Thanks Matt for sending the patch to the list. This is moving forward inside Red Hat, and will be included in a future kernel package. We can't say for sure when this will happen, but the fix has been accepted. We're still ironing out the details for the CentOS Stream external contribution pipeline, so please bear with us. On Thu, Dec 12, 2019 at 2:03 PM Matt Dees <matt.dees at netprotect.com> wrote: > Hi All! > > We have been dealing with a memory leak in the kernel for IKEv2 and IPSec > connections relating to a memory leak in xfrm support on both el8 and el7. > The symptom of this issue is that memory will continue allocating in slab > over time making a box oom after too many connections. > > As per some external discussions I am sending the patch + bug report on to > this list. It has already been accepted into upstream kernels (4.19 > included) and is a pretty straight forward backport. I have tested and > installed this on a few centos8 systems to validate that this does indeed > solve the memory leak issue. > > rbz# 1780470 > > > _______________________________________________ > CentOS-devel mailing list > CentOS-devel at centos.org > https://lists.centos.org/mailman/listinfo/centos-devel > -- Carl George -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20200108/45efc96a/attachment-0004.html>