Re: [PATCH 3.17 023/319] drivers/net: Disable UFO through virtio

From: Ben Hutchings
Date: Wed Nov 12 2014 - 16:04:18 EST


On Wed, 2014-11-12 at 10:12 +0900, Greg Kroah-Hartman wrote:
> 3.17-stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
>
> [ Upstream commit 3d0ad09412ffe00c9afa201d01effdb6023d09b4 ]
>
> IPv6 does not allow fragmentation by routers, so there is no
> fragmentation ID in the fixed header. UFO for IPv6 requires the ID to
> be passed separately, but there is no provision for this in the virtio
> net protocol.
>
> Until recently our software implementation of UFO/IPv6 generated a new
> ID, but this was a bug. Now we will use ID=0 for any UFO/IPv6 packet
> passed through a tap, which is even worse.
>
> Unfortunately there is no distinction between UFO/IPv4 and v6
> features, so disable UFO on taps and virtio_net completely until we
> have a proper solution.
[...]

Please drop this patch for 3.14 and 3.17. It causes problems for
migration of VMs and we're probably going to revert part of this. The
following patch ("drivers/net, ipv6: Select IPv6 fragment idents for
virtio UFO packets") might no longer apply, in which case you can drop
that as well until we have this sorted out upstream.

Ben.

--
Ben Hutchings
Experience is directly proportional to the value of equipment destroyed.
- Carolyn Scheppner

Attachment: signature.asc
Description: This is a digitally signed message part