6.4-stable patches

added patches:
	ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch

diff --git a/queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch b/queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch
new file mode 100644 (file)
index 0000000..da07f18
--- /dev/null
+++ b/queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch
@@ -0,0 +1,90 @@
+From 04292c695f82b6cf0d25dd5ae494f16ddbb621f6 Mon Sep 17 00:00:00 2001
+From: Abhijeet Rastogi <abhijeet.1989@gmail.com>
+Date: Tue, 16 May 2023 20:08:49 -0700
+Subject: ipvs: increase ip_vs_conn_tab_bits range for 64BIT
+
+From: Abhijeet Rastogi <abhijeet.1989@gmail.com>
+
+commit 04292c695f82b6cf0d25dd5ae494f16ddbb621f6 upstream.
+
+Current range [8, 20] is set purely due to historical reasons
+because at the time, ~1M (2^20) was considered sufficient.
+With this change, 27 is the upper limit for 64-bit, 20 otherwise.
+
+Previous change regarding this limit is here.
+
+Link: https://lore.kernel.org/all/86eabeb9dd62aebf1e2533926fdd13fed48bab1f.1631289960.git.aclaudi@redhat.com/T/#u
+
+Signed-off-by: Abhijeet Rastogi <abhijeet.1989@gmail.com>
+Acked-by: Julian Anastasov <ja@ssi.bg>
+Acked-by: Simon Horman <horms@kernel.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Cc: Allen Pais <apais@linux.microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/netfilter/ipvs/Kconfig      |   27 ++++++++++++++-------------
+ net/netfilter/ipvs/ip_vs_conn.c |    4 ++--
+ 2 files changed, 16 insertions(+), 15 deletions(-)
+
+--- a/net/netfilter/ipvs/Kconfig
++++ b/net/netfilter/ipvs/Kconfig
+@@ -44,7 +44,8 @@ config       IP_VS_DEBUG
+ 
+ config        IP_VS_TAB_BITS
+       int "IPVS connection table size (the Nth power of 2)"
+-      range 8 20
++      range 8 20 if !64BIT
++      range 8 27 if 64BIT
+       default 12
+       help
+         The IPVS connection hash table uses the chaining scheme to handle
+@@ -54,24 +55,24 @@ config     IP_VS_TAB_BITS
+ 
+         Note the table size must be power of 2. The table size will be the
+         value of 2 to the your input number power. The number to choose is
+-        from 8 to 20, the default number is 12, which means the table size
+-        is 4096. Don't input the number too small, otherwise you will lose
+-        performance on it. You can adapt the table size yourself, according
+-        to your virtual server application. It is good to set the table size
+-        not far less than the number of connections per second multiplying
+-        average lasting time of connection in the table.  For example, your
+-        virtual server gets 200 connections per second, the connection lasts
+-        for 200 seconds in average in the connection table, the table size
+-        should be not far less than 200x200, it is good to set the table
+-        size 32768 (2**15).
++        from 8 to 27 for 64BIT(20 otherwise), the default number is 12,
++        which means the table size is 4096. Don't input the number too
++        small, otherwise you will lose performance on it. You can adapt the
++        table size yourself, according to your virtual server application.
++        It is good to set the table size not far less than the number of
++        connections per second multiplying average lasting time of
++        connection in the table.  For example, your virtual server gets 200
++        connections per second, the connection lasts for 200 seconds in
++        average in the connection table, the table size should be not far
++        less than 200x200, it is good to set the table size 32768 (2**15).
+ 
+         Another note that each connection occupies 128 bytes effectively and
+         each hash entry uses 8 bytes, so you can estimate how much memory is
+         needed for your box.
+ 
+         You can overwrite this number setting conn_tab_bits module parameter
+-        or by appending ip_vs.conn_tab_bits=? to the kernel command line
+-        if IP VS was compiled built-in.
++        or by appending ip_vs.conn_tab_bits=? to the kernel command line if
++        IP VS was compiled built-in.
+ 
+ comment "IPVS transport protocol load balancing support"
+ 
+--- a/net/netfilter/ipvs/ip_vs_conn.c
++++ b/net/netfilter/ipvs/ip_vs_conn.c
+@@ -1485,8 +1485,8 @@ int __init ip_vs_conn_init(void)
+       int idx;
+ 
+       /* Compute size and mask */
+-      if (ip_vs_conn_tab_bits < 8 || ip_vs_conn_tab_bits > 20) {
+-              pr_info("conn_tab_bits not in [8, 20]. Using default value\n");
++      if (ip_vs_conn_tab_bits < 8 || ip_vs_conn_tab_bits > 27) {
++              pr_info("conn_tab_bits not in [8, 27]. Using default value\n");
+               ip_vs_conn_tab_bits = CONFIG_IP_VS_TAB_BITS;
+       }
+       ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;

diff --git a/queue-6.4/series b/queue-6.4/series
index f2f61fd7c0e42dea6b10009681397dfc1589c9ba..e2886b6c58339d5642d02a01f8a55d5aa189bc23 100644 (file)
--- a/queue-6.4/series
+++ b/queue-6.4/series
@@ -750,3 +750,4 @@ revert-udf-protect-rename-against-modification-of-moved-directory.patch
 fs-establish-locking-order-for-unrelated-directories.patch
 fs-lock-moved-directories.patch
 usb-typec-ucsi-mark-dgpus-as-device-scope.patch
+ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch