CINXE.COM

LKML: Coiby Xu: Re: [PATCH v7 2/7] crash_dump: make dm crypt keys persist for the kdump kernel

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>LKML: Coiby Xu: Re: [PATCH v7 2/7] crash_dump: make dm crypt keys persist for the kdump kernel</title><link href="/css/message.css" rel="stylesheet" type="text/css" /><link href="/css/wrap.css" rel="alternate stylesheet" type="text/css" title="wrap" /><link href="/css/nowrap.css" rel="stylesheet" type="text/css" title="nowrap" /><link href="/favicon.ico" rel="shortcut icon" /><script src="/js/simple-calendar.js" type="text/javascript"></script><script src="/js/styleswitcher.js" type="text/javascript"></script><link rel="alternate" type="application/rss+xml" title="lkml.org : last 100 messages" href="/rss.php" /><link rel="alternate" type="application/rss+xml" title="lkml.org : last messages by Coiby Xu" href="/groupie.php?aid=" /><!--Matomo--><script> var _paq = window._paq = window._paq || []; /* tracker methods like "setCustomDimension" should be called before "trackPageView" */ _paq.push(["setDoNotTrack", true]); _paq.push(["disableCookies"]); _paq.push(['trackPageView']); _paq.push(['enableLinkTracking']); (function() { var u="//m.lkml.org/"; _paq.push(['setTrackerUrl', u+'matomo.php']); _paq.push(['setSiteId', '1']); var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0]; g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s); })(); </script><!--End Matomo Code--></head><body onload="es.jasper.simpleCalendar.init();" itemscope="itemscope" itemtype="http://schema.org/BlogPosting"><table border="0" cellpadding="0" cellspacing="0"><tr><td width="180" align="center"><a href="/"><img style="border:0;width:135px;height:32px" src="/images/toprowlk.gif" alt="lkml.org" /></a></td><td width="32">聽</td><td class="nb"><div><a class="nb" href="/lkml"> [lkml]</a> 聽 <a class="nb" href="/lkml/2025"> [2025]</a> 聽 <a class="nb" href="/lkml/2025/1"> [Jan]</a> 聽 <a class="nb" href="/lkml/2025/1/16"> [16]</a> 聽 <a class="nb" href="/lkml/last100"> [last100]</a> 聽 <a href="/rss.php"><img src="/images/rss-or.gif" border="0" alt="RSS Feed" /></a></div><div>Views: <a href="#" class="nowrap" onclick="setActiveStyleSheet('wrap');return false;">[wrap]</a><a href="#" class="wrap" onclick="setActiveStyleSheet('nowrap');return false;">[no wrap]</a> 聽 <a class="nb" href="/lkml/mheaders/2025/1/16/234" onclick="this.href='/lkml/headers'+'/2025/1/16/234';">[headers]</a>聽 <a href="/lkml/bounce/2025/1/16/234">[forward]</a>聽 </div></td><td width="32">聽</td></tr><tr><td valign="top"><div class="es-jasper-simpleCalendar" baseurl="/lkml/"></div><div class="threadlist">Messages in this thread</div><ul class="threadlist"><li class="root"><a href="/lkml/2025/1/16/194">First message in thread</a></li><li><a href="/lkml/2025/1/16/196">Coiby Xu</a><ul><li><a href="/lkml/2025/1/15/1796">Randy Dunlap</a><ul><li class="origin"><a href="">Coiby Xu</a></li></ul></li></ul></li></ul></td><td width="32" rowspan="2" class="c" valign="top"><img src="/images/icornerl.gif" width="32" height="32" alt="/" /></td><td class="c" rowspan="2" valign="top" style="padding-top: 1em"><table><tr><td><table><tr><td class="lp">Date</td><td class="rp" itemprop="datePublished">Thu, 16 Jan 2025 15:32:01 +0800</td></tr><tr><td class="lp">From</td><td class="rp" itemprop="author">Coiby Xu &lt;&gt;</td></tr><tr><td class="lp">Subject</td><td class="rp" itemprop="name">Re: [PATCH v7 2/7] crash_dump: make dm crypt keys persist for the kdump kernel</td></tr></table></td><td></td></tr></table><pre itemprop="articleBody">On Wed, Jan 15, 2025 at 11:04:23PM -0800, Randy Dunlap wrote:<br />&gt;Hi,<br /><br />Hi Randy,<br /><br />I appreciate your quick response!<br /><br />&gt;<br />&gt;On 1/15/25 10:58 PM, Coiby Xu wrote:<br />&gt;&gt; diff --git a/Documentation/admin-guide/kdump/kdump.rst b/Documentation/admin-guide/kdump/kdump.rst<br />&gt;&gt; index 5376890adbeb..192d6796ab94 100644<br />&gt;&gt; --- a/Documentation/admin-guide/kdump/kdump.rst<br />&gt;&gt; +++ b/Documentation/admin-guide/kdump/kdump.rst<br />&gt;&gt; &#64;&#64; -551,6 +551,34 &#64;&#64; from within add_taint() whenever the value set in this bitmask matches with the<br />&gt;&gt; bit flag being set by add_taint().<br />&gt;&gt; This will cause a kdump to occur at the add_taint()-&gt;panic() call.<br />&gt;&gt;<br />&gt;&gt; +Write the dump file to encrypted disk volume<br />&gt;&gt; +============================================<br />&gt;&gt; +<br />&gt;&gt; +CONFIG_CRASH_DM_CRYPT can be enabled to support saving the dump file to<br />&gt;&gt; +encrypted disk volume. User space can interact with<br />&gt;<br />&gt; an encrypted disk volume.<br />&gt;<br />&gt;&gt; +/sys/kernel/config/crash_dm_crypt_keys for setup,<br />&gt;&gt; +<br />&gt;&gt; +1. Tell the 1st kernel what keys are needed to unlock the disk volumes,<br />&gt;<br />&gt; first<br />&gt;<br />&gt;&gt; + # Add key #1<br />&gt;&gt; + mkdir /sys/kernel/config/crash_dm_crypt_keys/7d26b7b4-e342-4d2d-b660-7426b0996720<br />&gt;&gt; + # Add key #1's description<br />&gt;&gt; + echo cryptsetup:7d26b7b4-e342-4d2d-b660-7426b0996720 &gt; /sys/kernel/config/crash_dm_crypt_keys/description<br />&gt;&gt; +<br />&gt;&gt; + # how many keys do we have now?<br />&gt;&gt; + cat /sys/kernel/config/crash_dm_crypt_keys/count<br />&gt;&gt; + 1<br />&gt;&gt; +<br />&gt;&gt; + # Add key#2 in the same way<br />&gt;<br />&gt; key #2<br />&gt;(be consisent)<br />&gt;<br />&gt;&gt; +<br />&gt;&gt; + # how many keys do we have now?<br />&gt;&gt; + cat /sys/kernel/config/crash_dm_crypt_keys/count<br />&gt;&gt; + 2<br />&gt;&gt; +<br />&gt;&gt; +2. Load the dump-capture kernel<br />&gt;&gt; +<br />&gt;&gt; +3. After dump-capture kerne get booted, restore the keys to user keyring<br />&gt;<br />&gt; After the dump-capture kernel is booted,<br /><br />Thanks for catching the above issues! I'll apply all your suggested<br />changes to next version.<br /><br />&gt;<br />&gt;&gt; + echo yes &gt; /sys/kernel/crash_dm_crypt_keys/restore<br />&gt;&gt; +<br />&gt;&gt; Contact<br />&gt;&gt; =======<br />&gt;&gt;<br />&gt;<br />&gt;-- <br />&gt;~Randy<br />&gt;<br />&gt;<br /><br />-- <br />Best regards,<br />Coiby<br /><br /><br /></pre></td><td width="32" rowspan="2" class="c" valign="top"><img src="/images/icornerr.gif" width="32" height="32" alt="\" /></td></tr><tr><td align="right" valign="bottom"> 聽 </td></tr><tr><td align="right" valign="bottom">聽</td><td class="c" valign="bottom" style="padding-bottom: 0px"><img src="/images/bcornerl.gif" width="32" height="32" alt="\" /></td><td class="c">聽</td><td class="c" valign="bottom" style="padding-bottom: 0px"><img src="/images/bcornerr.gif" width="32" height="32" alt="/" /></td></tr><tr><td align="right" valign="top" colspan="2"> 聽 </td><td class="lm">Last update: 2025-01-16 08:37 聽聽 [from the cache]<br />漏2003-2020 <a href="http://blog.jasper.es/"><span itemprop="editor">Jasper Spaans</span></a>|hosted at <a href="https://www.digitalocean.com/?refcode=9a8e99d24cf9">Digital Ocean</a> and my Meterkast|<a href="http://blog.jasper.es/categories.html#lkml-ref">Read the blog</a></td><td>聽</td></tr></table><script language="javascript" src="/js/styleswitcher.js" type="text/javascript"></script></body></html>

Pages: 1 2 3 4 5 6 7 8 9 10