From 88edd82daba748ec0a27bc8224e9d429a78c51e5 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sun, 16 Jul 2023 11:42:37 +0200
Subject: [PATCH] 6.4-stable patches

added patches:
	ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch
---
 ...-ip_vs_conn_tab_bits-range-for-64bit.patch | 90 +++++++++++++++++++
 queue-6.4/series                              |  1 +
 2 files changed, 91 insertions(+)
 create mode 100644 queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch

diff --git a/queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch b/queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch
new file mode 100644
index 00000000000..da07f1808c8
--- /dev/null
+++ b/queue-6.4/ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch
@@ -0,0 +1,90 @@
+From 04292c695f82b6cf0d25dd5ae494f16ddbb621f6 Mon Sep 17 00:00:00 2001
+From: Abhijeet Rastogi <abhijeet.1989@gmail.com>
+Date: Tue, 16 May 2023 20:08:49 -0700
+Subject: ipvs: increase ip_vs_conn_tab_bits range for 64BIT
+
+From: Abhijeet Rastogi <abhijeet.1989@gmail.com>
+
+commit 04292c695f82b6cf0d25dd5ae494f16ddbb621f6 upstream.
+
+Current range [8, 20] is set purely due to historical reasons
+because at the time, ~1M (2^20) was considered sufficient.
+With this change, 27 is the upper limit for 64-bit, 20 otherwise.
+
+Previous change regarding this limit is here.
+
+Link: https://lore.kernel.org/all/86eabeb9dd62aebf1e2533926fdd13fed48bab1f.1631289960.git.aclaudi@redhat.com/T/#u
+
+Signed-off-by: Abhijeet Rastogi <abhijeet.1989@gmail.com>
+Acked-by: Julian Anastasov <ja@ssi.bg>
+Acked-by: Simon Horman <horms@kernel.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Cc: Allen Pais <apais@linux.microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/netfilter/ipvs/Kconfig      |   27 ++++++++++++++-------------
+ net/netfilter/ipvs/ip_vs_conn.c |    4 ++--
+ 2 files changed, 16 insertions(+), 15 deletions(-)
+
+--- a/net/netfilter/ipvs/Kconfig
++++ b/net/netfilter/ipvs/Kconfig
+@@ -44,7 +44,8 @@ config	IP_VS_DEBUG
+ 
+ config	IP_VS_TAB_BITS
+ 	int "IPVS connection table size (the Nth power of 2)"
+-	range 8 20
++	range 8 20 if !64BIT
++	range 8 27 if 64BIT
+ 	default 12
+ 	help
+ 	  The IPVS connection hash table uses the chaining scheme to handle
+@@ -54,24 +55,24 @@ config	IP_VS_TAB_BITS
+ 
+ 	  Note the table size must be power of 2. The table size will be the
+ 	  value of 2 to the your input number power. The number to choose is
+-	  from 8 to 20, the default number is 12, which means the table size
+-	  is 4096. Don't input the number too small, otherwise you will lose
+-	  performance on it. You can adapt the table size yourself, according
+-	  to your virtual server application. It is good to set the table size
+-	  not far less than the number of connections per second multiplying
+-	  average lasting time of connection in the table.  For example, your
+-	  virtual server gets 200 connections per second, the connection lasts
+-	  for 200 seconds in average in the connection table, the table size
+-	  should be not far less than 200x200, it is good to set the table
+-	  size 32768 (2**15).
++	  from 8 to 27 for 64BIT(20 otherwise), the default number is 12,
++	  which means the table size is 4096. Don't input the number too
++	  small, otherwise you will lose performance on it. You can adapt the
++	  table size yourself, according to your virtual server application.
++	  It is good to set the table size not far less than the number of
++	  connections per second multiplying average lasting time of
++	  connection in the table.  For example, your virtual server gets 200
++	  connections per second, the connection lasts for 200 seconds in
++	  average in the connection table, the table size should be not far
++	  less than 200x200, it is good to set the table size 32768 (2**15).
+ 
+ 	  Another note that each connection occupies 128 bytes effectively and
+ 	  each hash entry uses 8 bytes, so you can estimate how much memory is
+ 	  needed for your box.
+ 
+ 	  You can overwrite this number setting conn_tab_bits module parameter
+-	  or by appending ip_vs.conn_tab_bits=? to the kernel command line
+-	  if IP VS was compiled built-in.
++	  or by appending ip_vs.conn_tab_bits=? to the kernel command line if
++	  IP VS was compiled built-in.
+ 
+ comment "IPVS transport protocol load balancing support"
+ 
+--- a/net/netfilter/ipvs/ip_vs_conn.c
++++ b/net/netfilter/ipvs/ip_vs_conn.c
+@@ -1485,8 +1485,8 @@ int __init ip_vs_conn_init(void)
+ 	int idx;
+ 
+ 	/* Compute size and mask */
+-	if (ip_vs_conn_tab_bits < 8 || ip_vs_conn_tab_bits > 20) {
+-		pr_info("conn_tab_bits not in [8, 20]. Using default value\n");
++	if (ip_vs_conn_tab_bits < 8 || ip_vs_conn_tab_bits > 27) {
++		pr_info("conn_tab_bits not in [8, 27]. Using default value\n");
+ 		ip_vs_conn_tab_bits = CONFIG_IP_VS_TAB_BITS;
+ 	}
+ 	ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;
diff --git a/queue-6.4/series b/queue-6.4/series
index f2f61fd7c0e..e2886b6c583 100644
--- a/queue-6.4/series
+++ b/queue-6.4/series
@@ -750,3 +750,4 @@ revert-udf-protect-rename-against-modification-of-moved-directory.patch
 fs-establish-locking-order-for-unrelated-directories.patch
 fs-lock-moved-directories.patch
 usb-typec-ucsi-mark-dgpus-as-device-scope.patch
+ipvs-increase-ip_vs_conn_tab_bits-range-for-64bit.patch
-- 
2.47.3