_errors 2021-11-18 19:17:16 +01:00
802
8021q net: vlan: fix underflow for the real_dev refcnt 2021-12-01 09:04:53 +01:00
appletalk
atm
ax25 ax25: improve the incomplete fix to avoid UAF and NPD bugs 2022-02-23 12:03:05 +01:00
batman-adv batman-adv: Don't expect inter-netns unique iflink indices 2022-03-08 19:12:45 +01:00
bluetooth Bluetooth: refactor malicious adv data check 2022-02-01 17:27:14 +01:00
bpf bpf, test, cgroup: Use sk_{alloc,free} for test cases 2021-09-28 09:29:28 +02:00
bpfilter
bridge net: bridge: multicast: notify switchdev driver whenever MC processing gets disabled 2022-02-23 12:03:13 +01:00
caif net-caif: avoid user-triggerable WARN_ON(1) 2021-09-14 12:51:15 +01:00
can net-timestamp: convert sk->sk_tskey to atomic_t 2022-03-02 11:48:01 +01:00
ceph
core net: fix up skbs delta_truesize in UDP GRO frag_list 2022-03-08 19:12:44 +01:00
dcb net: dcb: disable softirqs in dcbnl_flush_dev() 2022-03-08 19:12:52 +01:00
dccp tcp: switch orphan_count to bare per-cpu counters 2021-11-18 19:16:33 +01:00
decnet
dns_resolver
dsa net: dsa: lan9303: handle hwaccel VLAN tags 2022-02-23 12:03:11 +01:00
ethernet
ethtool ethtool: do not perform operations on net devices being unregistered 2021-12-14 10:57:09 +01:00
hsr
ieee802154 net: ieee802154: Return meaningful error codes from the netlink helpers 2022-02-08 18:34:09 +01:00
ife
ipv4 Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" 2022-03-08 19:12:54 +01:00
ipv6 Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" 2022-03-08 19:12:54 +01:00
iucv
kcm
key
l2tp net/l2tp: Fix reference count leak in l2tp_udp_recv_core 2021-09-09 11:00:20 +01:00
l3mdev
lapb
llc
mac80211 mac80211: treat some SAE auth steps as final 2022-03-08 19:12:46 +01:00
mac802154 ieee802154: Remove redundant initialization of variable ret 2021-09-07 14:06:08 +01:00
mctp mctp: Don't let RTM_DELROUTE delete local routes 2021-12-08 09:04:53 +01:00
mpls net: mpls: Fix notifications when deleting a device 2021-12-08 09:04:47 +01:00
mptcp mptcp: Correctly set DATA_FIN timeout when number of retransmits is large 2022-03-08 19:12:48 +01:00
ncsi net/ncsi: check for error return from call to nla_put_u32 2022-01-05 12:42:37 +01:00
netfilter netfilter: nf_tables: prefer kfree_rcu(ptr, rcu) variant 2022-03-08 19:12:49 +01:00
netlabel
netlink net: netlink: af_netlink: Prevent empty skb by adding a check on len. 2021-12-17 10:30:15 +01:00
netrom netrom: fix api breakage in nr_setsockopt() 2022-01-27 11:04:00 +01:00
nfc nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() 2022-01-27 11:02:48 +01:00
nsh
openvswitch openvswitch: Fix setting ipv6 fields causing hw csum failure 2022-03-02 11:47:57 +01:00
packet af_packet: fix data-race in packet_setsockopt / packet_setsockopt 2022-02-05 12:38:59 +01:00
phonet phonet: refcount leak in pep_sock_accep 2022-01-11 15:35:16 +01:00
psample
qrtr net: qrtr: revert check in qrtr_endpoint_post() 2021-09-02 11:37:02 +01:00
rds rds: memory leak in __rds_conn_create() 2021-12-22 09:32:42 +01:00
rfkill
rose
rxrpc rxrpc: Adjust retransmission backoff 2022-02-01 17:27:11 +01:00
sched net/sched: act_ct: Fix flow table lookup after ct clear or switching zones 2022-03-02 11:47:57 +01:00
sctp sctp: hold endpoint before calling cb in sctp_transport_lookup_process 2022-01-11 15:35:14 +01:00
smc net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server 2022-03-08 19:12:45 +01:00
strparser bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding 2021-11-18 19:17:11 +01:00
sunrpc SUNRPC: Fix sockaddr handling in the svc_xprt_create_error trace point 2022-03-08 19:12:37 +01:00
switchdev
tipc tipc: fix a bit overflow in tipc_crypto_key_rcv() 2022-03-08 19:12:30 +01:00
tls net/tls: Fix authentication failure in CCM mode 2021-12-08 09:04:41 +01:00
unix af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress 2022-01-27 11:05:30 +01:00
vmw_vsock vsock: remove vsock from connected table when connect is interrupted by a signal 2022-02-23 12:03:09 +01:00
wireless nl80211: Handle nla_memdup failures in handle_nan_filter 2022-03-08 19:12:52 +01:00
x25
xdp Revert "xsk: Do not sleep in poll() when need_wakeup set" 2021-12-22 09:32:51 +01:00
xfrm Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6" 2022-03-08 19:12:54 +01:00
Kconfig
Makefile
compat.c
devres.c
socket.c net: fix SOF_TIMESTAMPING_BIND_PHC to work with multiple sockets 2022-01-27 11:03:52 +01:00
sysctl_net.c