Commit 233c96fc authored Feb 05, 2015 by Miroslav Urbanek Committed by David S. Miller Feb 05, 2015

flowcache: Fix kernel panic in flow_cache_flush_task



flow_cache_flush_task references a structure member flow_cache_gc_work
where it should reference flow_cache_flush_task instead.

Kernel panic occurs on kernels using IPsec during XFRM garbage
collection. The garbage collection interval can be shortened using the
following sysctl settings:

net.ipv4.xfrm4_gc_thresh=4
net.ipv6.xfrm6_gc_thresh=4

With the default settings, our productions servers crash approximately
once a week. With the settings above, they crash immediately.

Fixes: ca925cf1 ("flowcache: Make flow cache name space aware")
Reported-by: Tomáš Charvát <tc@excello.cz>
Tested-by: Jan Hejl <jh@excello.cz>
Signed-off-by: Miroslav Urbanek <mu@miroslavurbanek.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent 9d82f5eb

net/core/flow.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -379,7 +379,7 @@ void flow_cache_flush(struct net *net)
	static void flow_cache_flush_task(struct work_struct *work)		static void flow_cache_flush_task(struct work_struct *work)
	{		{
	struct netns_xfrm *xfrm = container_of(work, struct netns_xfrm,		struct netns_xfrm *xfrm = container_of(work, struct netns_xfrm,
	flow_cache_gc_work);		flow_cache_flush_work);
	struct net *net = container_of(xfrm, struct net, xfrm);		struct net *net = container_of(xfrm, struct net, xfrm);

	flow_cache_flush(net);		flow_cache_flush(net);