net: Support all valid IP_MTU_DISCOVER values for UDP and TCP

The UDP endpoint only accepted PMTUDiscoveryDont and the TCP endpoint
rejected PMTUDiscoveryProbe, causing QUIC libraries (quic-go) to fail
when setting IP_PMTUDISC_DO or IP_PMTUDISC_PROBE on UDP sockets.

Accept all valid PMTUD strategies (DONT/WANT/DO/PROBE) for both UDP
and TCP, since gVisor does not implement ICMP-based PMTU feedback,
`PROBE` and `DO` are functionally equivalent — both set DF but neither
updates a cached route PMTU.

Test: UdpSocketTest.SetPMTUD, TcpSocketTest.SetPMTUD

Signed-off-by: Tan Yifeng <yiftan@tencent.com>

Author: tanyifeng

pkg/tcpip/tcpip.go

@@ -955,9 +955,8 @@ const (
 
 	// MTUDiscoverOption is used to set/get the path MTU discovery setting.
 	//
-	// NOTE: Setting this option to any other value than PMTUDiscoveryDont
-	// is not supported and will fail as such, and getting this option will
-	// always return PMTUDiscoveryDont.
+	// The value controls whether the Don't Fragment (DF) bit is set on
+	// outgoing IPv4 packets.
 	MTUDiscoverOption
 
 	// MulticastTTLOption is used by SetSockOptInt/GetSockOptInt to control

pkg/tcpip/transport/internal/network/endpoint.go

@@ -74,6 +74,8 @@ type Endpoint struct {
 	ipv4TOS uint8
 	// +checklocks:mu
 	ipv6TClass uint8
+	// +checklocks:mu
+	pmtud tcpip.PMTUDStrategy
 
 	// Lock ordering: mu > infoMu.
 	infoMu sync.RWMutex `state:"nosave"`
@@ -234,6 +236,7 @@ type WriteContext struct {
 	route *stack.Route
 	ttl   uint8
 	tos   uint8
+	df    bool
 }
 
 func (c *WriteContext) MTU() uint32 {
@@ -362,6 +365,7 @@ func (c *WriteContext) WritePacket(pkt *stack.PacketBuffer, headerIncluded bool)
 		Protocol:              c.e.transProto,
 		TTL:                   c.ttl,
 		TOS:                   c.tos,
+		DF:                    c.df,
 		ExperimentOptionValue: expOptVal,
 	}, pkt)
 
@@ -568,11 +572,28 @@ func (e *Endpoint) AcquireContextForWrite(opts tcpip.WriteOptions) (WriteContext
 		panic(fmt.Sprintf("invalid protocol number = %d", netProto))
 	}
 
+	// Set the DF (Don't Fragment) bit based on the PMTUD strategy,
+	// matching TCP behavior in connect.go.
+	// Note: In gVisor, WANT and DO are treated identically (both set DF).
+	// Linux kernel differentiates them (WANT allows local fragmentation,
+	// DO returns EMSGSIZE), but gVisor's IPv4 layer always allows local
+	// fragmentation for locally-generated packets regardless of DF
+	// (see gvisor.dev/issue/5919).
+	//
+	// PROBE also sets DF, matching Linux ip_dont_fragment(). In Linux,
+	// PROBE differs from DO only in that it ignores incoming ICMP
+	// "Fragmentation Needed" messages (i.e. does not update the cached
+	// route PMTU). Since gVisor does not implement ICMP-based PMTU
+	// feedback for transport sockets, PROBE and DO are functionally
+	// equivalent here.
+	df := e.pmtud == tcpip.PMTUDiscoveryWant || e.pmtud == tcpip.PMTUDiscoveryDo || e.pmtud == tcpip.PMTUDiscoveryProbe
+
 	return WriteContext{
 		e:     e,
 		route: route,
 		ttl:   ttl,
 		tos:   tos,
+		df:    df,
 	}, nil
 }
 
@@ -840,9 +861,18 @@ func (e *Endpoint) GetRemoteAddress() (tcpip.FullAddress, bool) {
 func (e *Endpoint) SetSockOptInt(opt tcpip.SockOptInt, v int) tcpip.Error {
 	switch opt {
 	case tcpip.MTUDiscoverOption:
-		// Return not supported if the value is not disabling path
-		// MTU discovery.
-		if tcpip.PMTUDStrategy(v) != tcpip.PMTUDiscoveryDont {
+		// Store PMTU discovery settings. The DF bit on outgoing
+		// packets is set accordingly in AcquireContextForWrite.
+		// PROBE is accepted alongside DO/WANT/DONT. In Linux,
+		// PROBE sets DF but ignores ICMP-based PMTU updates;
+		// since gVisor lacks ICMP PMTU feedback, it behaves
+		// identically to DO.
+		switch tcpip.PMTUDStrategy(v) {
+		case tcpip.PMTUDiscoveryWant, tcpip.PMTUDiscoveryDont, tcpip.PMTUDiscoveryDo, tcpip.PMTUDiscoveryProbe:
+			e.mu.Lock()
+			e.pmtud = tcpip.PMTUDStrategy(v)
+			e.mu.Unlock()
+		default:
 			return &tcpip.ErrNotSupported{}
 		}
 
@@ -891,8 +921,10 @@ func (e *Endpoint) SetSockOptInt(opt tcpip.SockOptInt, v int) tcpip.Error {
 func (e *Endpoint) GetSockOptInt(opt tcpip.SockOptInt) (int, tcpip.Error) {
 	switch opt {
 	case tcpip.MTUDiscoverOption:
-		// The only supported setting is path MTU discovery disabled.
-		return int(tcpip.PMTUDiscoveryDont), nil
+		e.mu.Lock()
+		v := int(e.pmtud)
+		e.mu.Unlock()
+		return v, nil
 
 	case tcpip.MulticastTTLOption:
 		e.mu.Lock()

pkg/tcpip/transport/tcp/connect.go

@@ -1039,7 +1039,8 @@ func (e *Endpoint) sendRaw(pkt *stack.PacketBuffer, flags header.TCPFlags, seq,
 		ack:       ack,
 		rcvWnd:    rcvWnd,
 		opts:      options,
-		df:        e.pmtud == tcpip.PMTUDiscoveryWant || e.pmtud == tcpip.PMTUDiscoveryDo,
+		// PROBE sets DF like DO; see network/endpoint.go for details.
+		df:        e.pmtud == tcpip.PMTUDiscoveryWant || e.pmtud == tcpip.PMTUDiscoveryDo || e.pmtud == tcpip.PMTUDiscoveryProbe,
 		expOptVal: expOptVal,
 	}, pkt, e.gso)
 }

pkg/tcpip/transport/tcp/endpoint.go

@@ -1901,15 +1901,15 @@ func (e *Endpoint) SetSockOptInt(opt tcpip.SockOptInt, v int) tcpip.Error {
 		e.UnlockUser()
 
 	case tcpip.MTUDiscoverOption:
+		// PROBE is accepted alongside DO/WANT/DONT. In Linux,
+		// PROBE sets DF but ignores ICMP-based PMTU updates;
+		// since gVisor lacks ICMP PMTU feedback, it behaves
+		// identically to DO.
 		switch v := tcpip.PMTUDStrategy(v); v {
-		case tcpip.PMTUDiscoveryWant, tcpip.PMTUDiscoveryDont, tcpip.PMTUDiscoveryDo:
+		case tcpip.PMTUDiscoveryWant, tcpip.PMTUDiscoveryDont, tcpip.PMTUDiscoveryDo, tcpip.PMTUDiscoveryProbe:
 			e.LockUser()
 			e.pmtud = v
 			e.UnlockUser()
-		case tcpip.PMTUDiscoveryProbe:
-			// We don't support a way to ignore MTU updates; it's
-			// either on or it's off.
-			return &tcpip.ErrNotSupported{}
 		default:
 			return &tcpip.ErrNotSupported{}
 		}

test/syscalls/linux/tcp_socket.cc

@@ -2342,38 +2342,25 @@ TEST_P(TcpSocketTest, SetPMTUD) {
       SyscallSucceeds());
   EXPECT_EQ(got, IP_PMTUDISC_WANT);
 
-  int set = IP_PMTUDISC_DO;
-  ASSERT_THAT(
-      setsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &set, length),
-      SyscallSucceeds());
-  ASSERT_THAT(
-      getsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &got, &length),
-      SyscallSucceeds());
-  EXPECT_EQ(got, IP_PMTUDISC_DO);
-  set = IP_PMTUDISC_DONT;
-  ASSERT_THAT(
-      setsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &set, length),
-      SyscallSucceeds());
-  ASSERT_THAT(
-      getsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &got, &length),
-      SyscallSucceeds());
-  EXPECT_EQ(got, IP_PMTUDISC_DONT);
-
-  // IP_PMTUDISC_PROBE is not supported by gVisor.
-  set = IP_PMTUDISC_PROBE;
-  if (IsRunningOnGvisor() && !IsRunningWithHostinet()) {
+  // Set and verify each valid PMTUD strategy.
+  int strategies[] = {IP_PMTUDISC_DONT, IP_PMTUDISC_WANT, IP_PMTUDISC_DO,
+                      IP_PMTUDISC_PROBE};
+  for (int strategy : strategies) {
     ASSERT_THAT(
-        setsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &set, length),
-        SyscallFailsWithErrno(ENOTSUP));
-  } else {
-    ASSERT_THAT(
-        setsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &set, length),
+        setsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &strategy,
+                   length),
         SyscallSucceeds());
     ASSERT_THAT(
         getsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &got, &length),
         SyscallSucceeds());
-    EXPECT_EQ(got, IP_PMTUDISC_PROBE);
+    EXPECT_EQ(got, strategy);
   }
+
+  // Invalid value should fail.
+  int invalid = 99;
+  EXPECT_THAT(
+      setsockopt(accepted_.get(), SOL_IP, IP_MTU_DISCOVER, &invalid, length),
+      SyscallFails());
 }
 
 TEST_P(SimpleTcpSocketTest, GetSocketAcceptConnWithShutdown) {

test/syscalls/linux/udp_socket.cc

@@ -2048,6 +2048,35 @@ TEST_P(UdpSocketTest, ConnectToZeroPortConnected) {
               SyscallFailsWithErrno(ENOTCONN));
 }
 
+TEST_P(UdpSocketTest, SetPMTUD) {
+  // IP_PMTUDISC_WANT should be default.
+  int got = -1;
+  socklen_t length = sizeof(got);
+  ASSERT_THAT(
+      getsockopt(bind_.get(), SOL_IP, IP_MTU_DISCOVER, &got, &length),
+      SyscallSucceeds());
+  EXPECT_EQ(got, IP_PMTUDISC_WANT);
+
+  // Set and verify each valid PMTUD strategy.
+  int strategies[] = {IP_PMTUDISC_DONT, IP_PMTUDISC_WANT, IP_PMTUDISC_DO,
+                      IP_PMTUDISC_PROBE};
+  for (int strategy : strategies) {
+    ASSERT_THAT(
+        setsockopt(bind_.get(), SOL_IP, IP_MTU_DISCOVER, &strategy, length),
+        SyscallSucceeds());
+    ASSERT_THAT(
+        getsockopt(bind_.get(), SOL_IP, IP_MTU_DISCOVER, &got, &length),
+        SyscallSucceeds());
+    EXPECT_EQ(got, strategy);
+  }
+
+  // Invalid value should fail.
+  int invalid = 99;
+  EXPECT_THAT(
+      setsockopt(bind_.get(), SOL_IP, IP_MTU_DISCOVER, &invalid, length),
+      SyscallFails());
+}
+
 INSTANTIATE_TEST_SUITE_P(AllInetTests, UdpSocketTest,
                          ::testing::Values(AF_INET, AF_INET6));