1 .\" Copyright (c) 1980, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" From: @(#)swapon.8 8.1 (Berkeley) 6/5/93
36 .Nd "specify a device for crash dumps"
40 .Op Fl k Ar public_key_file
51 utility is used to specify a device where the kernel can save a crash
52 dump in the case of a panic.
56 normally occur from the system multi-user initialization file
62 variables in the boot time configuration file
65 The default type of kernel crash dump is the mini crash dump.
66 Mini crash dumps hold only memory pages in use by the kernel.
67 Alternatively, full memory dumps can be enabled by setting the
72 For systems using full memory dumps, the size of the specified dump
74 least the size of physical memory.
75 Even though an additional 64 kB header is added to the dump, the BIOS for a
76 platform typically holds back some memory, so it is not usually
77 necessary to size the dump device larger than the actual amount of RAM
78 available in the machine.
79 Also, when using full memory dumps, the
81 utility will refuse to enable a dump device which is smaller than the
82 total amount of physical memory as reported by the
88 .Op Fl k Ar public_key_file
91 to generate a one-time key for kernel crash dump encryption.
92 The key will be replaced by a new one when the
95 The key is encrypted using
97 This process is sandboxed using
99 Both plain and encrypted keys are sent to the kernel using
102 A user can specify the
112 This flag requires a kernel compiled with the
120 to print the current dump device or _PATH_DEVNULL ("/dev/null") if no device is
127 to be verbose about its activity.
128 .Sh IMPLEMENTATION NOTES
131 condition may occur in a situation
132 where the kernel cannot trust its internal representation
133 of the state of any given file system,
134 one of the system swap devices,
137 a device containing a file system,
138 should be used as the dump device.
142 utility operates by opening
147 request on it to save kernel crash dumps.
158 and thus instructs the kernel not to save crash dumps.
162 cannot be used during kernel initialization, the
166 must be used to enable dumps for system panics which occur
167 during kernel initialization.
169 .Bl -tag -width "/dev/{ada,da}?s?b" -compact
170 .It Pa /dev/{ada,da}?s?b
173 boot-time system configuration
176 In order to generate an RSA private key a user can use the
180 .Dl # openssl genrsa -out private.pem 4096
182 A public key can be extracted from the private key using the
186 .Dl # openssl rsa -in private.pem -out public.pem -pubout
188 Once the RSA keys are created the private key should be moved to a safe place.
193 to configure encrypted kernel crash dumps:
195 .Dl # dumpon -k public.pem /dev/ada0s1b
197 It is recommended to test if the kernel saves encrypted crash dumps using the
198 current configuration.
199 The easiest way to do that is to cause a kernel panic using the
203 .Dl # sysctl debug.kdb.panic=1
205 In the debugger the following commands should be typed to write a core dump and
208 .Dl db> call doadump(0)
213 should be able to save the core dump in the core directory which is
217 .Dl # savecore /var/crash /dev/ada0s1b
219 Three files should be created in the core directory:
223 .Pa vmcore_encrypted.#
226 is the number of the last core dump saved by
229 .Pa vmcore_encrypted.#
230 can be decrypted using the
234 .Dl # decryptcore -p private.pem -k key.# -e vmcore_encrypted.# -c vmcore.#
238 .Dl # decryptcore -p private.pem -n #
242 can be now examined using
245 .Dl # kgdb /usr/obj/sys/GENERIC/kernel.debug vmcore.#
249 .Dl # kgdb -n # /usr/obj/sys/GENERIC/kernel.debug
251 The core was decrypted properly if
253 does not print any errors.
273 Because the file system layer is already dead by the time a crash dump
274 is taken, it is not possible to send crash dumps directly to a file.