On 11 July 2013 05:40, Jaroslav Reznik jreznik@redhat.com wrote:
= Proposed System Wide Change: Enable kdump on secureboot machines = https://fedoraproject.org/wiki/Changes/Kdump_with_secureboot
Change owner(s): Vivek Goyal vgoyal@redhat.com
Currently kexec/kdump is disabled on machines with secureboot enabled. This feature aims to enable kexec/kdump on such machines.
== Detailed description == /sbin/kexec prepares a binary blob, called purgatory. This code runs at priviliged level between kernel transition. With secureboot enabled, no unsigned code should run at privilige level 0, hence kexec/kdump is currently disabled if secureboot is enabled.
My question is "Does kdump work even without secureboot?" In trying to debug a crashing bug with older kernels and F19 I enabled kdump to try and get a crashing image for the developers to work. I ran into a ton of issues and when asking on #fedora-kernel was given the strong impression that kdump was not expected to work by the various kernel developers.
Issues I ran into was:
1) kdump needs to write to an unencrypted disk space. I tried a USB disk and various other places but the best ability I got was reinstalling the laptop and making a /var/crash partition. 2) kdump didn't seem to dump for anything than the forced dump in the instruction manual.
In the end the kernel developers got me a kernel with enough oops detection to help find the problems but how do we get kdump to be more useful?