diff options
| author | Guilherme G. Piccoli <gpiccoli@canonical.com> | 2020-07-07 18:31:42 +0000 |
|---|---|---|
| committer | Guilherme G. Piccoli <gpiccoli@canonical.com> | 2020-08-04 17:10:52 -0300 |
| commit | 189faca0c43b74f4b6c4dee4bcd4c5d6cee44aeb (patch) | |
| tree | f5599b5ff1a9f1d1986cc7f400204d49d5c89d88 /debian | |
| parent | 79fa90100eaf6c0e336753f34abaf4292739dfb2 (diff) | |
kdump-tools: Add sysctl override mechanism
Currently users have no way to override sysctls on kdump environment,
which is specially harmful for machines with hugepages set via sysctls.
In this particular case, kdump may fail due to portions of memory getting
statically allocated as hugepages, risking kdump kernel boot then to be
impaired by the lack of usable memory.
This patch adds a sysctl overriding mechanism in the kdump environment.
It's based on the way init system apply the sysctls, *after* initramfs
stages, and by a specific filename-based precedece. So, this patch
hijacks this precedence order, by creating a higher precedence file on
/run temporary filesystem, with the desired overrides. For that, we use
an initramfs script, and managed to include it only in the kdump smaller
initrds, not on default system initrds (with some caveats, see [0]).
The patch aims to not break kdump if something wrong occur with the
sysctl override mechanism, the goal being to be the least invasive for
the regular system boot as possible. I'd like to thanks specially Thadeu
Cascardo for the prolific discussions about sysctl filename precedence
and the importance of using the right locale when sorting the filenames.
[0] NOTICE that, for Debian, this commit requires the subsequent patch
below in order to work properly, due to a limitation on initramfs-tools:
"kdump-tools: Cope with the lack of initramfs-tools OPTION=VAR
feature in Debian"
Signed-off-by: Guilherme G. Piccoli <gpiccoli@canonical.com>
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/initramfs.hook | 30 | ||||
| -rw-r--r-- | debian/initramfs.local-bottom | 36 | ||||
| -rwxr-xr-x | debian/kdump-config.in | 16 | ||||
| -rw-r--r-- | debian/kdump-tools.5.in | 16 | ||||
| -rw-r--r-- | debian/kdump-tools.dirs | 1 | ||||
| -rw-r--r-- | debian/kdump-tools.install | 1 | ||||
| -rwxr-xr-x | debian/kernel-postinst-generate-initrd | 4 | ||||
| -rwxr-xr-x | debian/rules | 4 | ||||
| -rw-r--r-- | debian/sysctl.conf | 6 |
9 files changed, 113 insertions, 1 deletions
diff --git a/debian/initramfs.hook b/debian/initramfs.hook new file mode 100644 index 0000000..fdbde24 --- /dev/null +++ b/debian/initramfs.hook @@ -0,0 +1,30 @@ +#!/bin/sh +# +# This kdump-tools hook includes kdump sysctl overrides to the +# kdump minimal initrd. +OPTION=KDUMP + +PREREQ="" +prereqs() +{ + echo "$PREREQ" +} + +case $1 in +prereqs) + prereqs + exit 0 + ;; +esac + +. /usr/share/initramfs-tools/hook-functions + +KDUMP_SYSCTL_PATH="/etc/kdump/sysctl.conf" + +# Avoid stopping the initrd generation in case of no sysctl overrides +if [ ! -f ${KDUMP_SYSCTL_PATH} ]; then + echo "WARNING: kdump-tools hook couldn't find ${KDUMP_SYSCTL_PATH}" + exit 0 +fi + +copy_file config ${KDUMP_SYSCTL_PATH} diff --git a/debian/initramfs.local-bottom b/debian/initramfs.local-bottom new file mode 100644 index 0000000..1bfb0a6 --- /dev/null +++ b/debian/initramfs.local-bottom @@ -0,0 +1,36 @@ +#!/bin/sh +# +# kdump-tools will selectively override sysctls on kdump boot based in +# the sysctl settings present on file /etc/kdump/sysctl.conf. +# Only kdump minimal initrd contains this script - regular initrds won't +# get this script included, since KDUMP variable is not set by default. +OPTION=KDUMP + +set +e +case "${1}" in + prereqs) + exit 0 + ;; +esac + +KDUMP_SYSCTL_PATH="/etc/kdump/sysctl.conf" +# Do not prevent the system boot on error, kdump may be the last resource! +if [ ! -d /run ]; then + echo "WARNING: kdump-sysctl needs /run available in order to work" + exit 0 +fi + +RT="${rootmnt}" +SYSD="sysctl.d/" +SYSCTL_PATHS="${RT}/usr/lib/${SYSD} ${RT}/usr/local/lib/${SYSD} ${RT}/lib/${SYSD} ${RT}/etc/${SYSD} ${RT}/run/${SYSD}" + +FNAME="$(ls -1 ${SYSCTL_PATHS} 2>/dev/null | grep "\.conf$" | LC_ALL=C sort | tail -n1)" +FNAME="${FNAME}-kdump.conf" + +if [ ! -f ${KDUMP_SYSCTL_PATH} ]; then + echo "WARNING: kdump-sysctl needs ${KDUMP_SYSCTL_PATH} on initrd to continue" + exit 0 +fi + +mkdir -p /run/sysctl.d +cp -p ${KDUMP_SYSCTL_PATH} /run/sysctl.d/${FNAME} diff --git a/debian/kdump-config.in b/debian/kdump-config.in index 0420e77..7515450 100755 --- a/debian/kdump-config.in +++ b/debian/kdump-config.in @@ -43,6 +43,7 @@ KVER=`uname -r` ARCH=`uname -m` # Set up defaults +KDUMP_SYSCTL_FILE="/etc/kdump/sysctl.conf" KDUMP_COREDIR=${KDUMP_COREDIR:=/var/crash} KDUMP_DUMP_DMESG=${KDUMP_DUMP_DMESG:=1} KDUMP_DIR="/var/lib/kdump" @@ -894,6 +895,20 @@ function kdump_propagate() } +# Checks if kdump sysctl overrides changed and if so, +# forces kdump initrd to be recreated. +function check_sysctl_change() +{ + kernel_version=$1 + + cmp -s "${KDUMP_SYSCTL_FILE}" "${KDUMP_DIR}/latest_sysctls-${kernel_version}" + if [ $? != 0 ]; then + rm -f "$KDUMP_DIR/initrd.img-${kernel_version}" + fi + + cp ${KDUMP_SYSCTL_FILE} "${KDUMP_DIR}/latest_sysctls-${kernel_version}" +} + load() { if [ "$DUMP_MODE" == "fadump" ]; then @@ -901,6 +916,7 @@ load() fadump_register else check_kdump_support; + check_sysctl_change $KVER kdump_create_symlinks $KVER; manage_symlinks; locate_kdump_kernel; diff --git a/debian/kdump-tools.5.in b/debian/kdump-tools.5.in index 0b0f475..85bc970 100644 --- a/debian/kdump-tools.5.in +++ b/debian/kdump-tools.5.in @@ -281,7 +281,18 @@ in order to collect a dump in this case. If the users want more panic triggers, like panic on OOM, or when a NMI is detected, it's recommended that they edit the sysctl configuration files (/etc/sysctl.conf or files on /etc/sysctl.d) in order to do so, and/or apply the sysctl settings with sysctl tool. - +.SS Sysctl handling *during a kdump* +.PP +kdump-tools allows users to configure sysctls overrides on kdump environment; +this is specially useful to prevent sysctls from the regular boot to mess with +the resource-impaired kdump environment. +.PP +The mechanism is restricted to kdump boot and will not affect regular boots. In +order to add overrides, user should edit the file +.I /etc/kdump/sysctl.conf. +.PP +By default, hugepages overrides are set and is highly recommended to keep them +in the file, to prevent kdump out-of-memory conditions. .\" .\" # --------------------------------------------------------------------------- .\" @@ -311,6 +322,9 @@ the .B kdump-tools configuration file .TP 25 +.I /etc/kdump/sysctl.conf +kdump-tools sysctl override file +.TP 25 .I /var/crash/kernel_link a link to the current debug kernel .TP 25 diff --git a/debian/kdump-tools.dirs b/debian/kdump-tools.dirs new file mode 100644 index 0000000..0da3943 --- /dev/null +++ b/debian/kdump-tools.dirs @@ -0,0 +1 @@ +etc/kdump diff --git a/debian/kdump-tools.install b/debian/kdump-tools.install index f12828f..5289653 100644 --- a/debian/kdump-tools.install +++ b/debian/kdump-tools.install @@ -1,4 +1,5 @@ debian/kdump-config /usr/sbin debian/kdump-tools.conf /usr/share/kdump-tools/ +debian/sysctl.conf /etc/kdump/ debian/50-kdump-tools.rules /lib/udev/rules.d/ debian/kdump-tools-dump.service /lib/systemd/system/ diff --git a/debian/kernel-postinst-generate-initrd b/debian/kernel-postinst-generate-initrd index 57905bf..bad88b4 100755 --- a/debian/kernel-postinst-generate-initrd +++ b/debian/kernel-postinst-generate-initrd @@ -56,6 +56,10 @@ if ! [ -e "$initramfsdir/initramfs.conf" ];then exit 2 fi +# Mark our custom initramfs.conf to indicate that kdump-tools +# hooks/scripts should run/get included in our minimal initrd. +echo "KDUMP=y" >> $initramfsdir/initramfs.conf + # Cleaning up existing initramfs with same version # as mkinitramfs do not have a force option if [ -e "$kdumpdir/initrd.img-${version}" ];then diff --git a/debian/rules b/debian/rules index 428b81d..cd2cf34 100755 --- a/debian/rules +++ b/debian/rules @@ -35,8 +35,12 @@ debian/kdump-tools.5: debian/kdump-tools.5.in override_dh_install: debian/kdump-config debian/kdump-tools.conf debian/kdump-tools.5 dh_install + dh_installdirs install -D -m 755 debian/kernel-postinst-generate-initrd debian/kdump-tools/etc/kernel/postinst.d/kdump-tools install -D -m 755 debian/kernel-postrm-delete-initrd debian/kdump-tools/etc/kernel/postrm.d/kdump-tools + install -D -m 755 debian/initramfs.hook debian/kdump-tools/usr/share/initramfs-tools/hooks/kdump-tools + install -D -m 755 debian/initramfs.local-bottom \ +debian/kdump-tools/usr/share/initramfs-tools/scripts/local-bottom/kdump-sysctl [ ! -f debian/kdump-tools.grub.$(DEB_HOST_ARCH) ] || \ install -D -m 644 debian/kdump-tools.grub.$(DEB_HOST_ARCH) debian/kdump-tools/etc/default/grub.d/kdump-tools.cfg [ -f debian/kdump-tools.grub.$(DEB_HOST_ARCH) ] || \ diff --git a/debian/sysctl.conf b/debian/sysctl.conf new file mode 100644 index 0000000..3571bbb --- /dev/null +++ b/debian/sysctl.conf @@ -0,0 +1,6 @@ +# kdump-tools sysclt control; the below list of sysctls will be applied +# only in the kdump boot environment, and should be used to override the +# regular boot sysctls that affect kdump. + +vm.nr_hugepages=0 +vm.nr_hugepages_mempolicy=0 |