kdumpctl: Drop default kexec '-d' option

Resolves: RHEL-39494
Conflicts: Small difference in context of 2nd hunk.

commit 3028529915d3026e62b59d8f3faadddd410baa75
Author: Philipp Rudo <prudo@redhat.com>
Date:   Fri Jun 14 11:48:24 2024 +0200

    kdumpctl: Drop default kexec '-d' option

    Kernel commits cbc2fe9d9cb2 ("kexec_file: add kexec_file flag to control
    debug printing") and a85ee18c7900 ("kexec_file: print out debugging
    message if required") added debug messages to the kexec_file_load system
    call when option -d is provided to the kexec user space tool. As
    kexec_file_load is the default and option -d is set by default these
    messages are always printed when a crash kernel is loaded. This not only
    clutters the kernel log but also potentially leaks confidential kernel
    information to users. As the messages are printed to the kernel log, not
    stderr, the redirection to /var/log/kdump.log won't catch them. This
    will become even more problematic as for RHEL10 the kernel will be built
    without support for the kexec_load system call. So kexec_file_load will
    be the only choice in the future.

    The redirection also caused confusion in a recent bug report. There a
    user moved a working /etc/sysconfig/kdump from ppc to s390 with
    KEXEC_ARGS containing the --dt-no-old-root option. This option is arch
    specific and does not exist on s390. Thus the kexec-tools failed with an
    'unrecognized option' error followed by the usage(). The problem was
    that the 'unrecognized option' error is printed to stderr, which got
    redirected to /var/log/kdump.log, while the usage() is printed to
    stdout, which ended up in the systemd journal. This caused confusion as
    the user only checked the journal and found the usage() without any
    error message.

    Thus remove the default -d option and the redirection of stderr to
    /var/log/kdump.log for the kexec-tools user space tool.

    This commit ultimately reverts 88a8b94 ("kdumpctl: add the '-d' option to
    enable the kexec loading debugging messages").

    Signed-off-by: Philipp Rudo <prudo@redhat.com>

Signed-off-by: Philipp Rudo <prudo@redhat.com>
This commit is contained in:
Philipp Rudo 2024-07-11 11:34:05 +02:00
parent dbbf9648e4
commit 0997f75a73
2 changed files with 4 additions and 24 deletions

View File

@ -5,7 +5,6 @@ KDUMP_KERNELVER=""
KDUMP_KERNEL=""
KDUMP_COMMANDLINE=""
KEXEC_ARGS=""
KDUMP_LOG_PATH="/var/log"
MKDUMPRD="/sbin/mkdumprd -f"
MKFADUMPRD="/sbin/mkfadumprd"
DRACUT_MODULES_FILE="/usr/lib/dracut/modules.txt"
@ -21,7 +20,7 @@ TARGET_INITRD=""
DEFAULT_DUMP_MODE="kdump"
image_time=0
standard_kexec_args="-d -p"
standard_kexec_args="-p"
# Some default values in case /etc/sysconfig/kdump doesn't include
KDUMP_COMMANDLINE_REMOVE="hugepages hugepagesz slub_debug"
@ -639,7 +638,7 @@ function load_kdump_kernel_key()
# as the currently running kernel.
load_kdump()
{
local ret uki
local uki
KEXEC_ARGS=$(prepare_kexec_args "${KEXEC_ARGS}")
KDUMP_COMMANDLINE=$(prepare_cmdline "${KDUMP_COMMANDLINE}" "${KDUMP_COMMANDLINE_REMOVE}" "${KDUMP_COMMANDLINE_APPEND}")
@ -656,26 +655,12 @@ load_kdump()
ddebug "$KEXEC $KEXEC_ARGS $standard_kexec_args --command-line=$KDUMP_COMMANDLINE --initrd=$TARGET_INITRD $KDUMP_KERNEL"
# The '12' represents an intermediate temporary file descriptor
# to store the standard error file descriptor '2', and later
# restore the error file descriptor with the file descriptor '12'
# and release it.
exec 12>&2
exec 2>> $KDUMP_LOG_PATH/kdump.log
chmod 600 $KDUMP_LOG_PATH/kdump.log
PS4='+ $(date "+%Y-%m-%d %H:%M:%S") ${BASH_SOURCE}@${LINENO}: '
set -x
# shellcheck disable=SC2086
$KEXEC $KEXEC_ARGS $standard_kexec_args \
--command-line="$KDUMP_COMMANDLINE" \
--initrd="$TARGET_INITRD" "$KDUMP_KERNEL"
ret=$?
set +x
exec 2>&12 12>&-
if [[ $ret == 0 ]]; then
if [[ $? == 0 ]]; then
dinfo "kexec: loaded kdump kernel"
return 0
else

View File

@ -1016,12 +1016,7 @@ Debugging Tips
and the second kernel.
In the first kernel, you can find the historical logs with the journalctl
command and check kdump service debugging information. In addition, the
'kexec -d' debugging messages are also saved to /var/log/kdump.log in the
first kernel. For example:
[root@ibm-z-109 ~]# ls -al /var/log/kdump.log
-rw-r--r--. 1 root root 63238 Oct 28 06:40 /var/log/kdump.log
command and check kdump service debugging information.
If you want to get the debugging information of building kdump initramfs, you
can enable the '--debug' option for the dracut_args in the /etc/kdump.conf, and