system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-07-23 19:49:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1168496 commits 7 branches 845 tags 6.7 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Eric Dumazet c77737b736 netfilter: conntrack: adopt safer max chain length 
Customers using GKE 1.25 and 1.26 are facing conntrack issues
root caused to commit c9c3b6811f ("netfilter: conntrack: make
max chain length random").

Even if we assume Uniform Hashing, a bucket often reachs 8 chained
items while the load factor of the hash table is smaller than 0.5

With a limit of 16, we reach load factors of 3.
With a limit of 32, we reach load factors of 11.
With a limit of 40, we reach load factors of 15.
With a limit of 50, we reach load factors of 24.

This patch changes MIN_CHAINLEN to 50, to minimize risks.

Ideally, we could in the future add a cushion based on expected
load factor (2 * nf_conntrack_max / nf_conntrack_buckets),
because some setups might expect unusual values.

Fixes: c9c3b6811f ("netfilter: conntrack: make max chain length random")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2023-03-07 10:58:06 +01:00
arch powerpc: dts: t1040rdb: enable both CPU ports 2023-02-28 14:13:32 -08:00
block Driver core changes for 6.3-rc1 2023-02-24 12:58:55 -08:00
certs Kbuild updates for v6.3 2023-02-26 11:53:25 -08:00
crypto Networking changes for 6.3. 2023-02-21 18:24:12 -08:00
Documentation netlink: specs: update for codegen enumerating from 1 2023-03-03 08:22:39 +00:00
drivers nfp: fix esp-tx-csum-offload doesn't take effect 2023-03-03 08:28:44 +00:00
fs ARM: SoC drivers for 6.3 2023-02-27 10:04:49 -08:00
include netfilter: tproxy: fix deadlock due to missing BH disable 2023-03-06 12:09:48 +01:00
init Kbuild updates for v6.3 2023-02-26 11:53:25 -08:00
io_uring - Daniel Verkamp has contributed a memfd series ("mm/memfd: add 2023-02-23 17:09:35 -08:00
ipc Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2023-02-24 19:20:07 -08:00
kernel dma-mapping updates for Linux 6.3 2023-02-27 09:38:51 -08:00
lib Kernel concurrency sanitizer (KCSAN) updates for v6.3 2023-02-25 13:02:20 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
mm memblock: small optimizations 2023-02-27 09:34:53 -08:00
net netfilter: conntrack: adopt safer max chain length 2023-03-07 10:58:06 +01:00
rust Kbuild updates for v6.3 2023-02-26 11:53:25 -08:00
samples VFIO updates for v6.3-rc1 2023-02-25 11:52:57 -08:00
scripts Kbuild updates for v6.3 2023-02-26 11:53:25 -08:00
security powerpc updates for 6.3 2023-02-25 11:00:06 -08:00
sound ARM: SoC drivers for 6.3 2023-02-27 10:04:49 -08:00
tools tools: ynl: use 1 as the default for first entry in attrs/ops 2023-03-03 08:22:39 +00:00
usr usr/gen_init_cpio.c: remove unnecessary -1 values from int file 2022-10-03 14:21:44 -07:00
virt KVM/riscv changes for 6.3 2023-02-15 12:33:28 -05:00
.clang-format media: subdev: Add for_each_active_route() macro 2023-01-22 09:35:57 +01:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for *.dtso files 2023-02-26 15:28:23 +09:00
.gitignore .gitignore: ignore *.cover and *.mbx 2023-02-05 18:51:22 +09:00
.mailmap 12 hotfixes, mostly against mm/. Five of these fixes are cc:stable. 2023-02-13 14:09:20 -08:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING
CREDITS There is no particular theme here - mainly quick hits all over the tree. 2023-02-23 17:55:40 -08:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS ARM: SoC fixes for 6.3, part 1 2023-02-27 10:09:40 -08:00
Makefile Kbuild updates for v6.3 2023-02-26 11:53:25 -08:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.