Commit Graph

1567 Commits

Author SHA1 Message Date
Hari Bathini
d0e9c51e0d fadump: fix dump capture failure to root disk
If the dump target is the root disk, kdump scripts add an entry in
/etc/fstab for root disk with /sysroot as the mount point. The root
disk, passed through root=<> kernel commandline parameter, is mounted
at /sysroot in read-only mode before switching from initial ramdisk.
So, in fadump mode, a remount of /sysroot to read-write mode is needed
to capture dump successfully, because /sysroot is already mounted as
read-only based on root=<> boot parameter.

Commit e8ef4db8ff ("Fix dump_fs mount point detection and fallback
mount") removed initialization of $_op variable, the variable holding
the options the dump target was mounted with, leading to the below
error as remount was skipped:

  kdump[586]: saving to /sysroot/var/crash/127.0.0.1-2021-04-22-07:22:08/
  kdump.sh[587]: mkdir: cannot create directory '/sysroot/var/crash/127.0.0.1-2021-04-22-07:22:08/': Read-only file system
  kdump[589]: saving vmcore failed

Restore $_op variable initialization in dump_fs() function to fix this.

Fixes: e8ef4db8ff ("Fix dump_fs mount point detection and fallback mount")
Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-28 15:41:33 +08:00
Kairui Song
8d0ef743e0 Revert "get kdump ifname once in kdump_install_net"
This reverts commit afda4f4961.
2021-04-28 15:18:53 +08:00
Kairui Song
b0156e9b64 Revert "pass kdumpnic to kdump_setup_/bond/bridge/vlan directly"
This reverts commit 586d767697.
2021-04-28 15:18:53 +08:00
Kairui Song
4753ab2c70 Revert "rd.route should use the name from kdump_setup_ifname"
This reverts commit 18ffd3cb17.
2021-04-28 15:18:53 +08:00
Coiby Xu
18ffd3cb17 rd.route should use the name from kdump_setup_ifname
This fix bz1854037 which happens because kexec-tools generates rd.route for
eth0 instead of for kdump-eth0,
 1. "rd.route=168.63.129.16:10.0.0.1:eth0 rd.route=169.254.169.254:10.0.0.1:eth0" is passed to the dracut cmdline by kexec-tools
 2. In the 2rd kernel,
    - dracut/modules.d/40network/net-lib.sh will write /tmp/net.route.eth0 based on rd.route
    - dracut/modules.d/45ifcfg/write-ifcfg.sh will copy /tmp/net.route.eth0 to /tmp/icfg and then copytree /tmp/ifcfg to /run/initramfs/state/etc/sysconfig/network-scripts
 3. NetworkManager will try to get an IP for eth0 regardless of the fact it's a slave NIC and time out
    ```
    $ ip link show
    2: kdump-eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
       link/ether 00:0d:3a:11:86:8b brd ff:ff:ff:ff:ff:ff
    3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master kdump-eth0 state UP mode DEFAULT group default qlen 1000
    ```

Reported-by: Huijing Hei <hhei@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com
2021-04-25 16:56:32 +08:00
Coiby Xu
586d767697 pass kdumpnic to kdump_setup_/bond/bridge/vlan directly
This avoids calling kdump_setup_ifname repeatedly.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com
2021-04-25 16:52:29 +08:00
Coiby Xu
afda4f4961 get kdump ifname once in kdump_install_net
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com
2021-04-25 16:52:21 +08:00
Kelvin Fan
75bdcb7399 Write to /var/lib/kdump if $KDUMP_BOOTDIR not writable
The `/boot` directory on some operating systems might be read-only.
If we cannot write to `$KDUMP_BOOTDIR` when generating the kdump
initrd, attempt to place the generated initrd at `/var/lib/kdump`
instead.

Signed-off by: Kelvin Fan <kelvinfan001@gmail.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-19 16:11:17 +08:00
Coiby Xu
eca7711706 Drop dependency on ipcalc
A shell equivalent of "ipcalc -m" has been implemented.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-16 18:51:52 +08:00
Coiby Xu
1ca1b71780 Implement IP netmask calculation to replace "ipcalc -m"
Recently, dracut-network drops depedency on dhcp-client which requires
ipcalc. Thus the dependency chain
"kexec-tools -> dracut-network -> dhcp-client -> ipcalc"
is broken. When NIC is configured to a static IP, kexec-tools depended
on "ipcalc -m" to get netmask. This commit implements the shell
equivalent of "ipcalc -m".

The following test code shows cal_netmask_by_prefix is consistent with
"ipcalc -m",

    #!/bin/bash
    . dracut-module-setup.sh

    for i in {0..128}; do
        mask_expected=$(ipcalc -m fe::/$i| cut -d"=" -f2)
        mask_actual=$(cal_netmask_by_prefix $i "-6")
        if [[ "$mask_expected" != "$mask_actual" ]]; then
            echo "prefix="$i, "expected="$mask_expected, "acutal="$mask_actual
            exit
        fi
    done

    echo "IPv6 tests passed"

    for i in {0..32}; do
        mask_expected=$(ipcalc -m 8.8.8.8/$i| cut -d"=" -f2)
        mask_actual=$(cal_netmask_by_prefix $i "")
        if [[ "$mask_expected" != "$mask_actual" ]]; then
            echo "prefix="$i, "expected="$mask_expected, "acutal="$mask_actual
            exit
        fi
    done

    echo "IPv4 tests passed"

    i=-2
    res=$(cal_netmask_by_prefix "$i" "")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix<0"
        exit
    fi

    res=$(cal_netmask_by_prefix "$i" "")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix<0"
        exit
    fi

    i=33
    $(cal_netmask_by_prefix $i "")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix>32 for IPv4"
        exit
    fi

    i=129
    $(cal_netmask_by_prefix $i "-6")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix>128 for IPv4"
        exit
    fi

    echo "Bad prefixes tests passed"

    echo "All tests passed"

Reported-by: Jie Li <jieli@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-16 18:51:34 +08:00
Coiby Xu
8b4b7bf808 Don't use die in dracut-module-setup.sh
die (in dracut-lib.sh) is supposed to be used in the initramfs environment.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-16 18:02:32 +08:00
Kairui Song
c6021648f1 Don't iterate the whole /sys/devices just to find drm device
On some large systems, /sys/devices is huge and it's not a wise idea to
iterate it. `find` may cause tremendous contention on the kernfs_mutex
when there are already stress on /sys, and it will perform very very
poorly.

Simply check if drm class presents should be good enough.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-04-16 17:47:27 +08:00
Kairui Song
ad655087c9 Release 2.0.21-8
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-04-05 02:33:21 +08:00
Kairui Song
91f1d5989b Update eppic to latest upstream snapshot
Also fixes a package build failure:
ar ccurl libeppic.a eppic_util.o eppic_node.o eppic_var.o eppic_func.o eppic_str.o eppic_op.o eppic_num.o eppic_stat.o eppic_builtin.o eppic_type.o eppic_case.o eppic_api.o eppic_member.o eppic_alloc.o eppic_define.o eppic_input.o eppic_print.o eppicpp.tab.o eppic.tab.o lex.eppic.o lex.eppicpp.o baseops.o
ar: eppic_util.o: file format not recognized

See eppic commit 0037321e64952b4feb3bd37761fb1067266e9e72 for more
details.

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-04-05 02:08:02 +08:00
Coiby Xu
8619f58538 selftest: replace qemu-kvm with one based on dracut's run-qemu
Dracut's run-qemu could find  which virtualization technology to the
user in the order of kvm, kqemu, userspace. Using run-qemu could allow
running tests where qemu-kvm doesn't exist.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:51:02 +08:00
Coiby Xu
bbc064f958 selftest: add EXTRA_RPMs so dracut RPMs can be installed onto the image to run the tests
dracut will build the PRMs which will be installed onto the image to run
the tests.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:50:57 +08:00
Coiby Xu
0dedb2c91a selftest: Fix bug of collecting test RPMs from argument
Currently, TEST_RPMS would be only using the last RPM.
Append each RPM path to TEST_RPMs instead,

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:50:41 +08:00
Coiby Xu
e5a745ce77 mkdumprd: prompt the user to install nfs-utils when mounting NFS fs failed
When nfs-utils is not installed, mounting as NFS fs would fail.
Currently, the error message is not user-friendly,
    mount: /tmp/mkdumprd.HyPGpS/target: bad option; for several filesystems (e.g. nfs, cifs) you might need a /sbin/mount.<type> helper program.
    kdump: Failed to mount on xxx for kdump preflight check.
    kdump: mkdumprd: failed to make kdump initrd

Prompt the user to install nfs-utilsa in the error message,
    kdump: Failed to mount on xxx for kdump preflight check. Please make sure nfs-utils has been installed.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:34:37 +08:00
Tao Liu
91c802ff52 Fix incorrect permissions on kdump dmesg file
Also known as CVE-2021-20269. The kdump dmesg log files(kexec-dmesg.log,
vmcore-dmesg.txt) are generated by shell redirection, which take the
default umask value, making the files readable for group and others.

This patch chmod these files, making them only accessible to owner.

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-23 16:39:18 +08:00
Tao Liu
00785873ef Fix incorrect vmcore permissions when dumped through ssh
Previously when dumping vmcore to a remote machine through ssh,
the files are created remotely and file permissions are taken
from the default umask value, which making the files accessible to
anyone on the remote machine.

This patch fixed the security issue by setting a customized umask value
before the file creation on the remote machine.

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-23 16:10:43 +08:00
Sourabh Jain
6a2e820d87 Stop reloading kdump service on CPU hotplug event for FADump
As FADump does not require an explicit elfcorehdr update whenever there is CPU
hotplug event so let's stop kdump service reload for FADump when CPU hotplug
event is triggered.

A new label is added to handle CPU and memory hotplug events separately. The
updated CPU hotplug event handler make sure that kdump service should not be
reloaded when FADump is configured.

Signed-off-by: Sourabh Jain <sourabhjain@linux.ibm.com>
Reviewed-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Baoquan He <bhe@redhat.com>
2021-03-10 16:24:42 +08:00
Zbigniew Jędrzejewski-Szmek
4b7ff283f5 Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
2021-03-02 16:13:34 +01:00
Hari Bathini
da6f381b08 fadump: improve fadump-howto.txt about remote dump target setup
While fadump-howto.txt talks about what happens to network interface
name on setting up a remote dump target in FADump mode, it doesn't
explicitly specify the negative consequences of it. Make it explicit
and provide a recommendation to overcome the same.

Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-02-23 16:18:54 +08:00
Pingfan Liu
596fa0a07f kdumpctl: enable secure boot on ppc64le LPARs
On ppc64le LPAR, secure-boot is a little different from bare metal,
Where
  host secure boot: /ibm,secure-boot/os-secureboot-enforcing DT property exists
while
  guest secure boot: /ibm,secure-boot >= 2

Make kexec-tools adapt to LPAR

Signed-off-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-02-23 09:45:54 +08:00
Coiby Xu
2721f323a9 add dependency on ipcalc
ipcalc is needed for generating 45route-static.conf. However,
on newer Fedora, e.g. 34, dracut-network drops dependency on
dhcp-client which requires ipcalc. Make kexec-tools explicitly
depends on ipcalc.

Reported-by: Jie Li <jieli@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-02-09 17:52:50 +08:00
Kairui Song
7232f5bff2 Release 2.0.21-6
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-02-08 23:22:14 +08:00
fj1508ic@fujitsu.com
f39000f524 Remove trace_buf_size and trace_event from the kernel bootparameters of the kdump kernel
The kdump kernel uses resources for ftrace because trace_buf_size, which
specifies the ring buffer size for ftrace, and trace_event, which specifies
a valid trace event, are not removed, but the kdump kernel does not require
ftrace.

trace_buf_size is ignored if the specified size is 0, so specify 1.

Signed-off-by: Hisashi Nagaoka <fj1508ic@fujitsu.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-02-05 16:06:14 +08:00
Pingfan Liu
18131894b6 kdump-lib.sh: introduce functions to return recommened mem size
There is requirement to decide the recommended memory size for the current
system. And the algorithm is based on /proc/iomem, so it can align with the
algorithm used by reserve_crashkernel() in kernel.

Signed-off-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-02-05 16:06:14 +08:00
Fedora Release Engineering
7a0d2aaed5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 15:28:37 +00:00
Kairui Song
33108ef524 Release 2.0.21-4
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-01-22 15:54:11 +08:00
Pingfan Liu
24bbe9c05e dracut-module-setup.sh: enable ForwardToConsole=yes in fadump mode
In fadump mode, it is also useful to observe kdump message through
console. Hence enable it.

Signed-off-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-01-22 14:16:17 +08:00
Lianbo Jiang
9462a7d554 kdump.conf: add ipv6 example for nfs and ssh dump
At present, there is no ipv6 example for nfs and ssh dump, let's
add an example to the kdump.conf.

Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-01-21 15:36:27 +08:00
Lianbo Jiang
a571b0da9f fix kdump failure of saving vmcore with the scp + ipv6 method
Currently, kdump will fail to save vmcore when using the scp and ipv6.
The reason is that the scp requires IPv6 addresses to be enclosed in
square brackets, but ssh doesn’t require this.

Let's enclose the ipv6 address in square brackets for scp dump.

Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-01-21 15:03:20 +08:00
Kairui Song
550f1c4285 Release 2.0.21-3
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-01-20 14:38:54 +08:00
Kairui Song
88f787e1f5 module-setup.sh: don't polute the namespace unnecessarily
Only source kdump libs when building a kdump initramfs.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Lianbo Jiang <lijiang@redhat.com>
2021-01-20 14:14:08 +08:00
Kairui Song
d49a5015d8 module-setup.sh: don't source $dracutfunctions
There is no need to source the file manually, dracut will always
prepare the dracut lib before calling a module-setup.sh

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Lianbo Jiang <lijiang@redhat.com>
2021-01-20 14:14:03 +08:00
Kairui Song
02202aa70f logger: source the logger file individually
Sourcing logger file in kdump-lib.sh will leak kdump helper to dracut,
because module-setup.sh will source kdump-lib.sh. This will make kdump's
function override dracut's ones, and lead to unexpected behaviours.

So include kdump-logger.sh individually and only source it where it really
needed. for module-setup.sh, simply use dracut's logger helper is good
enough so just source kdump-logger.sh in kdump only scripts.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Lianbo Jiang <lijiang@redhat.com>
2021-01-20 14:13:44 +08:00
Kairui Song
e8ef4db8ff Fix dump_fs mount point detection and fallback mount
Simplify the code and fix mount point detection. The code logic is now
much simpler: if $1 is not a mount point, call "mount --target $1" again
to try mount it. "mount --target" cmd itself can handle all the /etc/fstab
parsing job, so drop the buggy and complex bash code.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-01-14 01:39:02 +08:00
Kairui Song
7f1f8f229f Revert "Don's try to restart dracut-initqueue if it's already failed"
systemctl is-failed will not work after dracut isolated to the emergency
target, so this judgement is invalid. And the restart is basically
harmless, so just revert this commit.

This reverts commit ad6a93b00d.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-01-14 01:38:58 +08:00
Kairui Song
0843c70672 Revert "Append both nofail and x-systemd.before to kdump mount target"
That commit is trying to workaround a kernel VFS bug. Now,
the VFS issue should have been fixed in all recent releases, so
remove this workaround.

This reverts commit 539bff4083.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-01-14 01:38:48 +08:00
Lianbo Jiang
50b3b4cb93 Doc: Improve the kdump sysconfig document
Currently, the kdump sysconfig document is missed, let's add it to
the kexec-kdump-howto.txt as a document in order to help users better
understand these options in the /etc/sysconfig/kdump.

Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-01-12 16:46:44 +08:00
Kairui Song
85c3d6643d kdump.conf: Update doc about core_collector for ssh target
The current inline comment is a bit misleading, ssh dump target don't
need to use scp as core_collector, and when using scp as core_collector,
the vmcore could be huge.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-01-12 16:12:32 +08:00
Kairui Song
24c6b3027f Merge #4 Make dracut-squash a weak dep 2021-01-10 19:18:23 +00:00
Kairui Song
fc70351852 Fix a date error in the change log 2021-01-08 11:15:24 +08:00
Kairui Song
ae142da0a6 Release 2.0.20-2
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-01-08 11:08:05 +08:00
Kairui Song
0e540f7328 makedumpfile: make use of 'uts_namespace.name' offset in VMCOREINFO
Backports:

commit 54aec3878b3f91341e6bc735eda158cca5c54ec9
Author: Alexander Egorenkov <egorenar@linux.ibm.com>
Date:   Fri Sep 18 13:55:56 2020 +0200

    [PATCH] make use of 'uts_namespace.name' offset in VMCOREINFO

    * Required for kernel 5.11

    The offset of the field 'init_uts_ns.name' has changed since
    kernel commit 9a56493f6942 ("uts: Use generic ns_common::count").
    Make use of the offset 'uts_namespace.name' if available in
    VMCOREINFO.

    Signed-off-by: Alexander Egorenkov <egorenar@linux.ibm.com>

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-01-08 11:05:05 +08:00
Pingfan Liu
0bd0c5b9f1 kdumpctl: fix a variable expansion in check_fence_kdump_config()
Both $ipaddrs and $node can hold multiple strings, so use "" to brace them.

Signed-off-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-01-06 13:28:46 +08:00
Tom Stellard
872d6b36de Add BuildRequires: make
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
2021-01-05 22:46:03 +00:00
Lianbo Jiang
cd86148804 Save the final failure information to log file if saving vmcore failed
Currently, if saving vmcore failed, the final failure information won't
be saved to the kexec-dmesg.log, because the action of saving the log
occurs before the final log is printed, it has no chance to save the
log(marked it with the '^^^' below) to the log file(kexec-dmesg.log).
For example:

[1] console log:
[    3.589967] kdump[453]: saving vmcore-dmesg.txt to /sysroot//var/crash/127.0.0.1-2020-11-26-14:19:17/
[    3.627261] kdump[458]: saving vmcore-dmesg.txt complete
[    3.633923] kdump[460]: saving vmcore
[    3.661020] kdump[465]: saving vmcore failed
                           ^^^^^^^^^^^^^^^^^^^^
[2] kexec-dmesg.log:
Nov 26 14:19:17 kvm-06-guest25.hv2.lab.eng.bos.redhat.com kdump[453]: saving vmcore-dmesg.txt to /sysroot//var/crash/127.0.0.1-2020-11-26-14:19:17/
Nov 26 14:19:17 kvm-06-guest25.hv2.lab.eng.bos.redhat.com kdump[458]: saving vmcore-dmesg.txt complete
Nov 26 14:19:17 kvm-06-guest25.hv2.lab.eng.bos.redhat.com kdump[460]: saving vmcore

Let's improve it in order to avoid the loss of important information.

Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2020-12-29 17:40:26 +08:00
Kairui Song
7cb4be80cd Release 2.0.20-1
Signed-off-by: Kairui Song <kasong@redhat.com>
2020-12-23 17:41:43 +08:00