• Eric DeVolder's avatar
    crash: hotplug support for kexec_load() · a72bbec7
    Eric DeVolder authored
    The hotplug support for kexec_load() requires changes to the userspace
    kexec-tools and a little extra help from the kernel.
    
    Given a kdump capture kernel loaded via kexec_load(), and a subsequent
    hotplug event, the crash hotplug handler finds the elfcorehdr and rewrites
    it to reflect the hotplug change.  That is the desired outcome, however,
    at kernel panic time, the purgatory integrity check fails (because the
    elfcorehdr changed), and the capture kernel does not boot and no vmcore is
    generated.
    
    Therefore, the userspace kexec-tools/kexec must indicate to the kernel
    that the elfcorehdr can be modified (because the kexec excluded the
    elfcorehdr from the digest, and sized the elfcorehdr memory buffer
    appropriately).
    
    To facilitate hotplug support with kexec_load():
     - a new kexec flag KEXEC_UPATE_ELFCOREHDR indicates that it is
       safe for the kernel to modify the kexec_load()'d elfcorehdr
     - the /sys/kernel/crash_elfcorehdr_size node communicates the
       preferred size of the elfcorehdr memory buffer
     - The sysfs crash_hotplug nodes (ie.
       /sys/devices/system/[cpu|memory]/crash_hotplug) dynamically
       take into account kexec_file_load() vs kexec_load() and
       KEXEC_UPDATE_ELFCOREHDR.
       This is critical so that the udev rule processing of crash_hotplug
       is all that is needed to determine if the userspace unload-then-load
       of the kdump image is to be skipped, or not. The proposed udev
       rule change looks like:
       # The kernel updates the crash elfcorehdr for CPU and memory changes
       SUBSYSTEM=="cpu", ATTRS{crash_hotplug}=="1", GOTO="kdump_reload_end"
       SUBSYSTEM=="memory", ATTRS{crash_hotplug}=="1", GOTO="kdump_reload_end"
    
    The table below indicates the behavior of kexec_load()'d kdump image
    updates (with the new udev crash_hotplug rule in place):
    
     Kernel |Kexec
     -------+-----+----
     Old    |Old  |New
            |  a  | a
     -------+-----+----
     New    |  a  | b
     -------+-----+----
    
    where kexec 'old' and 'new' delineate kexec-tools has the needed
    modifications for the crash hotplug feature, and kernel 'old' and 'new'
    delineate the kernel supports this crash hotplug feature.
    
    Behavior 'a' indicates the unload-then-reload of the entire kdump image. 
    For the kexec 'old' column, the unload-then-reload occurs due to the
    missing flag KEXEC_UPDATE_ELFCOREHDR.  An 'old' kernel (with 'new' kexec)
    does not present the crash_hotplug sysfs node, which leads to the
    unload-then-reload of the kdump image.
    
    Behavior 'b' indicates the desired optimized behavior of the kernel
    directly modifying the elfcorehdr and avoiding the unload-then-reload of
    the kdump image.
    
    If the udev rule is not updated with crash_hotplug node check, then no
    matter any combination of kernel or kexec is new or old, the kdump image
    continues to be unload-then-reload on hotplug changes.
    
    To fully support crash hotplug feature, there needs to be a rollout of
    kernel, kexec-tools and udev rule changes.  However, the order of the
    rollout of these pieces does not matter; kexec_load()'d kdump images still
    function for hotplug as-is.
    
    Link: https://lkml.kernel.org/r/20230814214446.6659-7-eric.devolder@oracle.comSigned-off-by: default avatarEric DeVolder <eric.devolder@oracle.com>
    Suggested-by: default avatarHari Bathini <hbathini@linux.ibm.com>
    Acked-by: default avatarHari Bathini <hbathini@linux.ibm.com>
    Acked-by: default avatarBaoquan He <bhe@redhat.com>
    Cc: Akhil Raj <lf32.dev@gmail.com>
    Cc: Bjorn Helgaas <bhelgaas@google.com>
    Cc: Borislav Petkov (AMD) <bp@alien8.de>
    Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
    Cc: Dave Hansen <dave.hansen@linux.intel.com>
    Cc: Dave Young <dyoung@redhat.com>
    Cc: David Hildenbrand <david@redhat.com>
    Cc: Eric W. Biederman <ebiederm@xmission.com>
    Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
    Cc: "H. Peter Anvin" <hpa@zytor.com>
    Cc: Ingo Molnar <mingo@redhat.com>
    Cc: Jonathan Corbet <corbet@lwn.net>
    Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
    Cc: Mimi Zohar <zohar@linux.ibm.com>
    Cc: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
    Cc: Oscar Salvador <osalvador@suse.de>
    Cc: "Rafael J. Wysocki" <rafael@kernel.org>
    Cc: Sean Christopherson <seanjc@google.com>
    Cc: Sourabh Jain <sourabhjain@linux.ibm.com>
    Cc: Takashi Iwai <tiwai@suse.de>
    Cc: Thomas Gleixner <tglx@linutronix.de>
    Cc: Thomas Weißschuh <linux@weissschuh.net>
    Cc: Valentin Schneider <vschneid@redhat.com>
    Cc: Vivek Goyal <vgoyal@redhat.com>
    Cc: Vlastimil Babka <vbabka@suse.cz>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    a72bbec7
crash.c 12.1 KB