packet: check udp payload length when processing an initial packet

As Billy Foster noticed, rfc9000#section-14.1 provides: "A server MUST
discard an Initial packet that is carried in a UDP datagram with a
payload that is smaller than the smallest allowed maximum datagram size
of 1200 bytes."

This patch is to add the missing check for payload length of UDP packet
carrying initial packets in quic_packet_handshake_header_process() on
server side.

Meanwhile, in quic_packet_handshake_create() add padding to all initial
packets on both client and server sides.

Signed-off-by: Xin Long <lucien.xin@gmail.com>

modules/net/quic/packet.c

@@ -604,6 +604,7 @@ static int quic_packet_handshake_header_process(struct sock *sk, struct sk_buff
 	struct quic_outqueue *outq = quic_outq(sk);
 	u32 len = skb->len, version;
 	struct quic_data token;
+	struct udphdr *uh;
 	u64 length;
 
 	quic_packet_reset(packet);
@@ -626,7 +627,9 @@ static int quic_packet_handshake_header_process(struct sock *sk, struct sk_buff
 		if (quic_packet_get_token(&token, &p, &len))
 			return -EINVAL;
 		packet->level = QUIC_CRYPTO_INITIAL;
-		if (!quic_is_serv(sk) && token.len) {
+		uh = (struct udphdr *)(skb->head + cb->udph_offset);
+		if ((!quic_is_serv(sk) && token.len) ||
+		    (quic_is_serv(sk) && ntohs(uh->len) - sizeof(*uh) < QUIC_MIN_UDP_PAYLOAD)) {
 			packet->errcode = QUIC_TRANSPORT_ERROR_PROTOCOL_VIOLATION;
 			return -EINVAL;
 		}
@@ -1263,12 +1266,12 @@ static struct sk_buff *quic_packet_handshake_create(struct sock *sk)
 	}
 
 	len = packet->len;
+	hlen = QUIC_MIN_UDP_PAYLOAD - packet->taglen[1];
+	if (level == QUIC_CRYPTO_INITIAL && len < hlen) {
+		len = hlen;
+		plen = len - packet->len;
+	}
 	if (packet->frames) {
-		hlen = QUIC_MIN_UDP_PAYLOAD - packet->taglen[1];
-		if (level == QUIC_CRYPTO_INITIAL && !quic_is_serv(sk) && len < hlen) {
-			len = hlen;
-			plen = len - packet->len;
-		}
 		sent = quic_packet_sent_alloc(packet->frames);
 		if (!sent) {
 			quic_outq_retransmit_list(sk, &packet->frame_list);