[Kernel-packages] [Bug 1877533] Re: [20.10 FEAT] Increase the crashkernel setting if the root volume is luks2-encrypted

Fri, 31 Jul 2020 11:56:14 -0700 

I am going to work out on a change to the default crashkernel value on
s390x to match what we do for ppc64el. That will improve the situation
on default installations.

** Changed in: makedumpfile (Ubuntu Groovy)
     Assignee: (unassigned) => Thadeu Lima de Souza Cascardo (cascardo)

** Changed in: makedumpfile (Ubuntu Groovy)
       Status: Won't Fix => In Progress

** Changed in: makedumpfile (Ubuntu Focal)
       Status: Won't Fix => Confirmed

** Changed in: makedumpfile (Ubuntu)
       Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to makedumpfile in Ubuntu.
https://bugs.launchpad.net/bugs/1877533

Title:
  [20.10 FEAT] Increase the crashkernel setting if the root volume is
  luks2-encrypted

Status in Ubuntu on IBM z Systems:
  Incomplete
Status in linux package in Ubuntu:
  Invalid
Status in makedumpfile package in Ubuntu:
  Confirmed
Status in linux source package in Focal:
  Invalid
Status in makedumpfile source package in Focal:
  Confirmed
Status in linux source package in Groovy:
  Invalid
Status in makedumpfile source package in Groovy:
  Confirmed

Bug description:
  Description:
  In case the volume containing the root filesystem is encrypted using LUKS2 
the memory used while unlocking the volume may exceed the size allocated to the 
kdump kernel. This will lead to a failure while processing kdump and the dump 
file will not be stored. Unfortunately, this condition may not be detected by a 
client before a problem occurs.
  The request is to have the kdump package installation script check for LUKS2 
encryption (more precisely for Argon2i PBKDF, which is the root cause of the 
high memory usage). If the condition is met, the installation procedure should 
increase the crashkernel parameter to a higher value (>=512M)or issue a 
warning, if the system memory is insufficient to reserve enough crashkernel 
memory.

  Business Case:
  Pervasive Encryption and Secure Execution require encryption of the 
filesystems in order to keep customer data secure at all times. With the 
increasing usage of these technologies, the number of kdump will rise too, 
typically at inconvenient times, when the kdump is triggered due to a real 
customer issue.
  With the suggested change, the number of customer complaints and effort to 
handle them will be reduced.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1877533/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to