diff --git a/backport-SSS_CLIENT-MC-simplify-logic-and.patch b/backport-SSS_CLIENT-MC-simplify-logic-and.patch new file mode 100644 index 0000000000000000000000000000000000000000..60a8b2e89290ea905e4ef9879313239986636405 --- /dev/null +++ b/backport-SSS_CLIENT-MC-simplify-logic-and.patch @@ -0,0 +1,89 @@ +From 878e5d62719483c435a4ad415a4bf10e0a93dc58 Mon Sep 17 00:00:00 2001 +From: Alexey Tikhonov +Date: Fri, 25 Jul 2025 11:53:13 +0200 +Subject: [PATCH] SSS_CLIENT:MC: simplify logic and + +fix potential race condition in `sss_nss_mc_get_ctx()` + +Resolves: https://github.com/SSSD/sssd/issues/7967 + +Reviewed-by: Justin Stephenson +Reviewed-by: Sumit Bose +--- + src/sss_client/nss_mc.h | 2 +- + src/sss_client/nss_mc_common.c | 20 ++++++-------------- + 2 files changed, 7 insertions(+), 15 deletions(-) + +diff --git a/src/sss_client/nss_mc.h b/src/sss_client/nss_mc.h +index a39d45f..11e683f 100644 +--- a/src/sss_client/nss_mc.h ++++ b/src/sss_client/nss_mc.h +@@ -41,7 +41,7 @@ enum sss_mc_state { + + /* common stuff */ + struct sss_cli_mc_ctx { +- enum sss_mc_state initialized; ++ _Atomic(enum sss_mc_state) initialized; + int fd; + + uint32_t seed; /* seed from the tables header */ +diff --git a/src/sss_client/nss_mc_common.c b/src/sss_client/nss_mc_common.c +index dd74b4f..832d4ca 100644 +--- a/src/sss_client/nss_mc_common.c ++++ b/src/sss_client/nss_mc_common.c +@@ -199,27 +199,20 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx) + { + char *envval; + int ret; +- bool need_decrement = false; + + envval = getenv("SSS_NSS_USE_MEMCACHE"); + if (envval && strcasecmp(envval, "NO") == 0) { + return EPERM; + } + ++ __sync_add_and_fetch(&ctx->active_threads, 1); ++ + switch (ctx->initialized) { + case UNINITIALIZED: +- __sync_add_and_fetch(&ctx->active_threads, 1); + ret = sss_nss_mc_init_ctx(name, ctx); +- if (ret) { +- need_decrement = true; +- } + break; + case INITIALIZED: +- __sync_add_and_fetch(&ctx->active_threads, 1); + ret = sss_nss_check_header(ctx); +- if (ret) { +- need_decrement = true; +- } + break; + case RECYCLED: + /* we need to safely destroy memory cache */ +@@ -233,7 +226,8 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx) + if (ctx->initialized == INITIALIZED) { + ctx->initialized = RECYCLED; + } +- if (ctx->initialized == RECYCLED && ctx->active_threads == 0) { ++ if (ctx->initialized == RECYCLED && ++ (__sync_fetch_and_add(&ctx->active_threads, 0) == 1)) { + /* just one thread should call munmap */ + sss_nss_mc_lock(); + if (ctx->initialized == RECYCLED) { +@@ -241,10 +235,8 @@ errno_t sss_nss_mc_get_ctx(const char *name, struct sss_cli_mc_ctx *ctx) + } + sss_nss_mc_unlock(); + } +- if (need_decrement) { +- /* In case of error, we will not touch mmapped area => decrement */ +- __sync_sub_and_fetch(&ctx->active_threads, 1); +- } ++ /* In case of error, we will not touch mmapped area => decrement */ ++ __sync_sub_and_fetch(&ctx->active_threads, 1); + } + return ret; + } +-- +2.43.0 + diff --git a/sssd.spec b/sssd.spec index 451916c31178724cf4217e92e5fbf1a06784a34e..a659fae314b473623b0c10cac924c8bda41f2203 100644 --- a/sssd.spec +++ b/sssd.spec @@ -1,6 +1,6 @@ Name: sssd Version: 2.6.1 -Release: 20 +Release: 21 Summary: System Security Services Daemon License: GPLv3+ and LGPLv3+ URL: https://pagure.io/SSSD/sssd/ @@ -67,6 +67,7 @@ Patch6057: backport-KCM-fix-memory-leak.patch Patch6058: backport-ldap_child-make-sure-invalid-krb5-context-is-not-use.patch Patch6059: backport-PAM-fix-issue-found-by-Coverity.patch Patch6060: backport-pam_sss-add-some-missing-cleanup-calls.patch +Patch6061: backport-SSS_CLIENT-MC-simplify-logic-and.patch Requires: python3-sssd = %{version}-%{release} Requires: libldb @@ -574,6 +575,9 @@ fi %systemd_postun_with_restart sssd.service %changelog +* Tue Aug 26 2025 yixiangzhike - 2.6.1-21 +- backport upstream patch to fix nss coredump + * Tue Aug 12 2025 Linux_zhang - 2.6.1-20 - backport upstream patches