From 3fd268d20979850a70453ed5f8891a0f03344bf2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 11 May 2021 22:21:52 +0200
Subject: resolved: be more careful with weird links with low MTUs

Apparently CAN links will show up in rtnetlink with very low MTUs. We
shouldn't consider them relevant if no IP is spoken over them, since
these MTUs are irrelevant for us then.

Hence, let's check if there's an address assigned to the link before
considering its MTU.

As additional safety net filter out MTUs smaller than the minimum DNS
packet size, too.

Finally, in case we don't find any suitable interface MTU, let's default
to 1500 as the generic Ethernet MTU.

Fixes: #19396
(cherry picked from commit 5a0d0b8f9cdfcbb82c4a89b28f0ebce414c9ecfe)
---
 src/resolve/resolved-manager.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/src/resolve/resolved-manager.c b/src/resolve/resolved-manager.c
index 4001be23e7..ed5d41a5e8 100644
--- a/src/resolve/resolved-manager.c
+++ b/src/resolve/resolved-manager.c
@@ -1097,18 +1097,27 @@ uint32_t manager_find_mtu(Manager *m) {
         uint32_t mtu = 0;
         Link *l;
 
-        /* If we don't know on which link a DNS packet would be
-         * delivered, let's find the largest MTU that works on all
-         * interfaces we know of */
+        /* If we don't know on which link a DNS packet would be delivered, let's find the largest MTU that
+         * works on all interfaces we know of that have an IP address asociated */
 
         HASHMAP_FOREACH(l, m->links) {
-                if (l->mtu <= 0)
+                /* Let's filter out links without IP addresses (e.g. AF_CAN links and suchlike) */
+                if (!l->addresses)
+                        continue;
+
+                /* Safety check: MTU shorter than what we need for the absolutely shortest DNS request? Then
+                 * let's ignore this link. */
+                if (l->mtu < MIN(UDP4_PACKET_HEADER_SIZE + DNS_PACKET_HEADER_SIZE,
+                                 UDP6_PACKET_HEADER_SIZE + DNS_PACKET_HEADER_SIZE))
                         continue;
 
                 if (mtu <= 0 || l->mtu < mtu)
                         mtu = l->mtu;
         }
 
+        if (mtu == 0) /* found nothing? then let's assume the typical Ethernet MTU for lack of anything more precise */
+                return 1500;
+
         return mtu;
 }
 
-- 
cgit v1.2.1