From eb07c606d6e4d863ebf087dcefcd81f122086c0b Mon Sep 17 00:00:00 2001
From: Jordan Whited <jordan@tailscale.com>
Date: Wed, 21 Aug 2024 12:09:54 -0700
Subject: [PATCH] wgengine/netstack: disable gVisor GSO on Linux (#13213)

net/tstun.Wrapper.InjectInboundPacketBuffer is not GSO-aware, which can
break quad-100 TCP streams as a result. Linux is the only platform where
gVisor GSO was previously enabled.

Updates tailscale/corp#22511
Updates #13211

Signed-off-by: Jordan Whited <jordan@tailscale.com>
---
 wgengine/netstack/netstack.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/wgengine/netstack/netstack.go b/wgengine/netstack/netstack.go
index 3c8a357d9..2afbae0be 100644
--- a/wgengine/netstack/netstack.go
+++ b/wgengine/netstack/netstack.go
@@ -329,7 +329,8 @@ func Create(logf logger.Logf, tundev *tstun.Wrapper, e wgengine.Engine, mc *magi
 		// TODO(jwhited): add Windows GSO support https://github.com/tailscale/corp/issues/21874
 		// TODO(jwhited): exercise enableGRO in relation to https://github.com/tailscale/corp/issues/22353
 		linkEP = newLinkEndpoint(512, uint32(tstun.DefaultTUNMTU()), "", disableGRO)
-		linkEP.SupportedGSOKind = stack.HostGSOSupported
+		// TODO(jwhited): re-enable GSO https://github.com/tailscale/corp/issues/22511
+		linkEP.SupportedGSOKind = stack.GSONotSupported
 	} else {
 		linkEP = newLinkEndpoint(512, uint32(tstun.DefaultTUNMTU()), "", disableGRO)
 	}