Re: [PATCH v2] sysctl: Add panic-fatal-signals

From: Andrew Morton
Date: Mon Jan 28 2019 - 13:05:51 EST

On Mon, 28 Jan 2019 09:49:59 +0100 Vincent Whitchurch <vincent.whitchurch@xxxxxxxx> wrote:

> Add a sysctl which asks the kernel to panic when any userspace process
> receives a fatal signal which would trigger a core dump. This has
> proven to be quite useful when debugging problems seen during testing of
> embedded systems: When combined with kernel core dumps (saved due to
> the panic), it allows easier debugging of crashes which have their
> origin in system-wide problems such as buggy drivers or other kernel or
> hardware-related issues.
> The crashing process's core dump can be extracted from the kernel core
> dump using tools such as the crash utility's gcore extension.

I can't speak to the usefulness of this, but the feature is small and

Some documentation would be appreciated. I assume in
Documentation/sysctl/kernel.txt. Please also check that
print-fatal-signals is appropriately documented while we're in there -
it's documented in Documentation/admin-guide/kernel-parameters.rst but
not Documentation/sysctl/kernel.txt.

> v2: Put the sysctl behind a config option

I suppose so... The option is root-only (surely?) so I'm not sure this
is really needed.

> ...
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1242,6 +1242,20 @@ config SYSCTL_SYSCALL
> If unsure say N here.
> + bool "panic-fatal-signals sysctl" if EXPERT
> + depends on PROC_SYSCTL
> + help
> + If you say Y here, a kernel.panic-fatal-signals sysctl will be
> + offered. If this sysctl is turned on, the kernel will panic if any
> + userspace process receives a fatal signal which would trigger a core
> + dump.
> +
> + When used together with kernel core dumps, this can be useful for
> + debugging some system-wide problems, primarily on embedded systems.
> +
> + If unsure, say N.

I suggest that the Kconfig help and the forthcoming documentation
should clearly explain the dangers of enabling this!