Commit Graph

18 Commits

Author SHA1 Message Date
Coiby Xu
f0ecf8fef1 Iterate /sys/bus/ccwgroup/devices to tell if we should set up rd.znet
Resolves: bz1941905
Upstream: Fedora
Conflict: None

commit 7d47251568
Author: Coiby Xu <coxu@redhat.com>
Date:   Mon Jun 7 07:26:03 2021 +0800

    Iterate /sys/bus/ccwgroup/devices to tell if we should set up rd.znet

    This patch fixes bz1941106 and bz1941905 which passed empty rd.znet to the
    kernel command line in the following cases,
     - The IBM (Z15) KVM guest uses virtio for all devices including network
       device, so there is no znet device for IBM KVM guest. So we can't
       assume a s390x machine always has a znet device.
     - When a bridged network is used, kexec-tools tries to obtain the znet
       configuration from the ifcfg script of the bridged network rather than
       from the ifcfg script of znet device.

    We can iterate /sys/bus/ccwgroup/devices to tell if there if there is
    a znet network device. By getting an ifname from znet, we can also avoid
    mistaking the slave netdev as a znet network device in a bridged network
    or bonded network.

    Note: This patch also assumes there is only one znet device as commit
    7148c0a30d ("add s390x netdev setup")
    which greatly simplifies the code. According to IBM [1], there could be
    more than znet devices for a z/VM system and a z/VM system may have a
    non-znet network device like ConnectX. Since kdump_setup_znet was
    introduced in 2012 and so far there is no known customer complaint that
    invalidates this assumption I think it's safe to assume an IBM z/VM
    system only has one znet device. Besides, there is no z/VM system found
    on beaker to test the alternative scenarios.

    [1] https://bugzilla.redhat.com/show_bug.cgi?id=1941905#c13

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-06-08 13:27:04 +08:00
Kairui Song
06aa5b897f Remove the kdump error handler isolation wrapper
Resolves: bz1901024
Upstream: Fedora
Conflict: None

commit a2306346bc
Author: Kairui Song <kasong@redhat.com>
Date:   Mon Apr 26 17:09:56 2021 +0800

    Remove the kdump error handler isolation wrapper

    The wrapper is introduced in commit 002337c, according to the commit
    message, the only usage of the wrapper is when dracut-initqueue calls
    "systemctl start emergency" directly. In that case, emergency
    is started, but not in a isolation mode, which means dracut-initqueue
    is still running. On the other hand, emergency will call
    "systemctl start dracut-initqueue" again when default action is dump_to_rootfs.

    systemd would block on the last dracut-initqueue, waiting for the first
    instance to exit, which leaves us hang.

    In previous commit we added initqueue status detect in dump_to_rootfs,
    so now even without the wrapper, it will not hang.

    And actually, previously, with the wrapper, emergency might still hang
    for like 30s. When dracut called emergency service because initqueue
    timed out, dump_to_rootfs will try start initqueue again and timeout
    again. Now with the wrapper removed, we can avoid these two kinds of
    hangs, bacause without the isolation we can detect initqueue service
    status correctly in such case.

    Also remove the invalid header comments in service file, the service
    is not part of systemd code. And sync the service spec with dracut.

    Signed-off-by: Kairui Song <kasong@redhat.com>
    Acked-by: Coiby Xu <coxu@redhat.com>

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-06-04 14:29:28 +08:00
Kairui Song
de11ebc0b7 Revert "Always set vm.zone_reclaim_mode = 3 in kdump kernel"
Resolves: bz1896247
Upstream: fedora
Conflict: none

commit ee160bf04d
Author: Kairui Song <kasong@redhat.com>
Date:   Mon Apr 19 23:00:10 2021 +0800

    Revert "Always set vm.zone_reclaim_mode = 3 in kdump kernel"

    This reverts commit 5633e83318.

    vm.zone_reclaim_mode may cause trashing on some machines. And after
    second thought, vm.zone_reclaim_mode is barely helpful for machines
    with high mem stress, so just revert it.

    Signed-off-by: Kairui Song <kasong@redhat.com>
    Acked-by: Pingfan Liu <piliu@redhat.com>

Signed-off-by: Kairui Song <kasong@redhat.com>
2021-05-18 17:19:10 +08:00
Tao Liu
325662490f Make dracut-squash required for kexec-tools
Resolves: bz1947928
Upstream: fedora
Conflict: none

commit 475e33030b
Author: Tao Liu <ltao@redhat.com>
Date:   Sun Apr 25 17:05:42 2021 +0800

    Make dracut-squash required for kexec-tools

    This patch reverts commit "Make dracut-squash a weak dep".

    Although kexec-tools can work without dracut-squash, it is essential
    for kdump to run properly in cases [1][2] where minimal amount of memory
    consumption is expected. Thus dracut-squash is needed for it.

    [1] https://lists.fedoraproject.org/archives/list/kexec@lists.fedoraproject.org/message/SJX7CW3WLOYSFI2YJKGTUGDBWSCMZXVZ/
    [2] https://www.spinics.net/lists/systemd-devel/msg05864.html

    Signed-off-by: Tao Liu <ltao@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Tao Liu <ltao@redhat.com>
2021-05-14 14:27:03 +08:00
Coiby Xu
b5c91536c1 Warn the user if network scripts are used
Resolves: bz1919052
Upstream: Fedora
Conflict: None

commit 8178d7a5a1
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu Apr 1 15:32:14 2021 +0800

    Warn the user if network scripts are used

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-14 06:14:14 +00:00
Coiby Xu
c23189119b Set up bond cmdline by "nmcli --get-values"
Resolves: bz1919052
Upstream: Fedora
Conflict: None

commit d5f6d38173
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu Apr 1 15:32:13 2021 +0800

    Set up bond cmdline by "nmcli --get-values"

    Now kdumpctl will exit if failing to set up bond cmdline.

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-14 06:14:14 +00:00
Coiby Xu
f0694987e8 Set up dns cmdline by parsing "nmcli --get-values"
Resolves: bz1919052
Upstream: Fedora
Conflict: None

commit 6f1badec78
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu Apr 1 15:32:12 2021 +0800

    Set up dns cmdline by parsing "nmcli --get-values"

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-14 06:14:14 +00:00
Coiby Xu
d408ec02f0 Set up s390 znet cmdline by "nmcli --get-values"
Resolves: bz1919052
Upstream: Fedora
Conflict: None

commit 8b08b4f17b
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu Apr 1 15:32:11 2021 +0800

    Set up s390 znet cmdline by "nmcli --get-values"

    Now kdumpctl will abort when failing to set up znet.

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-14 06:14:14 +00:00
Coiby Xu
69c605f392 rd.route should use the name from kdump_setup_ifname
Resolves: bz1950932
Upstream: Fedora
Conflict: None

commit 8a33ffffbc
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu May 6 09:20:27 2021 +0800

    rd.route should use the name from kdump_setup_ifname

    This fixes bz1854037 which happens because kexec-tools generates rd.route for
    eth0 instead of for kdump-eth0,
     1. "rd.route=168.63.129.16:10.0.0.1:eth0 rd.route=169.254.169.254:10.0.0.1:eth0" is passed to the dracut cmdline by kexec-tools
     2. In the 2rd kernel, dracut/modules.d/35network-manager/nm-config.sh calls
        /usr/libexec/nm-initrd-generator to generate two .nmconnection files
        based on the dracut cmdline, i.e. kdump-eth0.nmconnection and eth0.nmconnection,
        - /run/NetworkManager/system-connections/kdump-eth0.nmconnection
            [connection]
            id=kdump-eth0
            uuid=3ef53b1b-3908-437e-a15f-cf1f3ea2678b
            type=ethernet
            autoconnect-retries=1
            interface-name=kdump-eth0
            multi-connect=1
            permissions=
            wait-device-timeout=60000
            [ethernet]
            mac-address-blacklist=
            [ipv4]
            address1=10.0.0.4/24,10.0.0.1
            dhcp-timeout=90
            dns=168.63.129.16;
            dns-search=
            may-fail=false
            method=manual
            [ipv6]
            addr-gen-mode=eui64
            dhcp-timeout=90
            dns-search=
            method=disabled
            [proxy]

        - /run/NetworkManager/system-connections/eth0.nmconnection
            [connection]
            id=eth0
            uuid=f224dc22-2891-4d7b-8f66-745029df4b53
            type=ethernet
            autoconnect-retries=1
            interface-name=eth0
            multi-connect=1
            permissions=
            [ethernet]
            mac-address-blacklist=
            [ipv4]
            dhcp-timeout=90
            dns=168.63.129.16;
            dns-search=
            method=auto
            route1=168.63.129.16/32,10.0.0.1
            route2=169.254.169.254/32,10.0.0.1
            [ipv6]
            addr-gen-mode=eui64
            dhcp-timeout=90
            dns-search=
            method=auto
            [proxy]

     3. Since there's eth0.nmconnection, NetworkManager will try to get an IP for eth0 regardless of the fact it's a slave NIC and time out
        ```
        $ ip link show
        2: kdump-eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
           link/ether 00:0d:3a:11:86:8b brd ff:ff:ff:ff:ff:ff
        3: eth0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc mq master kdump-eth0 state UP mode DEFAULT group default qlen 1000
        ```

    Reported-by: Huijing Hei <hhei@redhat.com>
    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-13 15:37:30 +08:00
Coiby Xu
6a8e087180 get kdump ifname once in kdump_install_net
Resolves: bz1950932
Upstream: Fedora
Conflict: None

commit 97ee5dc64c
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu May 6 09:20:26 2021 +0800

    get kdump ifname once in kdump_install_net

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-13 15:36:46 +08:00
Coiby Xu
54611cd628 Implement IP netmask calculation to replace "ipcalc -m"
Resolves: bz1947347
Upstream: Fedora
Conflict: None

commit 1ca1b71780
Author: Coiby Xu <coxu@redhat.com>
Date:   Thu Apr 8 11:44:26 2021 +0800

    Implement IP netmask calculation to replace "ipcalc -m"

    Recently, dracut-network drops depedency on dhcp-client which requires
    ipcalc. Thus the dependency chain
    "kexec-tools -> dracut-network -> dhcp-client -> ipcalc"
    is broken. When NIC is configured to a static IP, kexec-tools depended
    on "ipcalc -m" to get netmask. This commit implements the shell
    equivalent of "ipcalc -m".

    The following test code shows cal_netmask_by_prefix is consistent with
    "ipcalc -m",

        #!/bin/bash
        . dracut-module-setup.sh

        for i in {0..128}; do
            mask_expected=$(ipcalc -m fe::/$i| cut -d"=" -f2)
            mask_actual=$(cal_netmask_by_prefix $i "-6")
            if [[ "$mask_expected" != "$mask_actual" ]]; then
                echo "prefix="$i, "expected="$mask_expected, "acutal="$mask_actual
                exit
            fi
        done

        echo "IPv6 tests passed"

        for i in {0..32}; do
            mask_expected=$(ipcalc -m 8.8.8.8/$i| cut -d"=" -f2)
            mask_actual=$(cal_netmask_by_prefix $i "")
            if [[ "$mask_expected" != "$mask_actual" ]]; then
                echo "prefix="$i, "expected="$mask_expected, "acutal="$mask_actual
                exit
            fi
        done

        echo "IPv4 tests passed"

        i=-2
        res=$(cal_netmask_by_prefix "$i" "")
        if [[ $? -ne 1 ]]; then
            echo "cal_netmask_by_prefix should exit when prefix<0"
            exit
        fi

        res=$(cal_netmask_by_prefix "$i" "")
        if [[ $? -ne 1 ]]; then
            echo "cal_netmask_by_prefix should exit when prefix<0"
            exit
        fi

        i=33
        $(cal_netmask_by_prefix $i "")
        if [[ $? -ne 1 ]]; then
            echo "cal_netmask_by_prefix should exit when prefix>32 for IPv4"
            exit
        fi

        i=129
        $(cal_netmask_by_prefix $i "-6")
        if [[ $? -ne 1 ]]; then
            echo "cal_netmask_by_prefix should exit when prefix>128 for IPv4"
            exit
        fi

        echo "Bad prefixes tests passed"

        echo "All tests passed"

    Reported-by: Jie Li <jieli@redhat.com>
    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
2021-05-11 06:38:58 +00:00
Tao Liu
3371584d02 Fix incorrect permissions on kdump dmesg file
Resolves: rhbz#1938165
Upstream: fedora
Conflict: none

commit 91c802ff52
Author: Tao Liu <ltao@redhat.com>
Date:   Thu Mar 18 16:52:46 2021 +0800

    Fix incorrect permissions on kdump dmesg file

    Also known as CVE-2021-20269. The kdump dmesg log files(kexec-dmesg.log,
    vmcore-dmesg.txt) are generated by shell redirection, which take the
    default umask value, making the files readable for group and others.

    This patch chmod these files, making them only accessible to owner.

    Signed-off-by: Tao Liu <ltao@redhat.com>
    Acked-by: Kairui Song <kasong@redhat.com>

Signed-off-by: Tao Liu <ltao@redhat.com>
2021-04-20 16:29:24 +08:00
DistroBaker
624a6443ca Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/kexec-tools.git#33108ef524ff033295711f888ce2c67d457951aa
2021-01-22 08:12:00 +00:00
DistroBaker
7d0122bd5d Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/kexec-tools.git#7cb4be80cdaaf85b7dcbdf8f15b113192159026b
2020-12-23 10:00:07 +00:00
DistroBaker
a1014067b4 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/kexec-tools.git#d5e39c9f7b721b80d2aa1afa85c38754a5be074e
2020-11-30 11:50:38 +00:00
DistroBaker
17a51515f0 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/kexec-tools.git#4f492cf73ea11ff74f5b062e18fcea45cb5e7eeb
2020-11-20 12:35:49 +00:00
DistroBaker
5cac7c3f96 Merged update from upstream sources
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/kexec-tools.git#bfd06661e81465d077bac435c90b4082134adf19
2020-11-05 05:34:29 +00:00
Petr Šabata
f5bf4978d8 RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/kexec-tools#041ba89902961b5490a7143d9596dc00d732cba0
2020-10-15 14:45:57 +02:00