net: xfrm: revert to lower xfrm dst gc limit revert c386578f1cdb4dac230395 ("xfrm: Let the flowcache handle its size by default."). Once we remove flow cache, we don't have a flow cache limit anymore. We must not allow (virtually) unlimited allocations of xfrm dst entries. Revert back to the old xfrm dst gc limits. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 3c2a89ddc11896cf5498115c0380ab54b1c424b7 [log] [tgz]
author: Florian Westphal <fw@strlen.de> Mon Jul 17 13:57:20 2017 +0200
committer: David S. Miller <davem@davemloft.net> Tue Jul 18 11:13:41 2017 -0700
tree: bde766458290a2088df1762a9c1290f35c2a6bdc
parent: 6b1c42e9726bdb00370342909d95efdc331d10ac [diff] [blame]
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 71b4ecc1..19455a5 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c

@@ -266,7 +266,7 @@ static struct dst_ops xfrm4_dst_ops_template = {
 	.destroy =		xfrm4_dst_destroy,
 	.ifdown =		xfrm4_dst_ifdown,
 	.local_out =		__ip_local_out,
-	.gc_thresh =		INT_MAX,
+	.gc_thresh =		32768,
 };
 
 static const struct xfrm_policy_afinfo xfrm4_policy_afinfo = {
commit	3c2a89ddc11896cf5498115c0380ab54b1c424b7	[log] [tgz]
author	Florian Westphal <fw@strlen.de>	Mon Jul 17 13:57:20 2017 +0200
committer	David S. Miller <davem@davemloft.net>	Tue Jul 18 11:13:41 2017 -0700
tree	bde766458290a2088df1762a9c1290f35c2a6bdc
parent	6b1c42e9726bdb00370342909d95efdc331d10ac [diff] [blame]