From 25f0a3fc8f6f9cf681bb5afda8e1762816c67a8b Mon Sep 17 00:00:00 2001
From: Jordan Whited <jordan@tailscale.com>
Date: Sat, 3 Aug 2024 15:03:44 -0700
Subject: [PATCH] wgengine/netstack: use build tags to exclude gVisor GRO
 importation on iOS (#13015)

Updates tailscale/corp#22125

Signed-off-by: Jordan Whited <jordan@tailscale.com>
---
 wgengine/netstack/gro_default.go   | 16 ++++++++++++++++
 wgengine/netstack/gro_ios.go       | 30 ++++++++++++++++++++++++++++++
 wgengine/netstack/link_endpoint.go |  3 +--
 3 files changed, 47 insertions(+), 2 deletions(-)
 create mode 100644 wgengine/netstack/gro_default.go
 create mode 100644 wgengine/netstack/gro_ios.go

diff --git a/wgengine/netstack/gro_default.go b/wgengine/netstack/gro_default.go
new file mode 100644
index 000000000..ef4ff4b98
--- /dev/null
+++ b/wgengine/netstack/gro_default.go
@@ -0,0 +1,16 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build !ios
+
+package netstack
+
+import (
+	nsgro "gvisor.dev/gvisor/pkg/tcpip/stack/gro"
+)
+
+// gro wraps a gVisor GRO implementation. It exists solely to prevent iOS from
+// importing said package (see _ios.go).
+type gro struct {
+	nsgro.GRO
+}
diff --git a/wgengine/netstack/gro_ios.go b/wgengine/netstack/gro_ios.go
new file mode 100644
index 000000000..fb252f7db
--- /dev/null
+++ b/wgengine/netstack/gro_ios.go
@@ -0,0 +1,30 @@
+// Copyright (c) Tailscale Inc & AUTHORS
+// SPDX-License-Identifier: BSD-3-Clause
+
+//go:build ios
+
+package netstack
+
+import (
+	"gvisor.dev/gvisor/pkg/tcpip/stack"
+)
+
+// gro on iOS delivers packets to its Dispatcher, immediately. This type exists
+// to prevent importation of the gVisor GRO implementation as said package
+// increases binary size. This is a penalty we do not wish to pay since we
+// currently do not leverage GRO on iOS.
+type gro struct {
+	Dispatcher stack.NetworkDispatcher
+}
+
+func (g *gro) Init(v bool) {
+	if v {
+		panic("GRO is not supported on this platform")
+	}
+}
+
+func (g *gro) Flush() {}
+
+func (g *gro) Enqueue(pkt *stack.PacketBuffer) {
+	g.Dispatcher.DeliverNetworkPacket(pkt.NetworkProtocolNumber, pkt)
+}
diff --git a/wgengine/netstack/link_endpoint.go b/wgengine/netstack/link_endpoint.go
index 22fdcf8b3..238e14cf0 100644
--- a/wgengine/netstack/link_endpoint.go
+++ b/wgengine/netstack/link_endpoint.go
@@ -14,7 +14,6 @@ import (
 	"gvisor.dev/gvisor/pkg/tcpip/header"
 	"gvisor.dev/gvisor/pkg/tcpip/header/parse"
 	"gvisor.dev/gvisor/pkg/tcpip/stack"
-	"gvisor.dev/gvisor/pkg/tcpip/stack/gro"
 	"tailscale.com/net/packet"
 	"tailscale.com/types/ipproto"
 )
@@ -96,7 +95,7 @@ type linkEndpoint struct {
 	dispatcher stack.NetworkDispatcher
 	linkAddr   tcpip.LinkAddress
 	mtu        uint32
-	gro        gro.GRO // mu only guards access to gro.Dispatcher
+	gro        gro // mu only guards access to gro.Dispatcher
 
 	q *queue // outbound
 }