-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Let crashkernel load modules #3896
Let crashkernel load modules #3896
Conversation
Let's have modules load in a proper place: /etc/init.d/000-mod-params scripts, which is responsible for loading modules and providing parameters. The other motivation is to have fine control over modules and for example do not load modules (except ZFS) for the crashkernel. Signed-off-by: Roman Penyaev <r.peniaev@gmail.com>
…dules Patch removes 'nomodule' kernel parameter, which lets crashskernel to load modules. This is utterly needed for interacting with the /persist formatted as ZFS. ZFS is built separately out-of-tree as a module, so has to be loaded explicitly by the crashkernel. The majority of other modules are excluded from loading for the crashkernel, see the 000-mod-params script. Signed-off-by: Roman Penyaev <r.peniaev@gmail.com>
8b7ee6f
to
36f0e90
Compare
This should be fine, enforced module signing should still apply to the crash kernel so nothing should be gain from for example somehow crashing the kernel for the intent of loading extra vulnerable modules to exploit and leak secrest (e.g. fscrypt key). |
[Just to keep a record] |
@rene regarding our offline discussion about the proper support of /etc/modules-load.d/, I heard you, and what you are suggesting is a good thing. But let's postpone your proposed changes for a while. This PR mainly tries to make crashkernel work on ZFS /persist, so intention is to fix this part. |
ok @rouming , understood, let's keep as it is as a workaround for now... |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This PR fixes the inability to collect kernel dumps for the /persist formatted as ZFS and consists of 2 commits:
rootfs: move modprobe to the 000-mod-params initd script
Let's have modules load in a proper place: /etc/init.d/000-mod-params
scripts, which is responsible for loading modules and providing
parameters.
The other motivation is to have fine control over modules and for
example do not load modules (except ZFS) for the crashkernel.
000-kexec: remove 'nomodule' parameter, allows crashkernel to load modules
Patch removes 'nomodule' kernel parameter, which lets crashskernel
to load modules. This is utterly needed for interacting with the /persist
formatted as ZFS. ZFS is built separately out-of-tree as a module, so
has to be loaded explicitly by the crashkernel.
The majority of other modules are excluded from loading for the
crashkernel, see the 000-mod-params script.