From 09dc041596bd953a59c00d8032b1b3c8c28e695d Mon Sep 17 00:00:00 2001
From: Jesse Gross <jesse@nicira.com>
Date: Tue, 12 Mar 2013 12:36:03 -0700
Subject: [PATCH] datapath: Reduce loop limit by one to 4.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

We currently allow five trips through the kernel datapath
before dropping the packet to protect the stack.  However, there
have been a few reports recently involving tunneling that this is
still too much.  Although it's not a complete solution, this reduces
the limit by one to balance safety in common situations with
flexibility.

Bug #15477

Reported-by: Paul Ingram <paul@nicira.com>
Reported-by: 謝秉融 <faithfulman@gmail.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
---
 datapath/actions.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/datapath/actions.c b/datapath/actions.c
index bc126a7f5..0dac65860 100644
--- a/datapath/actions.c
+++ b/datapath/actions.c
@@ -532,7 +532,7 @@ static int do_execute_actions(struct datapath *dp, struct sk_buff *skb,
 
 /* We limit the number of times that we pass into execute_actions()
  * to avoid blowing out the stack in the event that we have a loop. */
-#define MAX_LOOPS 5
+#define MAX_LOOPS 4
 
 struct loop_counter {
 	u8 count;		/* Count. */
-- 
2.43.0