Commit Graph

1346 Commits

Author SHA1 Message Date
Kairui Song
a2306346bc Remove the kdump error handler isolation wrapper
The wrapper is introduced in commit 002337c, according to the commit
message, the only usage of the wrapper is when dracut-initqueue calls
"systemctl start emergency" directly. In that case, emergency
is started, but not in a isolation mode, which means dracut-initqueue
is still running. On the other hand, emergency will call
"systemctl start dracut-initqueue" again when default action is dump_to_rootfs.

systemd would block on the last dracut-initqueue, waiting for the first
instance to exit, which leaves us hang.

In previous commit we added initqueue status detect in dump_to_rootfs,
so now even without the wrapper, it will not hang.

And actually, previously, with the wrapper, emergency might still hang
for like 30s. When dracut called emergency service because initqueue
timed out, dump_to_rootfs will try start initqueue again and timeout
again. Now with the wrapper removed, we can avoid these two kinds of
hangs, bacause without the isolation we can detect initqueue service
status correctly in such case.

Also remove the invalid header comments in service file, the service
is not part of systemd code. And sync the service spec with dracut.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Coiby Xu <coxu@redhat.com>
2021-06-04 14:26:45 +08:00
Kairui Song
108258139a Don's try to restart dracut-initqueue if it's already there
kdump's dump_to_rootfs will try to start initqueue unconditionally.
dump_to_rootfs will run after systemd isolate to emergency
target, so this is currently accetable.

But there is a problem when initqueue starts the emergency action
because of initqueue timeout. dump_to_rootfs will start initqueue and
lead to timeout again.

So following patch will remove the previous isolation wrapper, and
detect the service status here. Previous isolation makes the detection
impossible. Now this detection will be valid and helpful to prevent
double timeout or hang.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Coiby Xu <coxu@redhat.com>
2021-06-04 14:25:37 +08:00
Hari Bathini
39a642b66b kdump-lib.sh: fix a warning in prepare_kdump_bootinfo()
Fix the warning observed when KDUMP_KERNELVER is specified:

  kdumpctl[10926]: /lib/kdump/kdump-lib.sh: line 697: [: missing `]'

Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-06-04 02:53:10 +08:00
Pingfan Liu
45377836b0 kdump-lib.sh: fix the case if no enough total RAM for kdump in get_recommend_size()
For crashkernel=auto policy, if total RAM size is under a throttle,
there is no memory reserved for kdump.

Also correct a trivial bug by correcting the arch name.

Signed-off-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-25 10:07:55 +08:00
Kairui Song
e9e6a2c745 kdumpctl: Add kdumpctl estimate
Add a rough esitimation support, currently, following memory usage are
checked by this sub command:

- System RAM
- Kdump Initramfs size
- Kdump Kernel image size
- Kdump Kernel module size
- Kdump userspace user and other runtime allocated memory (currently
  simply using a fixed value: 64M)
- LUKS encryption memory usage

The output of kdumpctl estimate looks like this:
  # kdumpctl estimate
  Reserved crashkernel:    256M
  Recommanded crashkernel: 160M

  Kernel image size:   47M
  Kernel modules size: 12M
  Initramfs size:      19M
  Runtime reservation: 64M
  Large modules:
      xfs: 1892352
      nouveau: 2318336

And if the kdump target is encrypted:
  # kdumpctl estimate
  Encrypted kdump target requires extra memory, assuming using the keyslot with minimun memory requirement

  Reserved crashkernel:    256M
  Recommanded crashkernel: 655M

  Kernel image size:   47M
  Kernel modules size: 12M
  Initramfs size:      19M
  Runtime reservation: 64M
  LUKS required size:  512M
  Large modules:
      xfs: 1892352
      nouveau: 2318336
  WARNING: Current crashkernel size is lower than recommanded size 655M.

The "Recommanded" value is calculated based on memory usages mentioned
above, and will be adjusted accodingly to be no less than the value provided
by kdump_get_arch_recommend_size.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-05-19 15:27:43 +08:00
Kairui Song
85c725813b mkdumprd: make use of the new get_luks_crypt_dev helper
Simplfy the code and also improve the performance. udevadm call is
heavy.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-05-19 15:27:37 +08:00
Kairui Song
1c70cf51c7 kdump-lib.sh: introduce a helper to get all crypt dev used by kdump
Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-05-19 15:27:19 +08:00
Kairui Song
3423bbc17f kdump-lib.sh: introduce a helper to get underlying crypt device
Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-05-19 15:26:58 +08:00
Kairui Song
13796ca93a Release 2.0.22-2
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:14:38 +08:00
Tao Liu
d5fe96cd7a Disable CMA in kdump 2nd kernel
kexec-tools needs to disable CMA for kdump kernel cmdline,
otherwise kdump kernel may run out of memory.

This patch strips the inherited cma=, hugetlb_cma= cmd
line from 1st kernel, and sets to be 0 for 2nd kernel.

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:39 +08:00
Coiby Xu
8178d7a5a1 Warn the user if network scripts are used
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:31 +08:00
Coiby Xu
d5f6d38173 Set up bond cmdline by "nmcli --get-values"
Now kdumpctl will exit if failing to set up bond cmdline.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:28 +08:00
Coiby Xu
6f1badec78 Set up dns cmdline by parsing "nmcli --get-values"
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:25 +08:00
Coiby Xu
8b08b4f17b Set up s390 znet cmdline by "nmcli --get-values"
Now kdumpctl will abort when failing to set up znet.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:15 +08:00
Coiby Xu
0c292f49c7 Add helper to get nmcli connection show cmd by ifname
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:08 +08:00
Coiby Xu
c69578ca43 Add helper to get nmcli connection apath by ifname
apath (a D-Bus active connection path) is used for nmcli connection operations, e.g.
  $ nmcli connection show $apath

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:13:01 +08:00
Coiby Xu
10c309b5f7 Add helper to get value by field using "nmcli --get-values"
nmcli --get-values <field> connection show /org/freedesktop/NetworkManager/ActiveConnection/1
returns the following value for the corresponding field respectively,
  Field                                  Value
  IP4.DNS                                "10.19.42.41 | 10.11.5.19 | 10.5.30.160"
  802-3-ethernet.s390-subchannels        ""
  bond.options                           "mode=balance-rr"

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-13 17:11:38 +08:00
Kairui Song
c05d8a16a0 Update makedumpfile to 1.6.9
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-05-13 16:45:36 +08:00
Kairui Song
dece041609 Release 2.0.22-1
Update kexec-tools to 2.0.22

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-05-11 02:12:50 +08:00
Coiby Xu
8a33ffffbc rd.route should use the name from kdump_setup_ifname
This fixes bz1854037 which happens because kexec-tools generates rd.route for
eth0 instead of for kdump-eth0,
 1. "rd.route=168.63.129.16:10.0.0.1:eth0 rd.route=169.254.169.254:10.0.0.1:eth0" is passed to the dracut cmdline by kexec-tools
 2. In the 2rd kernel, dracut/modules.d/35network-manager/nm-config.sh calls
    /usr/libexec/nm-initrd-generator to generate two .nmconnection files
    based on the dracut cmdline, i.e. kdump-eth0.nmconnection and eth0.nmconnection,
    - /run/NetworkManager/system-connections/kdump-eth0.nmconnection
        [connection]
        id=kdump-eth0
        uuid=3ef53b1b-3908-437e-a15f-cf1f3ea2678b
        type=ethernet
        autoconnect-retries=1
        interface-name=kdump-eth0
        multi-connect=1
        permissions=
        wait-device-timeout=60000
        [ethernet]
        mac-address-blacklist=
        [ipv4]
        address1=10.0.0.4/24,10.0.0.1
        dhcp-timeout=90
        dns=168.63.129.16;
        dns-search=
        may-fail=false
        method=manual
        [ipv6]
        addr-gen-mode=eui64
        dhcp-timeout=90
        dns-search=
        method=disabled
        [proxy]

    - /run/NetworkManager/system-connections/eth0.nmconnection
        [connection]
        id=eth0
        uuid=f224dc22-2891-4d7b-8f66-745029df4b53
        type=ethernet
        autoconnect-retries=1
        interface-name=eth0
        multi-connect=1
        permissions=
        [ethernet]
        mac-address-blacklist=
        [ipv4]
        dhcp-timeout=90
        dns=168.63.129.16;
        dns-search=
        method=auto
        route1=168.63.129.16/32,10.0.0.1
        route2=169.254.169.254/32,10.0.0.1
        [ipv6]
        addr-gen-mode=eui64
        dhcp-timeout=90
        dns-search=
        method=auto
        [proxy]

 3. Since there's eth0.nmconnection, NetworkManager will try to get an IP for eth0 regardless of the fact it's a slave NIC and time out
    ```
    $ ip link show
    2: kdump-eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
       link/ether 00:0d:3a:11:86:8b brd ff:ff:ff:ff:ff:ff
    3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master kdump-eth0 state UP mode DEFAULT group default qlen 1000
    ```

Reported-by: Huijing Hei <hhei@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-11 02:11:50 +08:00
Coiby Xu
97ee5dc64c get kdump ifname once in kdump_install_net
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-11 02:11:50 +08:00
Tao Liu
ca05b754af Fix incorrect file permissions of vmcore-dmesg-incomplete.txt
vmcore-dmesg-incomplete.txt is generated by shell redirection,
which taking the default umask value. When dmesg collector exits
with non-zero, the file will exist and anyone can have access to
it.

This patch fixed the issue by chmod the file, making it accessible
only to its owner.

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-05-11 02:11:50 +08:00
Kairui Song
ee160bf04d Revert "Always set vm.zone_reclaim_mode = 3 in kdump kernel"
This reverts commit 5633e83318.

vm.zone_reclaim_mode may cause trashing on some machines. And after
second thought, vm.zone_reclaim_mode is barely helpful for machines
with high mem stress, so just revert it.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-04-28 18:05:23 +08:00
Kairui Song
6137956f79 kdumpctl: fix check_config error when kdump.conf is empty
Kdump scirpt already have default values for core_collector, path in
many other place. Empty kdump.conf still works. Fix this corner case and
fix the error message.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-04-28 18:05:12 +08:00
Kairui Song
d0a301aa3a Release 2.0.21-9
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-04-28 16:51:52 +08:00
Tao Liu
475e33030b Make dracut-squash required for kexec-tools
This patch reverts commit "Make dracut-squash a weak dep".

Although kexec-tools can work without dracut-squash, it is essential
for kdump to run properly in cases [1][2] where minimal amount of memory
consumption is expected. Thus dracut-squash is needed for it.

[1] https://lists.fedoraproject.org/archives/list/kexec@lists.fedoraproject.org/message/SJX7CW3WLOYSFI2YJKGTUGDBWSCMZXVZ/
[2] https://www.spinics.net/lists/systemd-devel/msg05864.html

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-28 16:13:39 +08:00
Tao Liu
0db060c4e2 Show write byte size in report messages
Backport from upstream:

commit 0ef2ca6c9fa2f61f217a4bf5d7fd70f24e12b2eb
Author: Kazuhito Hagio <k-hagio-ab@nec.com>
Date:   Thu Feb 4 16:29:06 2021 +0900

    [PATCH] Show write byte size in report messages

    Show write byte size in report messages.  This value can be different
    from the size of the actual file because of some holes on dumpfile
    data structure.

      $ makedumpfile --show-stats -l -d 1 vmcore dump.ld1
      ...
      Total pages     : 0x0000000000080000
      Write bytes     : 377686445
      ...
      # ls -l dump.ld1
      -rw------- 1 root root 377691573 Feb  4 16:28 dump.ld1

    Note that this value should not be used with /proc/kcore to determine
    how much disk space is needed for crash dump, because the real memory
    usage when a crash occurs can vary widely.

    Signed-off-by: Kazuhito Hagio <k-hagio-ab@nec.com>

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-28 16:13:23 +08:00
Tao Liu
8973bd7ed0 Add shorthand --show-stats option to show report stats
Backport from upstream:

commit 6f3e75a558ed50d6ff0b42e3f61c099b2005b7bb
Author: Julien Thierry <jthierry@redhat.com>
Date:   Tue Nov 24 10:45:25 2020 +0000

    [PATCH 2/2] Add shorthand --show-stats option to show report stats

    Provide shorthand --show-stats option to enable report messages
    without needing to set a particular value for message-level.

    Signed-off-by: Julien Thierry <jthierry@redhat.com>
    Signed-off-by: Kazuhito Hagio <k-hagio-ab@nec.com>

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-28 15:45:25 +08:00
Tao Liu
e1ab0275c0 Add --dry-run option to prevent writing the dumpfile
Backport from upstream.

commit 3422e1d6bc3511c5af9cb05ba74ad97dd93ffd7f
Author: Julien Thierry <jthierry@redhat.com>
Date:   Tue Nov 24 10:45:24 2020 +0000

    [PATCH 1/2] Add --dry-run option to prevent writing the dumpfile

    Add a --dry-run option to run all operations without writing the
    dump to the output file.

    Signed-off-by: Julien Thierry <jthierry@redhat.com>
    Signed-off-by: Kazuhito Hagio <k-hagio-ab@nec.com>

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-28 15:45:08 +08:00
Hari Bathini
d0e9c51e0d fadump: fix dump capture failure to root disk
If the dump target is the root disk, kdump scripts add an entry in
/etc/fstab for root disk with /sysroot as the mount point. The root
disk, passed through root=<> kernel commandline parameter, is mounted
at /sysroot in read-only mode before switching from initial ramdisk.
So, in fadump mode, a remount of /sysroot to read-write mode is needed
to capture dump successfully, because /sysroot is already mounted as
read-only based on root=<> boot parameter.

Commit e8ef4db8ff ("Fix dump_fs mount point detection and fallback
mount") removed initialization of $_op variable, the variable holding
the options the dump target was mounted with, leading to the below
error as remount was skipped:

  kdump[586]: saving to /sysroot/var/crash/127.0.0.1-2021-04-22-07:22:08/
  kdump.sh[587]: mkdir: cannot create directory '/sysroot/var/crash/127.0.0.1-2021-04-22-07:22:08/': Read-only file system
  kdump[589]: saving vmcore failed

Restore $_op variable initialization in dump_fs() function to fix this.

Fixes: e8ef4db8ff ("Fix dump_fs mount point detection and fallback mount")
Signed-off-by: Hari Bathini <hbathini@linux.ibm.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-28 15:41:33 +08:00
Kairui Song
8d0ef743e0 Revert "get kdump ifname once in kdump_install_net"
This reverts commit afda4f4961.
2021-04-28 15:18:53 +08:00
Kairui Song
b0156e9b64 Revert "pass kdumpnic to kdump_setup_/bond/bridge/vlan directly"
This reverts commit 586d767697.
2021-04-28 15:18:53 +08:00
Kairui Song
4753ab2c70 Revert "rd.route should use the name from kdump_setup_ifname"
This reverts commit 18ffd3cb17.
2021-04-28 15:18:53 +08:00
Coiby Xu
18ffd3cb17 rd.route should use the name from kdump_setup_ifname
This fix bz1854037 which happens because kexec-tools generates rd.route for
eth0 instead of for kdump-eth0,
 1. "rd.route=168.63.129.16:10.0.0.1:eth0 rd.route=169.254.169.254:10.0.0.1:eth0" is passed to the dracut cmdline by kexec-tools
 2. In the 2rd kernel,
    - dracut/modules.d/40network/net-lib.sh will write /tmp/net.route.eth0 based on rd.route
    - dracut/modules.d/45ifcfg/write-ifcfg.sh will copy /tmp/net.route.eth0 to /tmp/icfg and then copytree /tmp/ifcfg to /run/initramfs/state/etc/sysconfig/network-scripts
 3. NetworkManager will try to get an IP for eth0 regardless of the fact it's a slave NIC and time out
    ```
    $ ip link show
    2: kdump-eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
       link/ether 00:0d:3a:11:86:8b brd ff:ff:ff:ff:ff:ff
    3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master kdump-eth0 state UP mode DEFAULT group default qlen 1000
    ```

Reported-by: Huijing Hei <hhei@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com
2021-04-25 16:56:32 +08:00
Coiby Xu
586d767697 pass kdumpnic to kdump_setup_/bond/bridge/vlan directly
This avoids calling kdump_setup_ifname repeatedly.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com
2021-04-25 16:52:29 +08:00
Coiby Xu
afda4f4961 get kdump ifname once in kdump_install_net
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com
2021-04-25 16:52:21 +08:00
Kelvin Fan
75bdcb7399 Write to /var/lib/kdump if $KDUMP_BOOTDIR not writable
The `/boot` directory on some operating systems might be read-only.
If we cannot write to `$KDUMP_BOOTDIR` when generating the kdump
initrd, attempt to place the generated initrd at `/var/lib/kdump`
instead.

Signed-off by: Kelvin Fan <kelvinfan001@gmail.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-19 16:11:17 +08:00
Coiby Xu
eca7711706 Drop dependency on ipcalc
A shell equivalent of "ipcalc -m" has been implemented.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-16 18:51:52 +08:00
Coiby Xu
1ca1b71780 Implement IP netmask calculation to replace "ipcalc -m"
Recently, dracut-network drops depedency on dhcp-client which requires
ipcalc. Thus the dependency chain
"kexec-tools -> dracut-network -> dhcp-client -> ipcalc"
is broken. When NIC is configured to a static IP, kexec-tools depended
on "ipcalc -m" to get netmask. This commit implements the shell
equivalent of "ipcalc -m".

The following test code shows cal_netmask_by_prefix is consistent with
"ipcalc -m",

    #!/bin/bash
    . dracut-module-setup.sh

    for i in {0..128}; do
        mask_expected=$(ipcalc -m fe::/$i| cut -d"=" -f2)
        mask_actual=$(cal_netmask_by_prefix $i "-6")
        if [[ "$mask_expected" != "$mask_actual" ]]; then
            echo "prefix="$i, "expected="$mask_expected, "acutal="$mask_actual
            exit
        fi
    done

    echo "IPv6 tests passed"

    for i in {0..32}; do
        mask_expected=$(ipcalc -m 8.8.8.8/$i| cut -d"=" -f2)
        mask_actual=$(cal_netmask_by_prefix $i "")
        if [[ "$mask_expected" != "$mask_actual" ]]; then
            echo "prefix="$i, "expected="$mask_expected, "acutal="$mask_actual
            exit
        fi
    done

    echo "IPv4 tests passed"

    i=-2
    res=$(cal_netmask_by_prefix "$i" "")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix<0"
        exit
    fi

    res=$(cal_netmask_by_prefix "$i" "")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix<0"
        exit
    fi

    i=33
    $(cal_netmask_by_prefix $i "")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix>32 for IPv4"
        exit
    fi

    i=129
    $(cal_netmask_by_prefix $i "-6")
    if [[ $? -ne 1 ]]; then
        echo "cal_netmask_by_prefix should exit when prefix>128 for IPv4"
        exit
    fi

    echo "Bad prefixes tests passed"

    echo "All tests passed"

Reported-by: Jie Li <jieli@redhat.com>
Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-16 18:51:34 +08:00
Coiby Xu
8b4b7bf808 Don't use die in dracut-module-setup.sh
die (in dracut-lib.sh) is supposed to be used in the initramfs environment.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-04-16 18:02:32 +08:00
Kairui Song
c6021648f1 Don't iterate the whole /sys/devices just to find drm device
On some large systems, /sys/devices is huge and it's not a wise idea to
iterate it. `find` may cause tremendous contention on the kernfs_mutex
when there are already stress on /sys, and it will perform very very
poorly.

Simply check if drm class presents should be good enough.

Signed-off-by: Kairui Song <kasong@redhat.com>
Acked-by: Pingfan Liu <piliu@redhat.com>
2021-04-16 17:47:27 +08:00
Kairui Song
ad655087c9 Release 2.0.21-8
Signed-off-by: Kairui Song <kasong@redhat.com>
2021-04-05 02:33:21 +08:00
Kairui Song
91f1d5989b Update eppic to latest upstream snapshot
Also fixes a package build failure:
ar ccurl libeppic.a eppic_util.o eppic_node.o eppic_var.o eppic_func.o eppic_str.o eppic_op.o eppic_num.o eppic_stat.o eppic_builtin.o eppic_type.o eppic_case.o eppic_api.o eppic_member.o eppic_alloc.o eppic_define.o eppic_input.o eppic_print.o eppicpp.tab.o eppic.tab.o lex.eppic.o lex.eppicpp.o baseops.o
ar: eppic_util.o: file format not recognized

See eppic commit 0037321e64952b4feb3bd37761fb1067266e9e72 for more
details.

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-04-05 02:08:02 +08:00
Coiby Xu
8619f58538 selftest: replace qemu-kvm with one based on dracut's run-qemu
Dracut's run-qemu could find  which virtualization technology to the
user in the order of kvm, kqemu, userspace. Using run-qemu could allow
running tests where qemu-kvm doesn't exist.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:51:02 +08:00
Coiby Xu
bbc064f958 selftest: add EXTRA_RPMs so dracut RPMs can be installed onto the image to run the tests
dracut will build the PRMs which will be installed onto the image to run
the tests.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:50:57 +08:00
Coiby Xu
0dedb2c91a selftest: Fix bug of collecting test RPMs from argument
Currently, TEST_RPMS would be only using the last RPM.
Append each RPM path to TEST_RPMs instead,

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:50:41 +08:00
Coiby Xu
e5a745ce77 mkdumprd: prompt the user to install nfs-utils when mounting NFS fs failed
When nfs-utils is not installed, mounting as NFS fs would fail.
Currently, the error message is not user-friendly,
    mount: /tmp/mkdumprd.HyPGpS/target: bad option; for several filesystems (e.g. nfs, cifs) you might need a /sbin/mount.<type> helper program.
    kdump: Failed to mount on xxx for kdump preflight check.
    kdump: mkdumprd: failed to make kdump initrd

Prompt the user to install nfs-utilsa in the error message,
    kdump: Failed to mount on xxx for kdump preflight check. Please make sure nfs-utils has been installed.

Signed-off-by: Coiby Xu <coxu@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-24 15:34:37 +08:00
Tao Liu
91c802ff52 Fix incorrect permissions on kdump dmesg file
Also known as CVE-2021-20269. The kdump dmesg log files(kexec-dmesg.log,
vmcore-dmesg.txt) are generated by shell redirection, which take the
default umask value, making the files readable for group and others.

This patch chmod these files, making them only accessible to owner.

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-23 16:39:18 +08:00
Tao Liu
00785873ef Fix incorrect vmcore permissions when dumped through ssh
Previously when dumping vmcore to a remote machine through ssh,
the files are created remotely and file permissions are taken
from the default umask value, which making the files accessible to
anyone on the remote machine.

This patch fixed the security issue by setting a customized umask value
before the file creation on the remote machine.

Signed-off-by: Tao Liu <ltao@redhat.com>
Acked-by: Kairui Song <kasong@redhat.com>
2021-03-23 16:10:43 +08:00
Sourabh Jain
6a2e820d87 Stop reloading kdump service on CPU hotplug event for FADump
As FADump does not require an explicit elfcorehdr update whenever there is CPU
hotplug event so let's stop kdump service reload for FADump when CPU hotplug
event is triggered.

A new label is added to handle CPU and memory hotplug events separately. The
updated CPU hotplug event handler make sure that kdump service should not be
reloaded when FADump is configured.

Signed-off-by: Sourabh Jain <sourabhjain@linux.ibm.com>
Reviewed-by: Pingfan Liu <piliu@redhat.com>
Acked-by: Baoquan He <bhe@redhat.com>
2021-03-10 16:24:42 +08:00