From f79b97147e4cba787b95f8a87c5549c7c0b33837 Mon Sep 17 00:00:00 2001
From: yixiangzhike <yixiangzhike007@163.com>
Date: Mon, 25 Aug 2025 19:14:07 +0800
Subject: [PATCH] fix nss coredump

---
 ...ort-SSS_CLIENT-MC-simplify-logic-and.patch | 89 +++++++++++++++++++
 sssd.spec                                     |  6 +-
 2 files changed, 94 insertions(+), 1 deletion(-)
 create mode 100644 backport-SSS_CLIENT-MC-simplify-logic-and.patch

diff --git a/backport-SSS_CLIENT-MC-simplify-logic-and.patch b/backport-SSS_CLIENT-MC-simplify-logic-and.patch
new file mode 100644
index 0000000..7229287
--- /dev/null
+++ b/backport-SSS_CLIENT-MC-simplify-logic-and.patch
@@ -0,0 +1,89 @@
+From 878e5d62719483c435a4ad415a4bf10e0a93dc58 Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Fri, 25 Jul 2025 11:53:13 +0200
+Subject: [PATCH] SSS_CLIENT:MC: simplify logic and
+
+fix potential race condition in `sss_nss_mc_get_ctx()`
+
+Resolves: https://github.com/SSSD/sssd/issues/7967
+
+Reviewed-by: Justin Stephenson <jstephen@redhat.com>
+Reviewed-by: Sumit Bose <sbose@redhat.com>
+---
+ src/sss_client/nss_mc.h        |  2 +-
+ src/sss_client/nss_mc_common.c | 20 ++++++--------------
+ 2 files changed, 7 insertions(+), 15 deletions(-)
+
+diff --git a/src/sss_client/nss_mc.h b/src/sss_client/nss_mc.h
+index 1ff96e38f..b98bf81c3 100644
+--- a/src/sss_client/nss_mc.h
++++ b/src/sss_client/nss_mc.h
+@@ -49,7 +49,7 @@ enum sss_mc_state {
+  * `SSS_CLI_MC_CTX_INITIALIZER` and `sss_nss_mc_destroy_ctx()`.
+  */
+ struct sss_cli_mc_ctx {
+-    enum sss_mc_state initialized;
++    _Atomic(enum sss_mc_state) initialized;
+ #if HAVE_PTHREAD
+     pthread_mutex_t *mutex;
+ #endif
+diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c
+index 17683ac0e..1dad6c626 100644
+--- a/src/sss_client/nss_mc_common.c
++++ b/src/sss_client/nss_mc_common.c
+@@ -249,27 +249,20 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx)
+ {
+     char *envval;
+     int ret;
+-    bool need_decrement = false;
+ 
+     envval = getenv("SSS_NSS_USE_MEMCACHE");
+     if (envval && strcasecmp(envval, "NO") == 0) {
+         return EPERM;
+     }
+ 
++    __sync_add_and_fetch(&ctx->active_threads, 1);
++
+     switch (ctx->initialized) {
+     case UNINITIALIZED:
+-        __sync_add_and_fetch(&ctx->active_threads, 1);
+         ret = sss_nss_mc_init_ctx(name, ctx);
+-        if (ret) {
+-            need_decrement = true;
+-        }
+         break;
+     case INITIALIZED:
+-        __sync_add_and_fetch(&ctx->active_threads, 1);
+         ret = sss_nss_check_header(ctx);
+-        if (ret) {
+-            need_decrement = true;
+-        }
+         break;
+     case RECYCLED:
+         /* we need to safely destroy memory cache */
+@@ -283,7 +276,8 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx)
+         if (ctx->initialized == INITIALIZED) {
+             ctx->initialized = RECYCLED;
+         }
+-        if (ctx->initialized == RECYCLED && ctx->active_threads == 0) {
++        if (ctx->initialized == RECYCLED &&
++            (__sync_fetch_and_add(&ctx->active_threads, 0) == 1)) {
+             /* just one thread should call munmap */
+             sss_mt_lock(ctx);
+             if (ctx->initialized == RECYCLED) {
+@@ -291,10 +285,8 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx)
+             }
+             sss_mt_unlock(ctx);
+         }
+-        if (need_decrement) {
+-            /* In case of error, we will not touch mmapped area => decrement */
+-            __sync_sub_and_fetch(&ctx->active_threads, 1);
+-        }
++        /* In case of error, we will not touch mmapped area => decrement */
++        __sync_sub_and_fetch(&ctx->active_threads, 1);
+     }
+     return ret;
+ }
+-- 
+2.43.0
+
diff --git a/sssd.spec b/sssd.spec
index 7849ede..5b58830 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -8,7 +8,7 @@
 
 Name: sssd
 Version: 2.9.4
-Release: 13
+Release: 14
 Summary: System Security Services Daemon
 License: GPL-3.0-or-later
 URL: https://github.com/SSSD/sssd/
@@ -33,6 +33,7 @@ Patch0016: backport-KCM-fix-memory-leak.patch
 Patch0017: backport-ldap_child-make-sure-invalid-krb5-context-is-not-use.patch
 Patch0018: backport-PAM-fix-issue-found-by-Coverity.patch
 Patch0019: backport-pam_sss-add-some-missing-cleanup-calls.patch
+Patch0020: backport-SSS_CLIENT-MC-simplify-logic-and.patch
 
 Requires: sssd-ad = %{version}-%{release}
 Requires: sssd-common = %{version}-%{release}
@@ -932,6 +933,9 @@ fi
 %systemd_postun_with_restart sssd.service
 
 %changelog
+* Tue Aug 26 2025 yixiangzhike <yixiangzhike007@163.com> - 2.9.4-14
+- backport upstream patch to fix nss coredump
+
 * Mon Aug 11 2025 Linux_zhang <zhangruifang@h-partners.com> - 2.9.4-13
 - backport upstream patches
 
-- 
Gitee