Support Home | Live Chat | Q&A | Docs | APIs | Blog
x
login Signup

StaticProcessMonitor flag

After installing the linux collector, I’ve seen hv_kvp_daemon segfault in /var/log/messages. What’s going on?

avatar image By Jimmy123 15 asked Aug 21, 2015 at 05:14 PM
more ▼
(comments are locked)
10|600 characters needed characters left

1 answer: sort voted first

The Hyper V KVP Daemon (hv_kvp_daemon) is installed by default on many linux distributions, and is used when running a guest linux virtual machine under a Microsoft Hyper V hypervisor. This daemon has known issues with its use of netlink sockets - more information can be found by searching for “hv_kvp_daemon vulnerability”.

The linux collector uses a netlink socket to receive messages from the kernel. The hv_kvp_daemon opens a netlink socket in a way that will receive messages intended for other applications, but does not validate that messages it receives are intended for it. When the hv_kvp_daemon receives these messages (in our case from the kernel, intended for the linux collector) it tries to process them and crashes. Reports exist that other applications which use netlink sockets also cause the hv_kvp_daemon to crash.

If you are not running a linux VM under Hyper V, no action is required. You may uninstall the hv_kvp_daemon, or disable the daemon from running on startup if you don’t want to see a segfault message in /var/log/messages or /var/log/syslog.

If you are running a linux VM under Hyper V, you should know that it is possible to disable the collector’s use of a netlink socket. This allows the linux collector to coexist with hv_kvp_daemon. Add this line to the collector config file in /etc/AppFirst, restart the linux collector, then restart Hyper V : StaticProcessMonitor Off

avatar image By AppFirst_Support ♦♦ 408 answered Aug 21, 2015 at 05:14 PM
more ▼
(comments are locked)
10|600 characters needed characters left
Your answer
toggle preview:

Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.