** Description changed:
[Impact]
There are two memory leaks in the sssd-kcm package in Ubuntu 24.04 (Noble).
The problem happens when users login or renew tickets. The struct sss_sec_ctx
stays in memory and does not clean up.
Both are already patched upstream, and applied to the sssd-2-9-4 branch.
Applying these backports into Noble's package can prevent the memory
leaks from affecting Ubuntu users. Both patches are already in Resolute
and Stonking, since they are based on 2.12.0.
PR #7823 - https://github.com/SSSD/sssd/pull/7823
PR #7834 - https://github.com/SSSD/sssd/pull/7834
+ [Test Plan]
+
+ Install dependencies and set up:
+
+ ```
+ # 1. Install deps
+ apt update && apt install -y krb5-kdc krb5-user krb5-admin-server sssd-kcm
+
+ # When prompted, put in TEST.COM, localhost, and localhost for krb5.
+
+ sleep 2
+
+ # 2. Create the database
+ kdb5_util create -s -P password123
+ sleep 2
+ systemctl restart krb5-kdc
+
+ # 3. Create test users
+ useradd -m testkcm0
+ useradd -m testkcm1
+
+ # 4. Create users and keytabs
+ mkdir -p /etc/kcmtest/
+ for i in {0..1}; do
+ kadmin.local -q "addprinc -randkey testkcm$i"
+ kadmin.local -q "ktadd -k /etc/kcmtest/$i.keytab testkcm$i"
+ chown testkcm$i /etc/kcmtest/$i.keytab
+ done
+ ```
+
+ Observe the memory leak:
+
+ ```
+ #!/bin/bash
+
+ # Launch User 0 Loop
+ sudo -u testkcm0 bash -c '
+ export KRB5CCNAME=KCM:
+ while :; do
+ kinit -k -t /etc/kcmtest/0.keytab testkcm0
+ kdestroy -A
+ sleep 0.1
+ done' &
+
+ # Launch User 1 Loop
+ sudo -u testkcm1 bash -c '
+ export KRB5CCNAME=KCM:
+ while :; do
+ kinit -k -t /etc/kcmtest/1.keytab testkcm1
+ kdestroy -A
+ sleep 0.1
+ done' &
+
+ watch -n 10 "ps -C sssd_kcm -o pid=,rss=,etime="
+ wait
+ ```
+
+ On the unpatched version, the memory leak causes the memory usage to
+ rise every time.
+
+ On the patched version, memory might rise for the first few checks, but
+ will soon level off.
+
+ [Where problems could occur]
+
+ Patch 1:
+
+ It is conceivable, but very unlikely, that the first patch introduces a
+ use after free. Currently, this is impossible as the data isn't modified
+ below, but refactors to use a direct pointer instead of a copy could
+ result in memory corruption.
+
+ Patch 2:
+
+ It is unlikely this will cause any regression. This patch simply ensures
+ the memory is freed on every control path. Previously, memory was not
+ freed in abnormal exits.
+
[Additional Info]
Commits upstream (master branch):
https://github.com/SSSD/sssd/commit/7f1b7c9689827df92e8b2166423d4e80688dbacb
https://github.com/SSSD/sssd/commit/9e72bc242b600158d7920b2b98644efa42fd1ffa
Backports to the sssd-2-9-4 branch:
https://github.com/SSSD/sssd/commit/58547f020a634cdda4aad0ee350aeb4a894f6669
https://github.com/SSSD/sssd/commit/85469a77c232f2fe0b95376fe51e3900ab9e9bf0
** Changed in: sssd (Ubuntu Noble)
Status: Confirmed => In Progress
** Changed in: sssd (Ubuntu Questing)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2150664
Title:
[SRU] Backport fixes for sssd-kcm memory leak (PR #7823, #7834) in
Noble
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/2150664/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
