rpms
/
kexec-tools
7
0
Fork 0
Code Issues Pull Requests Releases Activity
kexec-tools/kdump.sysconfig.x86_64

47 lines
1.9 KiB
Plaintext
Raw Normal View History

Updating fc7 with all RHEL5 work
2006-12-15 21:05:01 +00:00
# Kernel Version string for the -kdump kernel, such as 2.6.13-1544.FC5kdump
# If no version is specified, then the init script will try to find a
# kdump kernel with the same version number as the running kernel.
KDUMP_KERNELVER=""
# The kdump commandline is the command line that needs to be passed off to
# the kdump kernel. This will likely match the contents of the grub kernel
# line. For example:
# KDUMP_COMMANDLINE="ro root=LABEL=/"
do not mount root twice Resolves: bz821997 dracut will mount rootfs for us, so we need not pass root to fstab again here. Here remove the root-mount line. This will depends on the root=cmdline is right, by default kdump will inherit it from /proc/cmdline. Vivek: add document about the assumption for the root= cmdline issue. Signed-off-by: Dave Young <dyoung@redhat.com> Acked-by: Vivek Goyal <vgoyal@redhat.com>
2012-07-12 03:15:35 +00:00
# Dracut depends on proper root= options, so please make sure that appropriate
# root= options are copied from /proc/cmdline. In general it is best to append
# command line options using "KDUMP_COMMANDLINE_APPEND=".
Updating fc7 with all RHEL5 work
2006-12-15 21:05:01 +00:00
# If a command line is not specified, the default will be taken from
# /proc/cmdline
KDUMP_COMMANDLINE=""
kdump.sysconfig: add KDUMP_COMMANDLINE_REMOVE Use KDUMP_COMMANDLINE_REMOVE config instead of hardcode them in kdumpctl, which makes it possible system admins decide what params to remove such as "quiet" or other debug flags. This patch also adds backward compatibility even if an old config is used. It will behave the same as the old version. Signed-off-by: Dangyi Liu <dliu@redhat.com> Acked-by: Baoquan He <bhe@redhat.com> Acked-by: Dave Young <dyoung@redhat.com>
2015-11-18 08:00:22 +00:00
# This variable lets us remove arguments from the current kdump commandline
# as taken from either KDUMP_COMMANDLINE above, or from /proc/cmdline
# NOTE: some arguments such as crashkernel will always be removed
kdump.sysconfig: Remove the option 'log_buf_len' from kdump command line The option 'log_buf_len' in the kernel command line will make kernel dynamically allocate memory (system ram) from memblock and always hold the memory allocated. If the size of this option is misused such as 'log_buf_len=64M'. This may cause a short of memory for kdump kernel, because the size of memory is usually limited in kdump kernel. In order to avoid this problem, need to remove this option from the kdump kernel command line. Signed-off-by: Lianbo Jiang <lijiang@redhat.com> Acked-by: Pingfan Liu <piliu@redhat.com>
2020-05-22 06:45:41 +00:00
KDUMP_COMMANDLINE_REMOVE="hugepages hugepagesz slub_debug quiet log_buf_len"
kdump.sysconfig: add KDUMP_COMMANDLINE_REMOVE Use KDUMP_COMMANDLINE_REMOVE config instead of hardcode them in kdumpctl, which makes it possible system admins decide what params to remove such as "quiet" or other debug flags. This patch also adds backward compatibility even if an old config is used. It will behave the same as the old version. Signed-off-by: Dangyi Liu <dliu@redhat.com> Acked-by: Baoquan He <bhe@redhat.com> Acked-by: Dave Young <dyoung@redhat.com>
2015-11-18 08:00:22 +00:00
Updating fc7 with all RHEL5 work
2006-12-15 21:05:01 +00:00
# This variable lets us append arguments to the current kdump commandline
kdump.sysconfig: add KDUMP_COMMANDLINE_REMOVE Use KDUMP_COMMANDLINE_REMOVE config instead of hardcode them in kdumpctl, which makes it possible system admins decide what params to remove such as "quiet" or other debug flags. This patch also adds backward compatibility even if an old config is used. It will behave the same as the old version. Signed-off-by: Dangyi Liu <dliu@redhat.com> Acked-by: Baoquan He <bhe@redhat.com> Acked-by: Dave Young <dyoung@redhat.com>
2015-11-18 08:00:22 +00:00
# after processed by KDUMP_COMMANDLINE_REMOVE
Disable device dump by default Device dump may use a log of memory and cause OOM issue, so append "novmcoredd" option for second kernel and disable it by default. To use device dump, user should remove the vmcoredd parameter manually. Signed-off-by: Kairui Song <kasong@redhat.com> Acked-by: Dave Young <dyoung@redhat.com>
2019-05-29 02:47:58 +00:00
KDUMP_COMMANDLINE_APPEND="irqpoll nr_cpus=1 reset_devices cgroup_disable=memory mce=off numa=off udev.children-max=2 panic=10 acpi_no_memhotplug transparent_hugepage=never nokaslr hest_disable novmcoredd"
Updating fc7 with all RHEL5 work
2006-12-15 21:05:01 +00:00
# Any additional kexec arguments required. In most situations, this should
# be left empty
#
# Example:
# KEXEC_ARGS="--elf32-core-headers"
Resolves bz 461615
2008-09-15 13:58:38 +00:00
KEXEC_ARGS=""
Updating fc7 with all RHEL5 work
2006-12-15 21:05:01 +00:00
#Where to find the boot image
kdumpctl: adjust the boot dir if kernel is put in sub dir of /boot Previously /boot is asumed as the default dir where kernel and initrd is put. However, the directory containing the running kernel image on Atomic systems differs in each installation. Usually something like: /boot/ostree/rhel-atomic-host-b50a015b637c353dc6554c851f8a1212b60d6121a7316715e4a63e2a4113cd72 This means that kdump will not find vmlinuz when installed on an Atomic host, and thus the kdump service will fail to start. In this patch, the kdump boot dir finding behaviour is a little changed. Firstly check whether user has specify a directory explicitly in /etc/sysconfig/kdump. If yes that is respected. Otherwise we assume 1st kernel and kdump kernel are put in the same place under /boot. Then find it according /proc/cmdline and append it to /boot/ Note: So now the KDUMP_BOOTDIR in /etc/sysconfig/kdump is set as empty by default. If user set KDUMP_BOOTDIR to a directory, then he need to take care of all related things himself. otherwise kdump script handle it automatically. Signed-off-by: Baoquan He <bhe@redhat.com> Acked-by: Dave Young <dyoung@redhat.com> Acked-by: Minfei Huang <mhuang@redhat.com>
2015-01-28 08:22:47 +00:00
#KDUMP_BOOTDIR="/boot"
Updating fc7 with all RHEL5 work
2006-12-15 21:05:01 +00:00
#What is the image type used for kdump
KDUMP_IMG="vmlinuz"
#What is the images extension. Relocatable kernels don't have one
KDUMP_IMG_EXT=""
kdump-lib: switch to the kexec_file_load() syscall on x86_64 by default UEFI Secure boot is a signature verification mechanism, designed to prevent malicious code being loaded and executed at the early boot stage. This makes sure that code executed is trusted by firmware. Previously, with kexec_file_load() interface, kernel prevents unsigned kernel image from being loaded if secure boot is enabled. So kdump will detect whether secure boot is enabled firstly, then decide which interface is chosen to execute, kexec_load() or kexec_file_load(). Otherwise unsigned kernel loading will fail if secure boot enabled, and kexec_file_load() is entered. Now, the implementation of kexec_file_load() is adjusted in below commit. With this change, if CONFIG_KEXEC_SIG_FORCE is not set, unsigned kernel still has a chance to be allowed to load under some conditions. commit 99d5cadfde2b ("kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE") And in the current Fedora, the CONFIG_KEXEC_SIG_FORCE is not set, only the CONFIG_KEXEC_SIG and CONFIG_BZIMAGE_VERIFY_SIG are set on x86_64 by default. It's time to spread kexec_file_load() onto all systems of x86_64, including Secure-boot platforms and legacy platforms. Please refer to the following form. .----------------------------------------------------------------------. | . | signed kernel | unsigned kernel | | . types |-----------------------|-----------------------| | . |Secure boot| Legacy |Secure boot| Legacy | | . |-----------|-----------|-----------|-----------| | options . | prev| now | prev| now | | | prev| now | | . |(file|(file|(only|(file| prev| now |(only|(file| | . |load)|load)|load)|load)| | |load)|load)| |----------------------|-----|-----|-----|-----|-----|-----|-----|-----| |KEXEC_SIG=y | | | | | | | | | |SIG_FORCE is not set |succ |succ |succ |succ | X | X |succ |succ | |BZIMAGE_VERIFY_SIG=y | | | | | | | | | |----------------------|-----|-----|-----|-----|-----|-----|-----|-----| |KEXEC_SIG=y | | | | | | | | | |SIG_FORCE is not set | | | | | | | | | |BZIMAGE_VERIFY_SIG is |fail |fail |succ |fail | X | X |succ |fail | |not set | | | | | | | | | |----------------------|-----|-----|-----|-----|-----|-----|-----|-----| |KEXEC_SIG=y | | | | | | | | | |SIG_FORCE=y |succ |succ |succ |fail | X | X |succ |fail | |BZIMAGE_VERIFY_SIG=y | | | | | | | | | |----------------------|-----|-----|-----|-----|-----|-----|-----|-----| |KEXEC_SIG=y | | | | | | | | | |SIG_FORCE=y | | | | | | | | | |BZIMAGE_VERIFY_SIG is |fail |fail |succ |fail | X | X |succ |fail | |not set | | | | | | | | | |----------------------|-----|-----|-----|-----|-----|-----|-----|-----| |KEXEC_SIG is not set | | | | | | | | | |SIG_FORCE is not set | | | | | | | | | |BZIMAGE_VERIFY_SIG is |fail |fail |succ |succ | X | X |succ |succ | |not set | | | | | | | | | ---------------------------------------------------------------------- Note: [1] The 'X' indicates that the 1st kernel(unsigned) can not boot when the Secure boot is enabled. Hence, in this patch, if on x86_64, let's use the kexec_file_load() only. See if anything wrong happened in this case, in Fedora firstly for the time being. Signed-off-by: Lianbo Jiang <lijiang@redhat.com> Acked-by: Kairui Song <kasong@redhat.com>
2020-01-16 05:47:35 +00:00
# Using kexec file based syscall by default
#
# Here, the "on" is the only valid value to enable the kexec file load and
# anything else is equal to the "off"(disable).
KDUMP_FILE_LOAD="on"