- Kdump on Xen HVM guests is now enabled in Red Hat Enterprise Linux 5.7 as a Technology Preview. Performing a local dump to an emulated (IDE) disk using an Intel 64 Hypervisor with an Intel CPU is the only supported implementation. Note that the dump target must be specified in the /etc/kdump.conf file.
/sbin/kexecbinary and utilities that together form the user-space component of the kernel's kexec feature. The
/sbin/kexecbinary facilitates a new kernel to boot using the kernel's
kexecfeature either on a normal or a panic reboot. The
kexecfastboot mechanism allows booting a Linux kernel from the context of an already running kernel.
- Kdump used the
StrictHostKeyChecking=nooption when dumping to SSH targets, causing the target kdump server's SSH host key not to be checked. This could make it easier for a man-in-the-middle attacker on the local network to impersonate the kdump SSH target server and possibly gain access to sensitive information in the
- The mkdumprd utility created
initrdfiles with world-readable permissions. A local user could possibly use this flaw to gain access to sensitive information, such as the private SSH key used to authenticate to a remote server when kdump was configured to dump to an SSH target.
- The mkdumprd utility included unneeded sensitive files (such as all files from the
/root/.ssh/directory and the host's private SSH keys) in the resulting initrd. This could lead to an information leak when
initrdfiles were previously created with world-readable permissions. Note: With this update, only the SSH client configuration, known hosts files, and the SSH key configured via the newly introduced sshkey option in
/etc/kdump.confare included in the initrd. The default is the key generated when running the
service kdump propagatecommand,
- On certain hardware, the kexec kernel incorrectly attempted to use a reserved memory range, and failed to boot with an error. This update adapts the underlying source code to determine the size of a backup region dynamically. As a result,
kexecno longer attempts to use the reserved memory range, and boots as expected.
mkdumprdutility lacked proper support for using VLAN devices over a bond interface. Consequently, the network could not be correctly set up in the kexec kernel and Kdump failed to capture a core dump. This update modifies
mkdumprdso it now provides full support for configuring VLAN devices over a bond interface. Kdump now successfully dumps the
vmcorefile to a remote machine in such a scenario.
- A bug in the
mkdumprdcaused Kdump to be unable to bring up a network interface card (NIC) if a NIC configuration file, such as
/etc/sysconfig/network-scripts/ifcfg-eth0, did not contain a default gateway. When sending the
vmcorefile over a network using the
NFSprotocol, any attempt to bring the NIC up failed with the following error:
ifup: option with empty value "gateway"Consequently, the connection to the remote machine could not be established and Kdump failed to dump the
vmcorefile. With this update, mkdumprd performs a check whether the default gateway is specified and thus avoids adding an empty gateway into the
vmcorefile is now successfully dumped to a remote machine.
- A bug in
mkdumprdcaused Kdump to be unable to bring up a bridge device when its slave device was renamed in the kexec kernel. When sending the
vmcorefile over a bridged network, any attempt to bring the bridge device up failed with a similar error:
ifup: Ignoring unknown interface eth2Consequently, the connection to the remote machine could not be established and Kdump failed to dump the
vmcorefile. This update modifies
mkdumprdto search for the correct slave device names in NIC configuration files instead of using the old names. Kdump over a bridged network now works as expected.
- Certain storage devices, such as HP Smart Array 5i controllers using the
CCISSdriver, are known to be non-resettable in the kexec kernel. Therefore, when such a device was selected as a dump target, any attempt to dump a core file on it caused the kexec kernel to become unresponsive. This update modifies
mkdumprdto check whether the target device is resettable. If the target device is non-resettable, then Kdump will not start and the kexec kernel no longer hangs under these circumstances.
mkdumprdutility was unable to handle errors returned by the
makedumpfilecommand if the command was piped with other commands. Therefore, when sending a core dump file over a network using the SSH protocol and
makedumpfilefailed, the system rebooted immediately instead of dropping to the shell. This update allows
mkdumprdto catch return codes of piped commands so that Kdump now fails right after a
makedumpfilefailure and the system drops correctly to the shell.
mkdumprdutility did not properly handle renaming of NIC devices in the kexec kernel. Therefore, when sending a core dump using a VLAN device over a bond interface, Kdump displayed various error messages related to VLAN device names. This update modifies
mkdumprdso it now works with VLAN device names correctly.
mkdumprdutility did not handle NFS unmount failures correctly. Therefore, when dumping a core over the
NFSprotocol and a test attempt to unmount an NFS export failed,
mkdumprdremoved all files from this NFS export. This update corrects
mkdumprdso that it only removes empty NFS exports and no data loss occurs under these circumstances.
mkdumprdutility lacked support for the
XFSfile system, and therefore Kdump failed to capture the vmcore dump file on XFS file systems. This update backports support for the
XFSfile system from Red Hat Enterprise Linux 6 so Kdump now creates core dumps on
XFSfile systems as expected.
- This update adds a new option for the
blacklist. This option allows
mkdumprdto prevent specified kernel modules from being loaded into the kexec kernel.
- With this update, the
mkdumprdutility supports static route configuration so that Kdump is now able to dump the
vmcorefile to a remote machine over a network with static routing.
mkdumprdutility has been modified to recognize and support
iSCSIdevices so that iSCSI devices can now be specified as a dump target.
- Kdump on Xen HVM guests is now enabled in Red Hat Enterprise Linux 5.8 as a Technology Preview. Performing a local dump to an emulated (IDE) disk using an Intel 64
Hypervisorwith an Intel CPU is the only supported implementation. Note that the dump target must be specified in the