ACK/Cmnt: [SRU] [Jammy] [PATCH 0/1] UBUNTU: audit: fix memory leak of audit_log_lsm()
Jianlin Lv
iecedge at gmail.com
Wed Feb 22 07:25:19 UTC 2023
On Wed, Feb 22, 2023 at 12:18 AM Tim Gardner <tim.gardner at canonical.com> wrote:
>
> On 2/17/23 10:05 AM, Jianlin Lv wrote:
> > BugLink: https://bugs.launchpad.net/bugs/1987430
> >
> > [Impact]
> >
> > Under upgrading server to Ubuntu 22.04 with kernel 5.15.0-XX, memory
> > started to ramp up slowly that growth ~1 GB a day.
> >
> > [Fix]
> >
> > The memory leak is an allocated struct audit_buffer object in
> > audit_log_lsm() that to record LSM attributes.
> > Free audit buffer before audit_log_lsm() return.
> >
> > [Test Plan]
> >
> > 1.Disable apparmor module by append apparmor=0 to grub
> >
> > 2.Start auditd service with following audit rule:
> > -a exit,always -F arch=b64 -S execve
> > -a exit,always -F arch=b32 -S execve
> >
> > 3.Using Kmemleak to check if memory leak has occurred
> > $ cat /sys/kernel/debug/kmemleak
> > or Keep watching for changes in slabinfo
> > $ watch "sudo cat /proc/slabinfo | grep kmalloc-2k"
> >
> > Jianlin Lv (1):
> > UBUNTU: audit: fix memory leak of audit_log_lsm()
> >
> > kernel/auditsc.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> Acked-by: Tim Gardner <tim.gardner at canonical.com>
>
> Have you reported this upstream ?
>
> We could carry this patch, but it needs SAUCE: in the subject which can
> be added when the patch is applied.
This issue is introduced by 85ff537962 (UBUNTU: SAUCE: Audit: Add new
record for multiple process LSM attributes). The corresponding upstream
patches have not landed in the Linux kernel mainline.
In this case, Should I commit patches v2 with SAUCE?
> --
> -----------
> Tim Gardner
> Canonical, Inc
>
More information about the kernel-team
mailing list