From f3218c34fda07861967a86ed479105009f69ad4c Mon Sep 17 00:00:00 2001
From: tobhe <tobhe@openbsd.org>
Date: Mon, 5 Jul 2021 12:01:20 +0000
Subject: [PATCH] Export tdb MTU to userland via SADB_GET. This helps debug
 path MTU discovery issues with ESP in UDP.

ok bluhm@ sthen@ mpi@
---
 sys/net/pfkeyv2.c              | 10 +++++++++-
 sys/net/pfkeyv2.h              | 12 ++++++++++--
 sys/net/pfkeyv2_convert.c      | 14 +++++++++++++-
 sys/net/pfkeyv2_parsemessage.c |  5 +++--
 4 files changed, 35 insertions(+), 6 deletions(-)

diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index c7c09f6fec0..66ab56eb624 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.c,v 1.215 2021/05/30 21:01:27 bluhm Exp $ */
+/* $OpenBSD: pfkeyv2.c,v 1.216 2021/07/05 12:01:20 tobhe Exp $ */
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -859,6 +859,9 @@ pfkeyv2_get(struct tdb *tdb, void **headers, void **buffer, int *lenp,
 	if (tdb->tdb_udpencap_port)
 		i += sizeof(struct sadb_x_udpencap);
 
+	if (tdb->tdb_mtu > 0)
+		i+= sizeof(struct sadb_x_mtu);
+
 	if (tdb->tdb_rdomain != tdb->tdb_rdomain_post)
 		i += sizeof(struct sadb_x_rdomain);
 
@@ -952,6 +955,11 @@ pfkeyv2_get(struct tdb *tdb, void **headers, void **buffer, int *lenp,
 		export_udpencap(&p, tdb);
 	}
 
+	if (tdb->tdb_mtu > 0) {
+		headers[SADB_X_EXT_MTU] = p;
+		export_mtu(&p, tdb);
+	}
+
 	/* Export rdomain switch, if present */
 	if (tdb->tdb_rdomain != tdb->tdb_rdomain_post) {
 		headers[SADB_X_EXT_RDOMAIN] = p;
diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h
index ff460c808a0..3326ae8b385 100644
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.h,v 1.87 2021/05/25 09:55:22 bluhm Exp $ */
+/* $OpenBSD: pfkeyv2.h,v 1.88 2021/07/05 12:01:20 tobhe Exp $ */
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) January 1998
  *
@@ -239,6 +239,12 @@ struct sadb_x_counter {
 	uint64_t  sadb_x_counter_ouncompbytes;	/* Output bytes, uncompressed */
 };
 
+struct sadb_x_mtu {
+	uint16_t  sadb_x_mtu_len;
+	uint16_t  sadb_x_mtu_exttype;
+	u_int32_t sadb_x_mtu_mtu;
+};
+
 #ifdef _KERNEL
 #define SADB_X_GETSPROTO(x) \
 	( (x) == SADB_SATYPE_AH ? IPPROTO_AH :\
@@ -285,7 +291,8 @@ struct sadb_x_counter {
 #define SADB_X_EXT_SATYPE2            35
 #define SADB_X_EXT_COUNTER            36
 #define SADB_X_EXT_RDOMAIN            37
-#define SADB_EXT_MAX                  37
+#define SADB_X_EXT_MTU                38
+#define SADB_EXT_MAX                  38
 
 /* Fix pfkeyv2.c struct pfkeyv2_socket if SATYPE_MAX > 31 */
 #define SADB_SATYPE_UNSPEC		 0
@@ -419,6 +426,7 @@ void export_key(void **, struct tdb *, int);
 void export_udpencap(void **, struct tdb *);
 void export_tag(void **, struct tdb *);
 void export_rdomain(void **, struct tdb *);
+void export_mtu(void **, struct tdb *);
 void export_tap(void **, struct tdb *);
 void export_satype(void **, struct tdb *);
 void export_counter(void **, struct tdb *);
diff --git a/sys/net/pfkeyv2_convert.c b/sys/net/pfkeyv2_convert.c
index f4fbf0f681b..69246c020f2 100644
--- a/sys/net/pfkeyv2_convert.c
+++ b/sys/net/pfkeyv2_convert.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkeyv2_convert.c,v 1.70 2020/12/14 20:20:06 tobhe Exp $	*/
+/*	$OpenBSD: pfkeyv2_convert.c,v 1.71 2021/07/05 12:01:20 tobhe Exp $	*/
 /*
  * The author of this code is Angelos D. Keromytis (angelos@keromytis.org)
  *
@@ -853,6 +853,18 @@ export_udpencap(void **p, struct tdb *tdb)
 	*p += sizeof(struct sadb_x_udpencap);
 }
 
+/* Export mtu for SA */
+void
+export_mtu(void **p, struct tdb *tdb)
+{
+	struct sadb_x_mtu *smtu = (struct sadb_x_mtu *)*p;
+
+	smtu->sadb_x_mtu_mtu = tdb->tdb_mtu;
+	smtu->sadb_x_mtu_len =
+	    sizeof(struct sadb_x_mtu) / sizeof(uint64_t);
+	*p += sizeof(struct sadb_x_mtu);
+}
+
 /* Import rdomain switch for SA */
 void
 import_rdomain(struct tdb *tdb, struct sadb_x_rdomain *srdomain)
diff --git a/sys/net/pfkeyv2_parsemessage.c b/sys/net/pfkeyv2_parsemessage.c
index b4fd2dc8286..f6ca211b8af 100644
--- a/sys/net/pfkeyv2_parsemessage.c
+++ b/sys/net/pfkeyv2_parsemessage.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkeyv2_parsemessage.c,v 1.57 2021/05/25 09:55:22 bluhm Exp $	*/
+/*	$OpenBSD: pfkeyv2_parsemessage.c,v 1.58 2021/07/05 12:01:20 tobhe Exp $	*/
 
 /*
  *	@(#)COPYRIGHT	1.1 (NRL) 17 January 1995
@@ -128,6 +128,7 @@
 #define BITMAP_X_SATYPE2               (1LL << SADB_X_EXT_SATYPE2)
 #define BITMAP_X_RDOMAIN               (1LL << SADB_X_EXT_RDOMAIN)
 #define BITMAP_X_COUNTER               (1LL << SADB_X_EXT_COUNTER)
+#define BITMAP_X_MTU                   (1LL << SADB_X_EXT_MTU)
 
 uint64_t sadb_exts_allowed_in[SADB_MAX+1] =
 {
@@ -214,7 +215,7 @@ const uint64_t sadb_exts_allowed_out[SADB_MAX+1] =
 	/* DELETE */
 	BITMAP_SA | BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_X_RDOMAIN,
 	/* GET */
-	BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_UDPENCAP | BITMAP_X_LIFETIME_LASTUSE | BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_PROTOCOL | BITMAP_X_FLOW_TYPE | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_COUNTER | BITMAP_X_RDOMAIN,
+	BITMAP_SA | BITMAP_LIFETIME | BITMAP_ADDRESS | BITMAP_KEY | BITMAP_IDENTITY | BITMAP_X_UDPENCAP | BITMAP_X_LIFETIME_LASTUSE | BITMAP_X_SRC_MASK | BITMAP_X_DST_MASK | BITMAP_X_PROTOCOL | BITMAP_X_FLOW_TYPE | BITMAP_X_SRC_FLOW | BITMAP_X_DST_FLOW | BITMAP_X_TAG | BITMAP_X_TAP | BITMAP_X_COUNTER | BITMAP_X_RDOMAIN | BITMAP_X_MTU,
 	/* ACQUIRE */
 	BITMAP_ADDRESS_SRC | BITMAP_ADDRESS_DST | BITMAP_IDENTITY | BITMAP_PROPOSAL,
 	/* REGISTER */
-- 
2.20.1