import CS kexec-tools-2.0.26-14.el8
This commit is contained in:
parent
4e334b5cd7
commit
02fbb13546
@ -49,11 +49,6 @@ early_kdump_load()
|
|||||||
|
|
||||||
EARLY_KEXEC_ARGS=$(prepare_kexec_args "${KEXEC_ARGS}")
|
EARLY_KEXEC_ARGS=$(prepare_kexec_args "${KEXEC_ARGS}")
|
||||||
|
|
||||||
if is_secure_boot_enforced; then
|
|
||||||
dinfo "Secure Boot is enabled. Using kexec file based syscall."
|
|
||||||
EARLY_KEXEC_ARGS="$EARLY_KEXEC_ARGS -s"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Here, only output the messages, but do not save these messages
|
# Here, only output the messages, but do not save these messages
|
||||||
# to a file because the target disk may not be mounted yet, the
|
# to a file because the target disk may not be mounted yet, the
|
||||||
# earlykdump is too early.
|
# earlykdump is too early.
|
||||||
|
@ -363,6 +363,14 @@ _get_nic_driver() {
|
|||||||
ethtool -i "$1" | sed -n -E "s/driver: (.*)/\1/p"
|
ethtool -i "$1" | sed -n -E "s/driver: (.*)/\1/p"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_get_hpyerv_physical_driver() {
|
||||||
|
local _physical_nic
|
||||||
|
|
||||||
|
_physical_nic=$(find /sys/class/net/"$1"/ -name 'lower_*' | sed -En "s/\/.*lower_(.*)/\1/p")
|
||||||
|
[[ -n $_physical_nic ]] || return
|
||||||
|
_get_nic_driver "$_physical_nic"
|
||||||
|
}
|
||||||
|
|
||||||
kdump_install_nic_driver() {
|
kdump_install_nic_driver() {
|
||||||
local _netif _driver _drivers
|
local _netif _driver _drivers
|
||||||
|
|
||||||
@ -382,6 +390,11 @@ kdump_install_nic_driver() {
|
|||||||
elif [[ $_driver == "team" ]]; then
|
elif [[ $_driver == "team" ]]; then
|
||||||
# install the team mode drivers like team_mode_roundrobin.ko as well
|
# install the team mode drivers like team_mode_roundrobin.ko as well
|
||||||
_driver='=drivers/net/team'
|
_driver='=drivers/net/team'
|
||||||
|
elif [[ $_driver == "hv_netvsc" ]]; then
|
||||||
|
# A Hyper-V VM may have accelerated networking
|
||||||
|
# https://learn.microsoft.com/en-us/azure/virtual-network/accelerated-networking-overview
|
||||||
|
# Install the driver of physical NIC as well
|
||||||
|
_drivers+=("$(_get_hpyerv_physical_driver "$_netif")")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
_drivers+=("$_driver")
|
_drivers+=("$_driver")
|
||||||
@ -1127,6 +1140,15 @@ install() {
|
|||||||
's/\(^[[:space:]]*reserved_memory[[:space:]]*=\)[[:space:]]*[[:digit:]]*/\1 1024/' \
|
's/\(^[[:space:]]*reserved_memory[[:space:]]*=\)[[:space:]]*[[:digit:]]*/\1 1024/' \
|
||||||
${initdir}/etc/lvm/lvm.conf &>/dev/null
|
${initdir}/etc/lvm/lvm.conf &>/dev/null
|
||||||
|
|
||||||
|
# Skip initrd-cleanup.service and initrd-parse-etc.service becasue we don't
|
||||||
|
# need to switch root. Instead of removing them, we use ConditionPathExists
|
||||||
|
# to check if /proc/vmcore exists to determine if we are in kdump.
|
||||||
|
sed -i '/\[Unit\]/a ConditionPathExists=!\/proc\/vmcore' \
|
||||||
|
"${initdir}/${systemdsystemunitdir}/initrd-cleanup.service" &> /dev/null
|
||||||
|
|
||||||
|
sed -i '/\[Unit\]/a ConditionPathExists=!\/proc\/vmcore' \
|
||||||
|
"${initdir}/${systemdsystemunitdir}/initrd-parse-etc.service" &> /dev/null
|
||||||
|
|
||||||
# Save more memory by dropping switch root capability
|
# Save more memory by dropping switch root capability
|
||||||
dracut_no_switch_root
|
dracut_no_switch_root
|
||||||
}
|
}
|
||||||
|
@ -529,11 +529,24 @@ get_dracut_args_target()
|
|||||||
echo $1 | grep "\-\-mount" | sed "s/.*--mount .\(.*\)/\1/" | cut -d' ' -f1
|
echo $1 | grep "\-\-mount" | sed "s/.*--mount .\(.*\)/\1/" | cut -d' ' -f1
|
||||||
}
|
}
|
||||||
|
|
||||||
|
get_reserved_mem_size()
|
||||||
|
{
|
||||||
|
local reserved_mem_size=0
|
||||||
|
|
||||||
|
if is_fadump_capable; then
|
||||||
|
reserved_mem_size=$(< /sys/kernel/fadump/mem_reserved)
|
||||||
|
else
|
||||||
|
reserved_mem_size=$(< /sys/kernel/kexec_crash_size)
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "$reserved_mem_size"
|
||||||
|
}
|
||||||
|
|
||||||
check_crash_mem_reserved()
|
check_crash_mem_reserved()
|
||||||
{
|
{
|
||||||
local mem_reserved
|
local mem_reserved
|
||||||
|
|
||||||
mem_reserved=$(cat /sys/kernel/kexec_crash_size)
|
mem_reserved=$(get_reserved_mem_size)
|
||||||
if [ $mem_reserved -eq 0 ]; then
|
if [ $mem_reserved -eq 0 ]; then
|
||||||
derror "No memory reserved for crash kernel"
|
derror "No memory reserved for crash kernel"
|
||||||
return 1
|
return 1
|
||||||
@ -700,6 +713,15 @@ prepare_kexec_args()
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# For secureboot enabled machines, use new kexec file based syscall.
|
||||||
|
# Old syscall will always fail as it does not have capability to do
|
||||||
|
# kernel signature verification.
|
||||||
|
if is_secure_boot_enforced; then
|
||||||
|
dinfo "Secure Boot is enabled. Using kexec file based syscall."
|
||||||
|
kexec_args="$kexec_args -s"
|
||||||
|
fi
|
||||||
|
|
||||||
echo $kexec_args
|
echo $kexec_args
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -538,28 +538,22 @@ check_fs_modified()
|
|||||||
check_system_modified()
|
check_system_modified()
|
||||||
{
|
{
|
||||||
local ret
|
local ret
|
||||||
|
local CONF_ERROR=2
|
||||||
|
local CONF_MODIFY=1
|
||||||
|
local CONF_NO_MODIFY=0
|
||||||
|
local conf_status=$CONF_NO_MODIFY
|
||||||
|
|
||||||
[[ -f $TARGET_INITRD ]] || return 1
|
[[ -f $TARGET_INITRD ]] || return 1
|
||||||
|
|
||||||
check_files_modified
|
for _func in check_files_modified check_fs_modified check_drivers_modified; do
|
||||||
|
$_func
|
||||||
ret=$?
|
ret=$?
|
||||||
if [ $ret -ne 0 ]; then
|
# return immediately if an error occurred.
|
||||||
return $ret
|
[[ $ret -eq "$CONF_ERROR" ]] && return "$ret"
|
||||||
fi
|
[[ $ret -eq "$CONF_MODIFY" ]] && { conf_status="$CONF_MODIFY"; }
|
||||||
|
done
|
||||||
|
|
||||||
check_fs_modified
|
return $conf_status
|
||||||
ret=$?
|
|
||||||
if [ $ret -ne 0 ]; then
|
|
||||||
return $ret
|
|
||||||
fi
|
|
||||||
|
|
||||||
check_drivers_modified
|
|
||||||
ret=$?
|
|
||||||
if [ $ret -ne 0 ]; then
|
|
||||||
return $ret
|
|
||||||
fi
|
|
||||||
|
|
||||||
return 0
|
|
||||||
}
|
}
|
||||||
|
|
||||||
check_rebuild()
|
check_rebuild()
|
||||||
@ -653,20 +647,7 @@ function load_kdump_kernel_key()
|
|||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
|
|
||||||
KDUMP_KEY_ID=$(cat /usr/share/doc/kernel-keys/$KDUMP_KERNELVER/kernel-signing-ppc.cer |
|
keyctl padd asymmetric "" %:.ima < "/usr/share/doc/kernel-keys/$KDUMP_KERNELVER/kernel-signing-ppc.cer"
|
||||||
keyctl padd asymmetric kernelkey-$RANDOM %:.ima)
|
|
||||||
}
|
|
||||||
|
|
||||||
# remove a previously loaded key. There's no real security implication
|
|
||||||
# to leaving it around, we choose to do this because it makes it easier
|
|
||||||
# to be idempotent and so as to reduce the potential for confusion.
|
|
||||||
function remove_kdump_kernel_key()
|
|
||||||
{
|
|
||||||
if [ -z "$KDUMP_KEY_ID" ]; then
|
|
||||||
return
|
|
||||||
fi
|
|
||||||
|
|
||||||
keyctl unlink $KDUMP_KEY_ID %:.ima
|
|
||||||
}
|
}
|
||||||
|
|
||||||
# Load the kdump kernel specified in /etc/sysconfig/kdump
|
# Load the kdump kernel specified in /etc/sysconfig/kdump
|
||||||
@ -679,15 +660,6 @@ load_kdump()
|
|||||||
KEXEC_ARGS=$(prepare_kexec_args "${KEXEC_ARGS}")
|
KEXEC_ARGS=$(prepare_kexec_args "${KEXEC_ARGS}")
|
||||||
KDUMP_COMMANDLINE=$(prepare_cmdline "${KDUMP_COMMANDLINE}" "${KDUMP_COMMANDLINE_REMOVE}" "${KDUMP_COMMANDLINE_APPEND}")
|
KDUMP_COMMANDLINE=$(prepare_cmdline "${KDUMP_COMMANDLINE}" "${KDUMP_COMMANDLINE_REMOVE}" "${KDUMP_COMMANDLINE_APPEND}")
|
||||||
|
|
||||||
# For secureboot enabled machines, use new kexec file based syscall.
|
|
||||||
# Old syscall will always fail as it does not have capability to
|
|
||||||
# to kernel signature verification.
|
|
||||||
if is_secure_boot_enforced; then
|
|
||||||
dinfo "Secure Boot is enabled. Using kexec file based syscall."
|
|
||||||
KEXEC_ARGS="$KEXEC_ARGS -s"
|
|
||||||
load_kdump_kernel_key
|
|
||||||
fi
|
|
||||||
|
|
||||||
ddebug "$KEXEC $KEXEC_ARGS $standard_kexec_args --command-line=$KDUMP_COMMANDLINE --initrd=$TARGET_INITRD $KDUMP_KERNEL"
|
ddebug "$KEXEC $KEXEC_ARGS $standard_kexec_args --command-line=$KDUMP_COMMANDLINE --initrd=$TARGET_INITRD $KDUMP_KERNEL"
|
||||||
|
|
||||||
# The '12' represents an intermediate temporary file descriptor
|
# The '12' represents an intermediate temporary file descriptor
|
||||||
@ -708,9 +680,7 @@ load_kdump()
|
|||||||
set +x
|
set +x
|
||||||
exec 2>&12 12>&-
|
exec 2>&12 12>&-
|
||||||
|
|
||||||
remove_kdump_kernel_key
|
if [[ $ret == 0 ]]; then
|
||||||
|
|
||||||
if [ $ret == 0 ]; then
|
|
||||||
dinfo "kexec: loaded kdump kernel"
|
dinfo "kexec: loaded kdump kernel"
|
||||||
return 0
|
return 0
|
||||||
else
|
else
|
||||||
@ -848,7 +818,7 @@ propagate_ssh_key()
|
|||||||
|
|
||||||
show_reserved_mem()
|
show_reserved_mem()
|
||||||
{
|
{
|
||||||
local mem=$(cat /sys/kernel/kexec_crash_size)
|
local mem=$(get_reserved_mem_size)
|
||||||
local mem_mb=$(expr $mem / 1024 / 1024)
|
local mem_mb=$(expr $mem / 1024 / 1024)
|
||||||
|
|
||||||
dinfo "Reserved "$mem_mb"MB memory for crash kernel"
|
dinfo "Reserved "$mem_mb"MB memory for crash kernel"
|
||||||
@ -1009,7 +979,13 @@ start_fadump()
|
|||||||
|
|
||||||
start_dump()
|
start_dump()
|
||||||
{
|
{
|
||||||
if [ $DEFAULT_DUMP_MODE == "fadump" ]; then
|
# On secure boot enabled Power systems, load kernel signing key on .ima for signature
|
||||||
|
# verification using kexec file based syscall.
|
||||||
|
if [[ "$(uname -m)" == ppc64le ]] && is_secure_boot_enforced; then
|
||||||
|
load_kdump_kernel_key
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ $DEFAULT_DUMP_MODE == "fadump" ]]; then
|
||||||
start_fadump
|
start_fadump
|
||||||
else
|
else
|
||||||
load_kdump
|
load_kdump
|
||||||
@ -1270,7 +1246,7 @@ do_estimate() {
|
|||||||
# The default value when using crashkernel=auto
|
# The default value when using crashkernel=auto
|
||||||
baseline_size=$((baseline * size_mb))
|
baseline_size=$((baseline * size_mb))
|
||||||
# Current reserved crashkernel size
|
# Current reserved crashkernel size
|
||||||
reserved_size=$(cat /sys/kernel/kexec_crash_size)
|
reserved_size=$(get_reserved_mem_size)
|
||||||
# A pre-estimated value for userspace usage and kernel
|
# A pre-estimated value for userspace usage and kernel
|
||||||
# runtime allocation, 64M should good for most cases
|
# runtime allocation, 64M should good for most cases
|
||||||
runtime_size=$((64 * size_mb))
|
runtime_size=$((64 * size_mb))
|
||||||
|
@ -35,7 +35,8 @@ updating lists accordingly.
|
|||||||
Supported Dump targets
|
Supported Dump targets
|
||||||
----------------------
|
----------------------
|
||||||
storage:
|
storage:
|
||||||
LVM volume (no thinp)
|
LVM volume
|
||||||
|
Thin provisioning volume
|
||||||
FC disks (qla2xxx, lpfc, bnx2fc, bfa)
|
FC disks (qla2xxx, lpfc, bnx2fc, bfa)
|
||||||
software initiator based iSCSI
|
software initiator based iSCSI
|
||||||
software RAID (mdraid)
|
software RAID (mdraid)
|
||||||
@ -79,7 +80,6 @@ Unsupported Dump targets
|
|||||||
------------------------
|
------------------------
|
||||||
storage:
|
storage:
|
||||||
BIOS RAID
|
BIOS RAID
|
||||||
Thin provisioning volume
|
|
||||||
Software iSCSI with iBFT (bnx2i, cxgb3i, cxgb4i)
|
Software iSCSI with iBFT (bnx2i, cxgb3i, cxgb4i)
|
||||||
Software iSCSI with hybrid (be2iscsi)
|
Software iSCSI with hybrid (be2iscsi)
|
||||||
FCoE
|
FCoE
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
Name: kexec-tools
|
Name: kexec-tools
|
||||||
Version: 2.0.26
|
Version: 2.0.26
|
||||||
Release: 8%{?dist}
|
Release: 14%{?dist}
|
||||||
License: GPLv2
|
License: GPLv2
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
Summary: The kexec/kdump userspace component
|
Summary: The kexec/kdump userspace component
|
||||||
@ -396,6 +396,25 @@ done
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 21 2024 Pingfan Liu <piliu@redhat.com> - 2.0.26-14
|
||||||
|
- dracut-module-setup: Skip initrd-cleanup and initrd-parse-etc in kdump
|
||||||
|
|
||||||
|
* Fri Feb 2 2024 Pingfan Liu <piliu@redhat.com> - 2.0.26-13
|
||||||
|
- dracut-module-setup.sh: also install the driver of physical NIC for Hyper-V VM with accelerated networking
|
||||||
|
|
||||||
|
* Wed Nov 22 2023 Pingfan Liu <piliu@redhat.com> - 2.0.26-12
|
||||||
|
- kdumpctl: Only returns immediately after an error occurs in check_*_modified
|
||||||
|
|
||||||
|
* Thu Nov 9 2023 Pingfan Liu <piliu@redhat.com> - 2.0.26-11
|
||||||
|
- powerpc: update kdumpctl to load kernel signing key for fadump
|
||||||
|
- powerpc: update kdumpctl to remove deletion of kernel signing key once loaded
|
||||||
|
|
||||||
|
* Tue Sep 26 2023 Pingfan Liu <piliu@redhat.com> - 2.0.26-10
|
||||||
|
- Introduce a function to get reserved memory size
|
||||||
|
|
||||||
|
* Tue Sep 19 2023 Pingfan Liu <piliu@redhat.com> - 2.0.26-9
|
||||||
|
- Add lvm thin provision to kdump supported-kdump-targets.txt
|
||||||
|
|
||||||
* Thu Aug 10 2023 Pingfan Liu <piliu@redhat.com> - 2.0.26-8
|
* Thu Aug 10 2023 Pingfan Liu <piliu@redhat.com> - 2.0.26-8
|
||||||
- mkdumprd: Use the correct syntax to redirect the stderr to null
|
- mkdumprd: Use the correct syntax to redirect the stderr to null
|
||||||
- mkdumprd: call dracut with --add-device to install the drivers needed by /boot partition automatically for FIPS
|
- mkdumprd: call dracut with --add-device to install the drivers needed by /boot partition automatically for FIPS
|
||||||
|
Loading…
Reference in New Issue
Block a user