Bug 1555268 - [RFE] Kernel address space layout randomization [KASLR] support
Summary: [RFE] Kernel address space layout randomization [KASLR] support
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: unspecified
Hardware: All
OS: Linux
medium
high
Target Milestone: ovirt-4.2.3
: ---
Assignee: Michal Skrivanek
QA Contact: Israel Pinto
URL:
Whiteboard:
Depends On: 1555276 1290840 1395248 1398633 1411490 1424943 1493125 1519748
Blocks: 1288169 1298243 1317091 1522983 1469590 1568461 1568736
TreeView+ depends on / blocked
 
Reported: 2018-03-14 11:14 UTC by Jaroslav Suchanek
Modified: 2019-05-16 13:10 UTC (History)
44 users (show)

Fixed In Version: rhv-4.2.3-2
Doc Type: Enhancement
Doc Text:
Previously, Red Hat Enterprise Linux kernels had kernel address space layout randomization enabled by default. This feature prevented trouble-shooting and analysis of the guest's memory dumps. In the current feature, "vmcoreinfo" is enabled for all Linux guests. It allows a compatible kernel to export the debugging information so that the memory image can be analyzed.
Clone Of: 1395248
: 1568461 1568736 (view as bug list)
Environment:
Last Closed: 2018-05-15 17:48:31 UTC
oVirt Team: Virt
Target Upstream Version:
ipinto: testing_plan_complete+


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2018:1488 0 None None None 2018-05-15 17:50:38 UTC
oVirt gerrit 90056 0 master MERGED core: add EnableKASLRDump vdc_option 2020-06-01 00:15:22 UTC
oVirt gerrit 90378 0 ovirt-engine-4.2 MERGED core: add EnableKASLRDump vdc_option 2020-06-01 00:15:24 UTC

Description Jaroslav Suchanek 2018-03-14 11:14:59 UTC
+++ This bug was initially created as a clone of Bug #1395248 +++

Patches are ready for most components, but we need a solution virsh dump when KVM guests have KASLR enabled.

The discussion upstream appears to be converging to a qemu-guest-agent solution for now: http://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg01618.html

+++ This bug was initially created as a clone of Bug #1290840 +++

Description of problem:
Kernel Address Space Randomization [KASLR] allows to randomize the physical and virtual address at which the kernel image is decompressed, as a security feature that deters exploit attempts relying on knowledge of the location of kernel internals. 

The feature has been described in LWN article:
https://lwn.net/Articles/569635/

With upstream patchsets of:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e8236c4d9338d52d0f2fcecc0b792ac0542e4ee9

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=da2b6fb990cf782b18952f534ec7323453bc4fc9

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a653f3563c51c7bb7de63d607bef09d3baddaeb8

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5bfce5ef55cbe78ee2ee6e97f2e26a8a582008f3

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6145cfe394a7f138f6b64491c5663f97dba12450

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19259943f0954dcd1817f94776376bf51c6a46d5

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f32360ef6608434a032dc7ad262d45e9693c27f3

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ab3820fd5b2896d66da7bb2a906bc382e63e7bc

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82fa9637a2ba285bcc7c5050c73010b2c1b3d803

Version-Release number of selected component (if applicable):
went upstream in 3.14


Additional info:

https://lwn.net/Articles/569635/

--- Additional comment from Jaroslav Suchanek on 2017-11-22 15:16:58 CET ---

Fixed upstream:

commit 7e4177a35bae49a53b04940be04418daaa988734
Author:     Marc-André Lureau <marcandre.lureau@redhat.com>
AuthorDate: Thu Nov 16 17:49:38 2017 +0100
Commit:     Martin Kletzander <mkletzan@redhat.com>
CommitDate: Sat Nov 18 10:45:10 2017 +0100

    qemu: add vmcoreinfo support
    
    Starting from qemu 2.11, the `-device vmcoreinfo` will create a fw_cfg
    entry for a guest to store dump details, necessary to process kernel
    dump with KASLR enabled and providing additional kernel details.
    
    In essence, it is similar to -fw_cfg name=etc/vmcoreinfo,file=X but in
    this case it is not backed by a file, but collected by QEMU itself.
    
    Since the device is a singleton and shouldn't use additional hardware
    resources, it is presented as a <feature> element in the libvirt
    domain XML.
    
    The device is arm/x86 only for now (targets that support fw_cfg+dma).
    
    Related to:
    https://bugzilla.redhat.com/show_bug.cgi?id=1395248
    
    Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>

Comment 1 Dan Kenigsberg 2018-03-14 11:21:21 UTC
Starting RHV-4.2, libvirt domxml is built centrally by Engine.
Suggesting to fix this for GA.

Comment 2 Michal Skrivanek 2018-03-15 07:49:25 UTC
do we use virsh dump anywhere? in logcollector perhaps?

Comment 4 Raz Tamir 2018-04-27 10:09:44 UTC
Israel,

Can you please ack or nack this?

Comment 5 Dan Kenigsberg 2018-04-29 15:00:26 UTC
(In reply to Michal Skrivanek from comment #2)
> do we use virsh dump anywhere? in logcollector perhaps?

virsh is not mentioned in ovirt-log-collector, nor its vdsm plugin.

Comment 6 Michal Skrivanek 2018-04-29 17:02:55 UTC
adding back needinfo on ipinto

this is already present in latest build

Comment 7 Israel Pinto 2018-05-01 11:13:39 UTC
Verify with:
Software Version:4.2.3.3-0.1.el7


https://polarion.engineering.redhat.com/polarion/#/project/RHEVM3/testrun?id=1-1&tab=records&result=passed

Comment 11 errata-xmlrpc 2018-05-15 17:48:31 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:1488

Comment 12 Franta Kust 2019-05-16 13:06:28 UTC
BZ<2>Jira Resync


Note You need to log in before you can comment on or make changes to this bug.