SUMMARY
Machines that are using the Anti-Malware feature may encounter issues in kernel logs. In addition, the machine frequently reboots. The reboot occurs due to failure in processing kernel paging request.
DETAILS
The issue happens because both CA ControlMinder and Deep Security RTS (RealTimeScan) access the same low-level system resource. When CA software starts first, Deep Security continuously restarts because the low-level system resource is already allocated. On the other hand, when Deep Security starts before the CA software, the CA software causes the kernel panic.
To resolve the issue:
- Create the ds_am.ini file under /var/opt/ds_agent/am/.
- Add the following line:
/opt/ds_agent/lib/libvmpd_dsa_rtscan.so=rtscan_hook_enable=1,rtscan_hook_kern_method=1
- Restart the ds_agent service.
- If the issue persists, change the parameter in Step 2 by modifying its value from "1" to "2" as shown below:
/opt/ds_agent/lib/libvmpd_dsa_rtscan.so=rtscan_hook_enable=1,rtscan_hook_kern_method=2
Whereas:
1 = use redirfs hook only
2 = use syscall hook only
3 = use both; default value
Disabling one of them should be able to avoid the hooking issue while keeping the RTS detection ability.