1 .\" Copyright (c) 1980, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" From: @(#)swapon.8 8.1 (Berkeley) 6/5/93
36 .Nd "specify a device for crash dumps"
40 .Op Fl k Ar public_key_file
52 utility is used to specify a device where the kernel can save a crash
53 dump in the case of a panic.
57 normally occur from the system multi-user initialization file
63 variables in the boot time configuration file
66 The default type of kernel crash dump is the mini crash dump.
67 Mini crash dumps hold only memory pages in use by the kernel.
68 Alternatively, full memory dumps can be enabled by setting the
73 For systems using full memory dumps, the size of the specified dump
75 least the size of physical memory.
76 Even though an additional 64 kB header is added to the dump, the BIOS for a
77 platform typically holds back some memory, so it is not usually
78 necessary to size the dump device larger than the actual amount of RAM
79 available in the machine.
80 Also, when using full memory dumps, the
82 utility will refuse to enable a dump device which is smaller than the
83 total amount of physical memory as reported by the
89 .Op Fl k Ar public_key_file
92 to generate a one-time key for kernel crash dump encryption.
93 The key will be replaced by a new one when the
96 The key is encrypted using
98 This process is sandboxed using
100 Both plain and encrypted keys are sent to the kernel using
103 A user can specify the
113 This flag requires a kernel compiled with the
119 option configures the kernel to compress the dump in gzip format before writing
120 it to the dump device.
121 This reduces the amount of space required for the dump and accelerates
124 since less data needs to be copied from the dump device.
125 When compression is enabled, the
127 utility will not verify that the dump device is sufficiently large for a full
129 This flag requires a kernel compiled with the
137 to print the current dump device or _PATH_DEVNULL ("/dev/null") if no device is
144 to be verbose about its activity.
145 .Sh IMPLEMENTATION NOTES
148 condition may occur in a situation
149 where the kernel cannot trust its internal representation
150 of the state of any given file system,
151 one of the system swap devices,
154 a device containing a file system,
155 should be used as the dump device.
159 utility operates by opening
164 request on it to save kernel crash dumps.
175 and thus instructs the kernel not to save crash dumps.
179 cannot be used during kernel initialization, the
183 must be used to enable dumps for system panics which occur
184 during kernel initialization.
186 .Bl -tag -width "/dev/{ada,da}?s?b" -compact
187 .It Pa /dev/{ada,da}?s?b
190 boot-time system configuration
193 In order to generate an RSA private key a user can use the
197 .Dl # openssl genrsa -out private.pem 4096
199 A public key can be extracted from the private key using the
203 .Dl # openssl rsa -in private.pem -out public.pem -pubout
205 Once the RSA keys are created the private key should be moved to a safe place.
210 to configure encrypted kernel crash dumps:
212 .Dl # dumpon -k public.pem /dev/ada0s1b
214 It is recommended to test if the kernel saves encrypted crash dumps using the
215 current configuration.
216 The easiest way to do that is to cause a kernel panic using the
220 .Dl # sysctl debug.kdb.panic=1
222 In the debugger the following commands should be typed to write a core dump and
225 .Dl db> call doadump(0)
230 should be able to save the core dump in the core directory which is
234 .Dl # savecore /var/crash /dev/ada0s1b
236 Three files should be created in the core directory:
240 .Pa vmcore_encrypted.#
243 is the number of the last core dump saved by
246 .Pa vmcore_encrypted.#
247 can be decrypted using the
251 .Dl # decryptcore -p private.pem -k key.# -e vmcore_encrypted.# -c vmcore.#
255 .Dl # decryptcore -p private.pem -n #
259 can be now examined using
262 .Dl # kgdb /usr/obj/sys/GENERIC/kernel.debug vmcore.#
266 .Dl # kgdb -n # /usr/obj/sys/GENERIC/kernel.debug
268 The core was decrypted properly if
270 does not print any errors.
290 Because the file system layer is already dead by the time a crash dump
291 is taken, it is not possible to send crash dumps directly to a file.
293 It is currently not possible to configure both compression and encryption.
294 The encrypted dump format assumes that the kernel dump size is a multiple
295 of the cipher block size, which may not be true when the dump is compressed.