@fheimes
No, in comment #2 I did not agree to bump the parameter.
@heinz-werner_seeck
My previous comment was not responded to. LUKS2 and Argon2i have no
effect on steady state RAM usage, and thus should not affect crashkernel
memory requirements significantly. Normally, Argon2i decryption has high
memory pressure only once during unlocking of the drive, but not during
the steady state operation.
Please explain how the new crashkernel size has been calculated, and why
is it so much larger than before?
** Changed in: makedumpfile (Ubuntu Groovy)
Status: Confirmed => Incomplete
** Changed in: ubuntu-z-systems
Status: Confirmed => Incomplete
** Changed in: makedumpfile (Ubuntu Focal)
Status: Confirmed => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to makedumpfile in Ubuntu.
https://bugs.launchpad.net/bugs/1877533
Title:
[20.10 FEAT] Increase the crashkernel setting if the root volume is
luks2-encrypted
Status in Ubuntu on IBM z Systems:
Incomplete
Status in linux package in Ubuntu:
Invalid
Status in makedumpfile package in Ubuntu:
Incomplete
Status in linux source package in Focal:
Invalid
Status in makedumpfile source package in Focal:
Incomplete
Status in linux source package in Groovy:
Invalid
Status in makedumpfile source package in Groovy:
Incomplete
Bug description:
Description:
In case the volume containing the root filesystem is encrypted using LUKS2
the memory used while unlocking the volume may exceed the size allocated to the
kdump kernel. This will lead to a failure while processing kdump and the dump
file will not be stored. Unfortunately, this condition may not be detected by a
client before a problem occurs.
The request is to have the kdump package installation script check for LUKS2
encryption (more precisely for Argon2i PBKDF, which is the root cause of the
high memory usage). If the condition is met, the installation procedure should
increase the crashkernel parameter to a higher value (>=512M)or issue a
warning, if the system memory is insufficient to reserve enough crashkernel
memory.
Business Case:
Pervasive Encryption and Secure Execution require encryption of the
filesystems in order to keep customer data secure at all times. With the
increasing usage of these technologies, the number of kdump will rise too,
typically at inconvenient times, when the kdump is triggered due to a real
customer issue.
With the suggested change, the number of customer complaints and effort to
handle them will be reduced.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1877533/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
