IPSec / xfrm memory leak found
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| linux (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Hi everybody.
there is a memory leak in the current kernels since 4.15 (maybe olders as well) in combination with IPSec. I verified it with kernel linux-meta 4.15.0.70.72 on Ubuntu 18.04.
As Strongswan is used and users login / logout, being connected and doing traffic memory gets lost. After a while no memory is left over and OOM killer starts it work.
After some debugging and asking in the Strongswan irc channel I was informed that there was a memory leak found in net/xfrm/
https:/
I applied this patch against the linux-meta 4.15.0.70.72 and it fixes the issue.
Tested and verified on and with:
Ubuntu 18.04.3 LTS
strongswan-
linux-image-
Here are some additional information:
https://<email address hidden>/
https:/
it also is reproducible with hwe and hwe-edge kernel as well as with other strongswan version. I also backported latest Ubuntu version of strongswan to 18.04 which has same behavior. On a completely different system (Gentoo) it also is the case. So I'm really sure that this is related to the reported kernel thing which is already solve in current mainline
| Bernd Schütte (pent1ckel) wrote | #1 |
| affects: | linux (Ubuntu) → linux-meta (Ubuntu) |
| affects: | linux-meta (Ubuntu) → linux (Ubuntu) |
| Bernd Schütte (pent1ckel) wrote | #2 |
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in linux (Ubuntu): | |
| status: | New → Confirmed |
| Stefan Bader (smb) wrote | #4 |
package was not taken correctly