I am able to reproduce this issue on 5.15.0-52-generic. However, it
seems to be hidden in 5.15.0-53-generic by this commit:
39cce16cfeed UBUNTU: SAUCE: LSM: Change Landlock from LSMBLOB_NEEDED to
LSMBLOB_NOT_NEEDED
Applying this commit on its own on top of 5.15.0-52-generic stops the
memory leak in the test case described by Matthew in #8. This is
coincidental, since now with apparmor=0 no lsmblob slots are assigned.
Thus as JianlinLv mentions in #12, lsm_multiple_contexts() will return
false, and audit_log_lsm() will exit before any memory is allocated.
Before this commit, landlock was assigned 3 lsmblob slots that did not use the
task_getsecid_obj hook (from dmesg with lsm.debug=1):
[ 0.155733] LSM: landlock assigned lsmblob slot 0
[ 0.155733] LSM: landlock assigned lsmblob slot 1
[ 0.155733] LSM: landlock assigned lsmblob slot 2
Thus, before 5.15.0-53, lsm_multiple_contexts() would return true and
there would be no early exit before memory allocation. With apparmor
disabled, the only LSM modules registered to use lsmblob slots would be
ones that did not implement the task_getsecid_subj hook, so the
localblob variable would not get set by anyone. Hence, there would be
this other early exit (post-allocation) in audit_log_lsm()...
if (blob == NULL) {
security_task_getsecid_subj(current, &localblob);
if (!lsmblob_is_set(&localblob))
return;
...
}
... which is one of the two locations addressed by the patch.
The above commit introduced in 5.15.0-53 does not fix the underlying
problem, but the underlying problem is resolved by JianlinLv's patch.
The patch has received its two ACKs on the SRU mailing list and is
pending application.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1987430
Title:
Ubuntu 22.04 kernel 5.15.0-46-generic leaks kernel memory in
kmalloc-2k slabs
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Jammy:
In Progress
Status in linux source package in Kinetic:
In Progress
Bug description:
Since updating to kernel 5.15.0-46-generic (package version
5.15.0-46.49), all of our Ubuntu 22.04 LTS servers are leaking kernel
memory; our first server with 8 GB of RAM just fatally OOMed, causing
us to detect this. Inspection of OOM reports, /proc/meminfo, and
/proc/slabinfo says that it's mostly going to unreclaimable kmalloc-2k
slabs:
Aug 23 12:51:11 cluster kernel: [361299.864757] Unreclaimable slab
info:
Aug 23 12:51:11 cluster kernel: [361299.864757] Name
Used Total
[...]
Aug 23 12:51:11 cluster kernel: [361299.864924] kmalloc-2k
6676584KB 6676596KB
Most of our machines appear to be leaking slab memory at a rate of
around 20 to 40 Mbytes/hour, with some machines leaking much faster;
the champions are leaking kernel memory at 145 Mbytes/hour and 237
Mbytes/hour.
We aren't running any proprietary kernel modules and our only unusual
kernel configuration is that we've disabled AppArmor with 'apparmor=0'
on the kernel command line.
/proc/version_signature:
Ubuntu 5.15.0-46.49-generic 5.15.39
Full kernel command line from the Dell R240 system that fatally OOMd:
BOOT_IMAGE=/boot/vmlinuz-5.15.0-46-generic
root=UUID=3165564f-a2dd-4b39-935b-114f3e23ff54 ro console=ttyS0,115200
console=tty0 apparmor=0
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1987430/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
