Kernel Panic Recovery
In this demo, we create a buggy loadable kernel
module that under certain conditions writes to virtual address 0, thus
triggering a null pointer dereference. We load this buggy kernel module
in the guest VM on top of QEMU/KVM to trigger a kernel panic in the
guest. To recover the guest from this kernel panic, we modify the KVM
kernel module on the host to reflect the null pointer dereference fault
as a particular internal error to QEMU/KVM, which in turn initiates a
live migration to DECAF on a different host. After DECAF receives the
guest VM, it fixes the guest VM's state before resuming its execution,
in order to recover the guest from the kernel panic. More specifically,
DECAF aborts the faulting function and then forces the guest's kernel
execution down a path that unloads the buggy kernel module. For more
information please refer to our ACSAC'15 paper [1].
Watch the live demo by clicking here.
Paper:
Jinpeng Wei, Lok Yan, and Muhammad Azizul Hakim. "MOSE: Live Migration Based On-the-Fly Software Emulation". Proceedings of the 31st Annual Computer Security Applications Conference (ACSAC 2015), pages 221–230. Download (529 KB). Acceptance rate: 47/193 = 24.4%.