3.16.40-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Lance Richardson <lrichard@xxxxxxxxxx> commit 9ee6c5dc816aa8256257f2cd4008a9291ec7e985 upstream. Some configurations (e.g. geneve interface with default MTU of 1500 over an ethernet interface with 1500 MTU) result in the transmission of packets that exceed the configured MTU. While this should be considered to be a "bad" configuration, it is still allowed and should not result in the sending of packets that exceed the configured MTU. Fix by dropping the assumption in ip_finish_output_gso() that locally originated gso packets will never need fragmentation. Basic testing using iperf (observing CPU usage and bandwidth) have shown no measurable performance impact for traffic not requiring fragmentation. Fixes: c7ba65d7b649 ("net: ip: push gso skb forwarding handling down the stack") Reported-by: Jan Tluka <jtluka@xxxxxxxxxx> Signed-off-by: Lance Richardson <lrichard@xxxxxxxxxx> Acked-by: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx> [bwh: Backported to 3.16: never had the IPSKB_FRAG_SEGS flag] Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx> --- --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -217,9 +217,8 @@ static int ip_finish_output_gso(struct s struct sk_buff *segs; int ret = 0; - /* common case: locally created skb or seglen is <= mtu */ - if (((IPCB(skb)->flags & IPSKB_FORWARDED) == 0) || - skb_gso_network_seglen(skb) <= ip_skb_dst_mtu(skb)) + /* common case: seglen is <= mtu */ + if (skb_gso_network_seglen(skb) <= ip_skb_dst_mtu(skb)) return ip_finish_output2(skb); /* Slowpath - GSO segment length is exceeding the dst MTU.