from:"Bernd Schütte"

[Kernel-packages] [Bug 1853197] Re: Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection

2019-12-16 Thread Bernd Schütte

Tested 5.3.0-25-generic on Eoan and it fixes the memory leak there as
well.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1853197

Title:
  Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection

Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Bionic:
  Fix Committed
Status in linux source package in Disco:
  Fix Committed
Status in linux source package in Eoan:
  Fix Committed

Bug description:
  [SRU Justification]

  == Impact ==

  An upstream change in v4.11 made xfrm loose memory (8 pages per ipsec 
connection). This was fixed in v5.4 by:
commit 86c6739eda7d "xfrm: Fix memleak on xfrm state destroy"

  == Fix ==

  Pick the upstream fix into all affected series.

  == Testcase ==

  see below

  == Risk of Regression ==

  Low, the change adds a single memory release case in one driver. The
  effect can be verified.

  ---

  Ubuntu linux distro, 4.15.0-62 kernel, server platform.
  This OS is used as an IPSec VPN gateway.  It serves up to several hundred 
concurrent connections

  In an attempt to upgrade from the 4.4 kernel to 4.15, the team noticed
  that VPN gateway VMs were running out of physical memory after 12-48
  hours, depending on load.

  Attachments from a server machine in this state in attached leakinfo.txt
  output of free -t
  output of /proc/meminfo in out of memory condition
  output of /slabtop -o -sc
  /sys/kernel/debug/page_owner sorted and aggregated after server ran for 12 
hrs and ran out of memory
  Patches for 4.15 and 5.4

  Highlight from page_owner, we can see the leak is a buffer associated
  with the ipsec impelementation.  Each connection leaks 32k of memory
  via alloc_page with order=3

  100960 times:
  Page allocated via order 3, mask 
0x1085220(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP)
   get_page_from_freelist+0xd64/0x1250
   __alloc_pages_nodemask+0x11c/0x2e0
   alloc_pages_current+0x6a/0xe0
   skb_page_frag_refill+0x71/0x100
   esp_output_head+0x265/0x3e0 [esp4]
   esp_output+0xbc/0x180 [esp4]
   xfrm_output_resume+0x179/0x530
   xfrm_output+0x8e/0x230
   xfrm4_output_finish+0x2b/0x30
   __xfrm4_output+0x3a/0x50
   xfrm4_output+0x43/0xc0
   ip_forward_finish+0x51/0x80
   ip_forward+0x38a/0x480
   ip_rcv_finish+0x122/0x410
   ip_rcv+0x292/0x360
   __netif_receive_skb_core+0x815/0xbd0

  Patch to fix this issue in 4.15 (tested and verified on same server 
exhibiting above leak):
  diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
  index 728272f..7842f83 100644
  --- a/net/xfrm/xfrm_state.c
  +++ b/net/xfrm/xfrm_state.c
  @@ -451,6 +451,10 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x)
  }
  xfrm_dev_state_free(x);
  security_xfrm_state_free(x);
  +
  +   if(x->xfrag.page)
  +   put_page(x->xfrag.page);
  +
  kfree(x);
  }

  Patch for master branch (5.4 I believe) from Paul Wouters
  (p...@nohats.ca)

  diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
  index c6f3c4a1bd99..f3423562d933 100644
  --- a/net/xfrm/xfrm_state.c
  +++ b/net/xfrm/xfrm_state.c
  @@ -495,6 +495,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
  x->type->destructor(x);
  xfrm_put_type(x->type);
  }
  + if (x->xfrag.page)
  + put_page(x->xfrag.page);
  xfrm_dev_state_free(x);
  security_xfrm_state_free(x);
  xfrm_state_free(x);

  Severity:  Critical - we are unable to use any kernel later than 4.11,
  and are sticking with 4.4 in production.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1853197/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1853197] Re: Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection

2019-12-11 Thread Bernd Schütte

Does it help when we test disco and eoan as well? The test case is very
easy and those kernels are affected as well.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1853197

Title:
  Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection

Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Bionic:
  Fix Committed
Status in linux source package in Disco:
  Fix Committed
Status in linux source package in Eoan:
  Fix Committed

Bug description:
  [SRU Justification]

  == Impact ==

  An upstream change in v4.11 made xfrm loose memory (8 pages per ipsec 
connection). This was fixed in v5.4 by:
commit 86c6739eda7d "xfrm: Fix memleak on xfrm state destroy"

  == Fix ==

  Pick the upstream fix into all affected series.

  == Testcase ==

  see below

  == Risk of Regression ==

  Low, the change adds a single memory release case in one driver. The
  effect can be verified.

  ---

  Ubuntu linux distro, 4.15.0-62 kernel, server platform.
  This OS is used as an IPSec VPN gateway.  It serves up to several hundred 
concurrent connections

  In an attempt to upgrade from the 4.4 kernel to 4.15, the team noticed
  that VPN gateway VMs were running out of physical memory after 12-48
  hours, depending on load.

  Attachments from a server machine in this state in attached leakinfo.txt
  output of free -t
  output of /proc/meminfo in out of memory condition
  output of /slabtop -o -sc
  /sys/kernel/debug/page_owner sorted and aggregated after server ran for 12 
hrs and ran out of memory
  Patches for 4.15 and 5.4

  Highlight from page_owner, we can see the leak is a buffer associated
  with the ipsec impelementation.  Each connection leaks 32k of memory
  via alloc_page with order=3

  100960 times:
  Page allocated via order 3, mask 
0x1085220(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP)
   get_page_from_freelist+0xd64/0x1250
   __alloc_pages_nodemask+0x11c/0x2e0
   alloc_pages_current+0x6a/0xe0
   skb_page_frag_refill+0x71/0x100
   esp_output_head+0x265/0x3e0 [esp4]
   esp_output+0xbc/0x180 [esp4]
   xfrm_output_resume+0x179/0x530
   xfrm_output+0x8e/0x230
   xfrm4_output_finish+0x2b/0x30
   __xfrm4_output+0x3a/0x50
   xfrm4_output+0x43/0xc0
   ip_forward_finish+0x51/0x80
   ip_forward+0x38a/0x480
   ip_rcv_finish+0x122/0x410
   ip_rcv+0x292/0x360
   __netif_receive_skb_core+0x815/0xbd0

  Patch to fix this issue in 4.15 (tested and verified on same server 
exhibiting above leak):
  diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
  index 728272f..7842f83 100644
  --- a/net/xfrm/xfrm_state.c
  +++ b/net/xfrm/xfrm_state.c
  @@ -451,6 +451,10 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x)
  }
  xfrm_dev_state_free(x);
  security_xfrm_state_free(x);
  +
  +   if(x->xfrag.page)
  +   put_page(x->xfrag.page);
  +
  kfree(x);
  }

  Patch for master branch (5.4 I believe) from Paul Wouters
  (p...@nohats.ca)

  diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
  index c6f3c4a1bd99..f3423562d933 100644
  --- a/net/xfrm/xfrm_state.c
  +++ b/net/xfrm/xfrm_state.c
  @@ -495,6 +495,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
  x->type->destructor(x);
  xfrm_put_type(x->type);
  }
  + if (x->xfrag.page)
  + put_page(x->xfrag.page);
  xfrm_dev_state_free(x);
  security_xfrm_state_free(x);
  xfrm_state_free(x);

  Severity:  Critical - we are unable to use any kernel later than 4.11,
  and are sticking with 4.4 in production.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1853197/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1853197] Re: Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection

2019-12-08 Thread Bernd Schütte

it is running for five days and memory consumption looks normal (not
leaking)

** Changed in: linux (Ubuntu Bionic)
   Status: Fix Committed => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1853197

Title:
  Memory leak in net/xfrm/xfrm_state.c - 8 pages per ipsec connection

Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Bionic:
  Confirmed
Status in linux source package in Disco:
  Fix Committed
Status in linux source package in Eoan:
  Fix Committed

Bug description:
  [SRU Justification]

  == Impact ==

  An upstream change in v4.11 made xfrm loose memory (8 pages per ipsec 
connection). This was fixed in v5.4 by:
commit 86c6739eda7d "xfrm: Fix memleak on xfrm state destroy"

  == Fix ==

  Pick the upstream fix into all affected series.

  == Testcase ==

  see below

  == Risk of Regression ==

  Low, the change adds a single memory release case in one driver. The
  effect can be verified.

  ---

  Ubuntu linux distro, 4.15.0-62 kernel, server platform.
  This OS is used as an IPSec VPN gateway.  It serves up to several hundred 
concurrent connections

  In an attempt to upgrade from the 4.4 kernel to 4.15, the team noticed
  that VPN gateway VMs were running out of physical memory after 12-48
  hours, depending on load.

  Attachments from a server machine in this state in attached leakinfo.txt
  output of free -t
  output of /proc/meminfo in out of memory condition
  output of /slabtop -o -sc
  /sys/kernel/debug/page_owner sorted and aggregated after server ran for 12 
hrs and ran out of memory
  Patches for 4.15 and 5.4

  Highlight from page_owner, we can see the leak is a buffer associated
  with the ipsec impelementation.  Each connection leaks 32k of memory
  via alloc_page with order=3

  100960 times:
  Page allocated via order 3, mask 
0x1085220(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP)
   get_page_from_freelist+0xd64/0x1250
   __alloc_pages_nodemask+0x11c/0x2e0
   alloc_pages_current+0x6a/0xe0
   skb_page_frag_refill+0x71/0x100
   esp_output_head+0x265/0x3e0 [esp4]
   esp_output+0xbc/0x180 [esp4]
   xfrm_output_resume+0x179/0x530
   xfrm_output+0x8e/0x230
   xfrm4_output_finish+0x2b/0x30
   __xfrm4_output+0x3a/0x50
   xfrm4_output+0x43/0xc0
   ip_forward_finish+0x51/0x80
   ip_forward+0x38a/0x480
   ip_rcv_finish+0x122/0x410
   ip_rcv+0x292/0x360
   __netif_receive_skb_core+0x815/0xbd0

  Patch to fix this issue in 4.15 (tested and verified on same server 
exhibiting above leak):
  diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
  index 728272f..7842f83 100644
  --- a/net/xfrm/xfrm_state.c
  +++ b/net/xfrm/xfrm_state.c
  @@ -451,6 +451,10 @@ static void xfrm_state_gc_destroy(struct xfrm_state *x)
  }
  xfrm_dev_state_free(x);
  security_xfrm_state_free(x);
  +
  +   if(x->xfrag.page)
  +   put_page(x->xfrag.page);
  +
  kfree(x);
  }

  Patch for master branch (5.4 I believe) from Paul Wouters
  (p...@nohats.ca)

  diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
  index c6f3c4a1bd99..f3423562d933 100644
  --- a/net/xfrm/xfrm_state.c
  +++ b/net/xfrm/xfrm_state.c
  @@ -495,6 +495,8 @@ static void ___xfrm_state_destroy(struct xfrm_state *x)
  x->type->destructor(x);
  xfrm_put_type(x->type);
  }
  + if (x->xfrag.page)
  + put_page(x->xfrag.page);
  xfrm_dev_state_free(x);
  security_xfrm_state_free(x);
  xfrm_state_free(x);

  Severity:  Critical - we are unable to use any kernel later than 4.11,
  and are sticking with 4.4 in production.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1853197/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1854315] Re: IPSec / xfrm memory leak found

2019-11-28 Thread Bernd Schütte

some additional hints and reports.

https://lore.kernel.org/netdev/CAMnf+Ph-Bx=wzxtpxuc8h6vxtdf-7z52ywdrt9gm6wn0x14...@mail.gmail.com/
https://lore.kernel.org/netdev/CAMnf+PjGq2qsZzg=+H5Z5kO+PSQbo=R0MHW5rv1CWrqoS=b...@mail.gmail.com/

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1854315

Title:
IPSec / xfrm memory leak found

Status in linux package in Ubuntu:
Confirmed

Bug description:
Hi everybody.

there is a memory leak in the current kernels since 4.15 (maybe olders
as well) in combination with IPSec. I verified it with kernel linux-
meta 4.15.0.70.72 on Ubuntu 18.04.

As Strongswan is used and users login / logout, being connected and
doing traffic memory gets lost. After a while no memory is left over
and OOM killer starts it work.

After some debugging and asking in the Strongswan irc channel I was informed
that there was a memory leak found in net/xfrm/xfrm_state.c which might be
related. Here is the commit to this fix:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=86c6739eda7d2a03f2db30cbee67a5fb81afa8ba

I applied this patch against the linux-meta 4.15.0.70.72 and it fixes
the issue.

Tested and verified on and with:
Ubuntu 18.04.3 LTS
strongswan-5.6.2-1ubuntu2.4
linux-image-generic-4.15.0.70.72

Here are some additional information:
https://lore.kernel.org/netdev/2019062832.gp13...@gauss3.secunet.de/
https://marc.info/?l=linux-netdev=157405892918311=2

it also is reproducible with hwe and hwe-edge kernel as well as with
other strongswan version. I also backported latest Ubuntu version of
strongswan to 18.04 which has same behavior. On a completely different
system (Gentoo) it also is the case. So I'm really sure that this is
related to the reported kernel thing which is already solve in current
mainline

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1854315/+subscriptions

--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1854315] [NEW] IPSec / xfrm memory leak found

2019-11-27 Thread Bernd Schütte

Public bug reported:

Hi everybody.

there is a memory leak in the current kernels since 4.15 (maybe olders
as well) in combination with IPSec. I verified it with kernel linux-meta
4.15.0.70.72 on Ubuntu 18.04.

As Strongswan is used and users login / logout, being connected and
doing traffic memory gets lost. After a while no memory is left over and
OOM killer starts it work.

After some debugging and asking in the Strongswan irc channel I was informed
that there was a memory leak found in net/xfrm/xfrm_state.c which might be
related. Here is the commit to this fix:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=86c6739eda7d2a03f2db30cbee67a5fb81afa8ba

I applied this patch against the linux-meta 4.15.0.70.72 and it fixes
the issue.

Tested and verified on and with:
Ubuntu 18.04.3 LTS
strongswan-5.6.2-1ubuntu2.4
linux-image-generic-4.15.0.70.72

Here are some additional information:
https://lore.kernel.org/netdev/2019062832.gp13...@gauss3.secunet.de/
https://marc.info/?l=linux-netdev=157405892918311=2

** Affects: linux-meta (Ubuntu)
Importance: Undecided
Status: New

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1854315

Title:
IPSec / xfrm memory leak found

Status in linux-meta package in Ubuntu:
New

Bug description:
Hi everybody.

there is a memory leak in the current kernels since 4.15 (maybe olders
as well) in combination with IPSec. I verified it with kernel linux-
meta 4.15.0.70.72 on Ubuntu 18.04.

As Strongswan is used and users login / logout, being connected and
doing traffic memory gets lost. After a while no memory is left over
and OOM killer starts it work.

After some debugging and asking in the Strongswan irc channel I was informed
that there was a memory leak found in net/xfrm/xfrm_state.c which might be
related. Here is the commit to this fix:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=86c6739eda7d2a03f2db30cbee67a5fb81afa8ba

I applied this patch against the linux-meta 4.15.0.70.72 and it fixes
the issue.

Tested and verified on and with:
Ubuntu 18.04.3 LTS
strongswan-5.6.2-1ubuntu2.4
linux-image-generic-4.15.0.70.72

Here are some additional information:
https://lore.kernel.org/netdev/2019062832.gp13...@gauss3.secunet.de/
https://marc.info/?l=linux-netdev=157405892918311=2

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1854315/+subscriptions

[Kernel-packages] [Bug 1854315] Re: IPSec / xfrm memory leak found

2019-11-27 Thread Bernd Schütte

package was not taken correctly

** Package changed: linux (Ubuntu) => linux-meta (Ubuntu)

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1854315