Linux Kernel Crash Dump Configuration

in

Are you tired of dealing with ***** kernel crashes that leave your system in shambles?

First, what exactly this magical feature does. The Linux Kernel Crash Dump is a mechanism that automatically boots a secondary kernel whenever your primary kernel crashes (oops/panic). This secondary kernel will then save the state and memory of the primary kernel to a certain location on your filesystem (usually /var/crash) so you can analyze it later.

Now, let’s get our hands dirty! Here are some simple steps for configuring Linux Kernel Crash Dump:

Step 1: Install linux-crashdump package using apt-get or yum (depending on your distribution). For example, in Ubuntu you can run this command as root: sudo apt-get install linux-crashdump. In Red Hat Enterprise Linux, use the following command: yum install crash kernel-debuginfo

Step 2: Verify that the package was installed correctly by running lsmod | grep crashkernel or dmesg | tail -n10 (depending on your distribution). You should see something like this:

# Install linux-crashdump package using yum command
yum install crash kernel-debuginfo


lsmod | grep crashkernel # checks for crashkernel module
dmesg | tail -n10 # checks for last 10 lines of kernel messages

# Configure crashkernel memory allocation
# Sets the crashkernel memory allocation to 128MB for systems with 2GB or more memory
[    3.859674] CRASHKERNEL(PC): 2G-:128M

# Sets the crashkernel memory allocation to 64MB for systems with 384MB to 2GB memory
# Sets the crashkernel memory allocation to 128MB for systems with 2GB or more memory
[    3.860007] CRASHKERNEL(PC): 384M-2G:64M,2G-:128M

Step 3: Configure the crashkernel parameter in your kernel command line (usually located in /etc/default/grub). For example, if you have a system with less than 2GB of RAM and want to allocate 512MB for the secondary kernel, add this line to your grub configuration file:

# Set the GRUB_CMDLINE_LINUX variable to configure the kernel command line
GRUB_CMDLINE_LINUX="crashkernel=512M-1G:64M" # Specifies the amount of memory to allocate for the secondary kernel in case of a system crash

# The crashkernel parameter is used to reserve memory for the secondary kernel
# The value "512M-1G" indicates that the reserved memory should be between 512MB and 1GB
# The value "64M" specifies the amount of memory to allocate for the secondary kernel, in this case 64MB

Step 4: Save the changes and update GRUB by running sudo update-grub. Reboot your system to apply the new configuration.

Step 5: Inspect the crash dump using the crash utility (usually located in /usr/bin). For example, if you have a file named /var/crash/_initramfs-001234.img, run this command as root:

# Step 4: Save the changes and update GRUB by running sudo update-grub. Reboot your system to apply the new configuration.

# Step 5: Inspect the crash dump using the crash utility (usually located in /usr/bin). For example, if you have a file named /var/crash/_initramfs-001234.img, run this command as root:



# Save the changes made to GRUB configuration and update it
sudo update-grub

# Reboot the system to apply the new configuration
reboot

# Use the crash utility to inspect the crash dump
crash -c /var/crash/_initramfs-001234.img

# Note: The crash utility is usually located in /usr/bin and requires root privileges to run. 
# The -c flag specifies the crash dump file to be inspected.

Step 6 (optional): If you want to go deeper into kernel hacking and debugging, check out the in-tree documentation and use the vmlinux file for more detailed analysis.

And that’s it! You now have a fully configured Linux Kernel Crash Dump ready to save your system from any unexpected crashes. Remember, always keep a hardware configuration sheet handy and make sane choices when configuring your kernel.

SICORPS