AZL-77676

In the Linux kernel, the following vulnerability has been resolved:

net: fix segmentation of forwarding fraglist GRO

This patch enhances GSO segment handling by properly checking the SKBGSODODGY flag for frag_list GSO packets, addressing low throughput issues observed when a station accesses IPv4 servers via hotspots with an IPv6-only upstream interface.

Specifically, it fixes a bug in GSO segmentation when forwarding GRO packets containing a fraglist. The function skbsegmentlist cannot correctly process GRO skbs that have been converted by XLAT, since XLAT only translates the header of the head skb. Consequently, skbs in the fraglist may remain untranslated, resulting in protocol inconsistencies and reduced throughput.

To address this, the patch explicitly sets the SKBGSODODGY flag for GSO packets in XLAT's IPv4/IPv6 protocol translation helpers (bpfskbproto4to6 and bpfskbproto6to4). This marks GSO packets as potentially modified after protocol translation. As a result, GSO segmentation will avoid using skbsegmentlist and instead falls back to skbsegment for packets with the SKBGSODODGY flag. This ensures that only safe and fully translated fraglist packets are processed by skbsegmentlist, resolving protocol inconsistencies and improving throughput when forwarding GRO packets converted by XLAT.