Public bug reported:
Observed during development and testing of AWS hibernation on Ubuntu
linux-aws-bionic (4.15.0-1044.46):
There is a known issue when using On-Demand Hibernation related to KASLR
(Kernel Address Space Layout Randomization). KASLR is a standard Linux
kernel security feature which helps to mitigate exposure to and
ramifications of yet-undiscovered memory access vulnerabilities by
randomizing the base address value of the kernel. In a small percentage
of tests, instances with KASLR enabled do not resume and become
completely unusable after hibernation. Disabling KASLR, which is enabled
by default, is known to avoid this issue. Please see (TBD AWS
announcement) for additional details.
-----
Users affected by this issue may consider disabling KASLR as a work-
around, as follows:
To disable KASLR on an instance, follow these steps to reboot with the
'nokaslr' kernel command line switch:
1. Edit the file /etc/default/grub.d/50-cloudimg-settings.cfg and add
the word 'nokaslr' to the GRUB_CMDLINE_LINUX_DEFAULT string, e.g.:
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0
nvme_core.io_timeout=4294967295 nokaslr"
2. Run the command 'sudo update-grub'.
3. Reboot the instance.
** Affects: linux-aws (Ubuntu)
Importance: High
Status: Triaged
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-aws in Ubuntu.
https://bugs.launchpad.net/bugs/1837469
Title:
AWS hibernation failure with KASLR enabled
Status in linux-aws package in Ubuntu:
Triaged
Bug description:
Observed during development and testing of AWS hibernation on Ubuntu
linux-aws-bionic (4.15.0-1044.46):
There is a known issue when using On-Demand Hibernation related to
KASLR (Kernel Address Space Layout Randomization). KASLR is a standard
Linux kernel security feature which helps to mitigate exposure to and
ramifications of yet-undiscovered memory access vulnerabilities by
randomizing the base address value of the kernel. In a small
percentage of tests, instances with KASLR enabled do not resume and
become completely unusable after hibernation. Disabling KASLR, which
is enabled by default, is known to avoid this issue. Please see (TBD
AWS announcement) for additional details.
-----
Users affected by this issue may consider disabling KASLR as a work-
around, as follows:
To disable KASLR on an instance, follow these steps to reboot with the
'nokaslr' kernel command line switch:
1. Edit the file /etc/default/grub.d/50-cloudimg-settings.cfg and add
the word 'nokaslr' to the GRUB_CMDLINE_LINUX_DEFAULT string, e.g.:
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0
nvme_core.io_timeout=4294967295 nokaslr"
2. Run the command 'sudo update-grub'.
3. Reboot the instance.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1837469/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
