[CentOS-devel] Backport of xfrm kernel bugfix
Matt Dees
matt.dees at netprotect.comThu Dec 12 20:03:13 UTC 2019
- Previous message: [CentOS-devel] Centos Atomic deprecated?
- Next message: [CentOS-devel] Backport of xfrm kernel bugfix
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi All! We have been dealing with a memory leak in the kernel for IKEv2 and IPSec connections relating to a memory leak in xfrm support on both el8 and el7. The symptom of this issue is that memory will continue allocating in slab over time making a box oom after too many connections. As per some external discussions I am sending the patch + bug report on to this list. It has already been accepted into upstream kernels (4.19 included) and is a pretty straight forward backport. I have tested and installed this on a few centos8 systems to validate that this does indeed solve the memory leak issue. rbz# 1780470 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20191212/28479f8b/attachment-0002.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: xfrm_fix_memleak.patch Type: text/x-patch Size: 1354 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20191212/28479f8b/attachment-0002.bin>
- Previous message: [CentOS-devel] Centos Atomic deprecated?
- Next message: [CentOS-devel] Backport of xfrm kernel bugfix
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list