[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Questions about XSA39



Nick Pegg writes ("[Xen-devel] Questions about XSA39"):
> I had some questions regarding XSA39, and I hope you all can answer them.
> 
> We've been rolling out some hosts with the XSA39 patch applied and have
> come across a problem where a few of our customer DomUs keep hitting the
> conditions which call netbk_fatal_tx_err(), mostly "Frag is bigger than
> frame." These specific DomUs hit it repeatedly, between once every few
> hours to every few days, and the customers say that they're sending
> legitimate traffic (which I'm inclined to believe is true).
> 
> If the XSA39 protection is this easy to hit under normal circumstances,
> should the solution really be as harsh as disconnecting the vif? Would
> it be possible to just drop the packet(s) without causing netback to
> spin while processing them?
> 
> FWIW, I have gotten a pcap dump from one of the customers facing this
> problem. Wireshark does complain about a UDP packet in the sample being
> too large (65538 bytes, over the max of 65535). Could this packet
> possibly be the culprit? Unfortunately Wireshark refuses to load in the
> packet, so I have not yet been able to dissect it.

CCing the authors/reviewers of the XSA-39 patch.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.