[PATCH V3] Documentation: Improve crash_kexec_post

Linux debuggers
 help / color / mirror / Atom feed

* [PATCH V3] Documentation: Improve crash_kexec_post_notifiers description
@ 2024-10-25 16:18 Guilherme G. Piccoli
  2024-10-27 18:16 ` Michael Kelley
  0 siblings, 1 reply; 3+ messages in thread
From: Guilherme G. Piccoli @ 2024-10-25 16:18 UTC (permalink / raw)
  To: kexec, linux-doc
  Cc: bhe, vgoyal, dyoung, corbet, linux-kernel, linux-debuggers,
	stephen.s.brennan, horms, kernel, kernel-dev,
	Guilherme G. Piccoli

The crash_kexec_post_notifiers description could be improved a bit,
by clarifying its upsides (yes, there are some!) and be more descriptive
about the downsides, specially mentioning code that enables the option
unconditionally, like Hyper-V[0], PowerPC (fadump)[1] and more
recently, AMD SEV[2].

[0] Commit a11589563e96 ("x86/Hyper-V: Report crash register data or kmsg before running crash kernel").
[1] Commit 06e629c25daa ("powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic").
[2] Commit 8ef979584ea8 ("crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump").

Reviewed-by: Stephen Brennan <stephen.s.brennan@oracle.com>
Signed-off-by: Guilherme G. Piccoli <gpiccoli@igalia.com>
---

V3: Improved wording and commit description, detailing more about the addition
of code that enables crash_kexec_post_notifiers unconditionally.

Thanks Baoquan and Simon for the suggestions!


 Documentation/admin-guide/kernel-parameters.txt | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 3978fb704c53..2a7a523bb90b 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -918,12 +918,16 @@
 			the parameter has no effect.
 
 	crash_kexec_post_notifiers
-			Run kdump after running panic-notifiers and dumping
-			kmsg. This only for the users who doubt kdump always
-			succeeds in any situation.
-			Note that this also increases risks of kdump failure,
-			because some panic notifiers can make the crashed
-			kernel more unstable.
+			Only jump to kdump kernel after running the panic
+			notifiers and dumping kmsg. This option increases
+			the risks of a kdump failure, since some panic
+			notifiers can make the crashed kernel more unstable.
+			In configurations where kdump may not be reliable,
+			running the panic notifiers could allow collecting
+			more data on dmesg, like stack traces from other CPUS
+			or extra data dumped by panic_print. Note that some
+			configurations enable this option unconditionally,
+			like Hyper-V, PowerPC (fadump) and AMD SEV.
 
 	crashkernel=size[KMG][@offset[KMG]]
 			[KNL,EARLY] Using kexec, Linux can switch to a 'crash kernel'
-- 
2.46.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* RE: [PATCH V3] Documentation: Improve crash_kexec_post_notifiers description
  2024-10-25 16:18 [PATCH V3] Documentation: Improve crash_kexec_post_notifiers description Guilherme G. Piccoli
@ 2024-10-27 18:16 ` Michael Kelley
  2024-10-27 20:43   ` Guilherme G. Piccoli
  0 siblings, 1 reply; 3+ messages in thread
From: Michael Kelley @ 2024-10-27 18:16 UTC (permalink / raw)
  To: Guilherme G. Piccoli, kexec@lists.infradead.org,
	linux-doc@vger.kernel.org
  Cc: bhe@redhat.com, vgoyal@redhat.com, dyoung@redhat.com,
	corbet@lwn.net, linux-kernel@vger.kernel.org,
	linux-debuggers@vger.kernel.org, stephen.s.brennan@oracle.com,
	horms@kernel.org, kernel@gpiccoli.net, kernel-dev@igalia.com

From: Guilherme G. Piccoli <gpiccoli@igalia.com> Sent: Friday, October 25, 2024 9:18 AM
> 
> The crash_kexec_post_notifiers description could be improved a bit,
> by clarifying its upsides (yes, there are some!) and be more descriptive
> about the downsides, specially mentioning code that enables the option
> unconditionally, like Hyper-V[0], PowerPC (fadump)[1] and more
> recently, AMD SEV[2].
> 
> [0] Commit a11589563e96 ("x86/Hyper-V: Report crash register data or kmsg before
> running crash kernel").
> [1] Commit 06e629c25daa ("powerpc/fadump: Fix inaccurate CPU state info in vmcore
> generated with panic").
> [2] Commit 8ef979584ea8 ("crypto: ccp: Add panic notifier for SEV/SNP firmware
> shutdown on kdump").
> 
> Reviewed-by: Stephen Brennan <stephen.s.brennan@oracle.com>
> Signed-off-by: Guilherme G. Piccoli <gpiccoli@igalia.com>
> ---
> 
> V3: Improved wording and commit description, detailing more about the addition
> of code that enables crash_kexec_post_notifiers unconditionally.
> 
> Thanks Baoquan and Simon for the suggestions!
> 
> 
>  Documentation/admin-guide/kernel-parameters.txt | 16 ++++++++++------
>  1 file changed, 10 insertions(+), 6 deletions(-)
> 
> diff --git a/Documentation/admin-guide/kernel-parameters.txt
> b/Documentation/admin-guide/kernel-parameters.txt
> index 3978fb704c53..2a7a523bb90b 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -918,12 +918,16 @@
>  			the parameter has no effect.
> 
>  	crash_kexec_post_notifiers
> -			Run kdump after running panic-notifiers and dumping
> -			kmsg. This only for the users who doubt kdump always
> -			succeeds in any situation.
> -			Note that this also increases risks of kdump failure,
> -			because some panic notifiers can make the crashed
> -			kernel more unstable.
> +			Only jump to kdump kernel after running the panic
> +			notifiers and dumping kmsg. This option increases
> +			the risks of a kdump failure, since some panic
> +			notifiers can make the crashed kernel more unstable.
> +			In configurations where kdump may not be reliable,
> +			running the panic notifiers could allow collecting
> +			more data on dmesg, like stack traces from other CPUS
> +			or extra data dumped by panic_print. Note that some
> +			configurations enable this option unconditionally,
> +			like Hyper-V, PowerPC (fadump) and AMD SEV.

This last line should be more specific and use "AMD SEV-SNP" instead of
just "AMD SEV". Commit 8ef979584ea8 that you mentioned above is
specific to SEV-SNP.

There have been three versions of SEV functionality in AMD processors:
* SEV:  the original guest VM encryption
* SEV-ES:  SEV enhanced to cover register state as well
* SEV-SNP:  SEV-ES plus Secure Nested Paging, which provides
functionality to address the Confidential Computing VM threat model
described in the Linux CoCo VM documentation. SEV-SNP processors are
AMD's product that is widely deployed for CoCo VMs in large public clouds.

Just using "SEV" is somewhat ambiguous because it's not clear whether
it refers to the family of three SEV levels, or just the original guest VM
encryption. Since this case is clearly SEV-SNP only, being specific removes
the ambiguity.

Michael



> 
>  	crashkernel=size[KMG][@offset[KMG]]
>  			[KNL,EARLY] Using kexec, Linux can switch to a 'crash kernel'
> --
> 2.46.2
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH V3] Documentation: Improve crash_kexec_post_notifiers description
  2024-10-27 18:16 ` Michael Kelley
@ 2024-10-27 20:43   ` Guilherme G. Piccoli
  0 siblings, 0 replies; 3+ messages in thread
From: Guilherme G. Piccoli @ 2024-10-27 20:43 UTC (permalink / raw)
  To: Michael Kelley
  Cc: bhe@redhat.com, kexec@lists.infradead.org, vgoyal@redhat.com,
	dyoung@redhat.com, corbet@lwn.net, linux-kernel@vger.kernel.org,
	linux-doc@vger.kernel.org, linux-debuggers@vger.kernel.org,
	stephen.s.brennan@oracle.com, horms@kernel.org,
	kernel@gpiccoli.net, kernel-dev@igalia.com

On 27/10/2024 15:16, Michael Kelley wrote:
> [...]
>>  	crash_kexec_post_notifiers
>> -			Run kdump after running panic-notifiers and dumping
>> -			kmsg. This only for the users who doubt kdump always
>> -			succeeds in any situation.
>> -			Note that this also increases risks of kdump failure,
>> -			because some panic notifiers can make the crashed
>> -			kernel more unstable.
>> +			Only jump to kdump kernel after running the panic
>> +			notifiers and dumping kmsg. This option increases
>> +			the risks of a kdump failure, since some panic
>> +			notifiers can make the crashed kernel more unstable.
>> +			In configurations where kdump may not be reliable,
>> +			running the panic notifiers could allow collecting
>> +			more data on dmesg, like stack traces from other CPUS
>> +			or extra data dumped by panic_print. Note that some
>> +			configurations enable this option unconditionally,
>> +			like Hyper-V, PowerPC (fadump) and AMD SEV.
> 
> This last line should be more specific and use "AMD SEV-SNP" instead of
> just "AMD SEV". Commit 8ef979584ea8 that you mentioned above is
> specific to SEV-SNP.
> 
> There have been three versions of SEV functionality in AMD processors:
> * SEV:  the original guest VM encryption
> * SEV-ES:  SEV enhanced to cover register state as well
> * SEV-SNP:  SEV-ES plus Secure Nested Paging, which provides
> functionality to address the Confidential Computing VM threat model
> described in the Linux CoCo VM documentation. SEV-SNP processors are
> AMD's product that is widely deployed for CoCo VMs in large public clouds.
> 
> Just using "SEV" is somewhat ambiguous because it's not clear whether
> it refers to the family of three SEV levels, or just the original guest VM
> encryption. Since this case is clearly SEV-SNP only, being specific removes
> the ambiguity.
> 
> Michael

Thanks a lot Michael, for the clarification. I've just sent a V4
updating that.
Cheers,


Guilherme

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2024-10-27 20:43 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-10-25 16:18 [PATCH V3] Documentation: Improve crash_kexec_post_notifiers description Guilherme G. Piccoli
2024-10-27 18:16 ` Michael Kelley
2024-10-27 20:43   ` Guilherme G. Piccoli

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox