← Back to team overview

kernel-packages team mailing list archive

[Bug 1549332] [NEW] xfrm4_gc_thresh should default to INT_MAX

 

Public bug reported:

The default xfrm4_gc_thresh (and xfrm6_gc_thresh) value is currently
32k, but in systems with > 16 cpus, this will (eventually) cause
failures when ipsec uses too many dst objects.  As xfrm doesn't actually
manage its dst objects, the flowcache does, this parameter doesn't
actually control xfrm dst gc, it only causes failures when exceeded.
Thus is should simply be set to INT_MAX.

Upstream commit that fixes this is
c386578f1cdb4dac230395a951f88027f64346e3

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: Dan Streetman (ddstreet)
         Status: Incomplete

** Changed in: linux (Ubuntu)
     Assignee: (unassigned) => Dan Streetman (ddstreet)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1549332

Title:
  xfrm4_gc_thresh should default to INT_MAX

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  The default xfrm4_gc_thresh (and xfrm6_gc_thresh) value is currently
  32k, but in systems with > 16 cpus, this will (eventually) cause
  failures when ipsec uses too many dst objects.  As xfrm doesn't
  actually manage its dst objects, the flowcache does, this parameter
  doesn't actually control xfrm dst gc, it only causes failures when
  exceeded.  Thus is should simply be set to INT_MAX.

  Upstream commit that fixes this is
  c386578f1cdb4dac230395a951f88027f64346e3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1549332/+subscriptions


Follow ups