summaryrefslogtreecommitdiffstats
path: root/main/linux-grsec/xfrm-cache-size-revert.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/linux-grsec/xfrm-cache-size-revert.patch')
-rw-r--r--main/linux-grsec/xfrm-cache-size-revert.patch12
1 files changed, 12 insertions, 0 deletions
diff --git a/main/linux-grsec/xfrm-cache-size-revert.patch b/main/linux-grsec/xfrm-cache-size-revert.patch
new file mode 100644
index 00000000..c8fcbd0d
--- /dev/null
+++ b/main/linux-grsec/xfrm-cache-size-revert.patch
@@ -0,0 +1,12 @@
+diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
+index 74fb2eb..e158860 100644
+--- a/net/ipv4/xfrm4_policy.c
++++ b/net/ipv4/xfrm4_policy.c
+@@ -308,7 +308,6 @@ void __init xfrm4_init(int rt_max_size)
+ * That will let us store an ipsec connection per route table entry,
+ * and start cleaning when were 1/2 full
+ */
+- xfrm4_dst_ops.gc_thresh = rt_max_size/2;
+ #ifdef CONFIG_SYSCTL
+ sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv4_ctl_path,
+ xfrm4_policy_table);