Public bug reported: Hi everybody.
there is a memory leak in the current kernels since 4.15 (maybe olders as well) in combination with IPSec. I verified it with kernel linux-meta 4.15.0.70.72 on Ubuntu 18.04. As Strongswan is used and users login / logout, being connected and doing traffic memory gets lost. After a while no memory is left over and OOM killer starts it work. After some debugging and asking in the Strongswan irc channel I was informed that there was a memory leak found in net/xfrm/xfrm_state.c which might be related. Here is the commit to this fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=86c6739eda7d2a03f2db30cbee67a5fb81afa8ba I applied this patch against the linux-meta 4.15.0.70.72 and it fixes the issue. Tested and verified on and with: Ubuntu 18.04.3 LTS strongswan-5.6.2-1ubuntu2.4 linux-image-generic-4.15.0.70.72 Here are some additional information: https://lore.kernel.org/netdev/20191111062832.gp13...@gauss3.secunet.de/ https://marc.info/?l=linux-netdev&m=157405892918311&w=2 it also is reproducible with hwe and hwe-edge kernel as well as with other strongswan version. I also backported latest Ubuntu version of strongswan to 18.04 which has same behavior. On a completely different system (Gentoo) it also is the case. So I'm really sure that this is related to the reported kernel thing which is already solve in current mainline ** Affects: linux-meta (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1854315 Title: IPSec / xfrm memory leak found Status in linux-meta package in Ubuntu: New Bug description: Hi everybody. there is a memory leak in the current kernels since 4.15 (maybe olders as well) in combination with IPSec. I verified it with kernel linux- meta 4.15.0.70.72 on Ubuntu 18.04. As Strongswan is used and users login / logout, being connected and doing traffic memory gets lost. After a while no memory is left over and OOM killer starts it work. After some debugging and asking in the Strongswan irc channel I was informed that there was a memory leak found in net/xfrm/xfrm_state.c which might be related. Here is the commit to this fix: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=86c6739eda7d2a03f2db30cbee67a5fb81afa8ba I applied this patch against the linux-meta 4.15.0.70.72 and it fixes the issue. Tested and verified on and with: Ubuntu 18.04.3 LTS strongswan-5.6.2-1ubuntu2.4 linux-image-generic-4.15.0.70.72 Here are some additional information: https://lore.kernel.org/netdev/20191111062832.gp13...@gauss3.secunet.de/ https://marc.info/?l=linux-netdev&m=157405892918311&w=2 it also is reproducible with hwe and hwe-edge kernel as well as with other strongswan version. I also backported latest Ubuntu version of strongswan to 18.04 which has same behavior. On a completely different system (Gentoo) it also is the case. So I'm really sure that this is related to the reported kernel thing which is already solve in current mainline To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1854315/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
