1 .\" Copyright (c) 1980, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" From: @(#)swapon.8 8.1 (Berkeley) 6/5/93
36 .Nd "specify a device for crash dumps"
40 .Op Fl k Ar public_key_file
53 utility is used to specify a device where the kernel can save a crash
54 dump in the case of a panic.
58 normally occur from the system multi-user initialization file
64 variables in the boot time configuration file
67 The default type of kernel crash dump is the mini crash dump.
68 Mini crash dumps hold only memory pages in use by the kernel.
69 Alternatively, full memory dumps can be enabled by setting the
74 For systems using full memory dumps, the size of the specified dump
76 least the size of physical memory.
77 Even though an additional 64 kB header is added to the dump, the BIOS for a
78 platform typically holds back some memory, so it is not usually
79 necessary to size the dump device larger than the actual amount of RAM
80 available in the machine.
81 Also, when using full memory dumps, the
83 utility will refuse to enable a dump device which is smaller than the
84 total amount of physical memory as reported by the
90 .Op Fl k Ar public_key_file
93 to generate a one-time key for kernel crash dump encryption.
94 The key will be replaced by a new one when the
97 The key is encrypted using
99 This process is sandboxed using
101 Both plain and encrypted keys are sent to the kernel using
104 A user can specify the
114 This flag requires a kernel compiled with the
122 options configure the kernel to compress the dump before writing it to
124 This reduces the amount of space required for the dump and accelerates
127 since less data needs to be copied from the dump device.
128 When compression is enabled, the
130 utility will not verify that the dump device is sufficiently large for a full
136 options cause the dump to be written in
140 format, respectively.
141 These flags require a kernel compiled with the
152 to print the current dump device or _PATH_DEVNULL ("/dev/null") if no device is
159 to be verbose about its activity.
160 .Sh IMPLEMENTATION NOTES
163 condition may occur in a situation
164 where the kernel cannot trust its internal representation
165 of the state of any given file system,
166 one of the system swap devices,
169 a device containing a file system,
170 should be used as the dump device.
174 utility operates by opening
179 request on it to save kernel crash dumps.
190 and thus instructs the kernel not to save crash dumps.
194 cannot be used during kernel initialization, the
198 must be used to enable dumps for system panics which occur
199 during kernel initialization.
201 .Bl -tag -width "/dev/{ada,da}?s?b" -compact
202 .It Pa /dev/{ada,da}?s?b
205 boot-time system configuration
208 In order to generate an RSA private key a user can use the
212 .Dl # openssl genrsa -out private.pem 4096
214 A public key can be extracted from the private key using the
218 .Dl # openssl rsa -in private.pem -out public.pem -pubout
220 Once the RSA keys are created the private key should be moved to a safe place.
225 to configure encrypted kernel crash dumps:
227 .Dl # dumpon -k public.pem /dev/ada0s1b
229 It is recommended to test if the kernel saves encrypted crash dumps using the
230 current configuration.
231 The easiest way to do that is to cause a kernel panic using the
235 .Dl # sysctl debug.kdb.panic=1
237 In the debugger the following commands should be typed to write a core dump and
240 .Dl db> call doadump(0)
245 should be able to save the core dump in the core directory which is
249 .Dl # savecore /var/crash /dev/ada0s1b
251 Three files should be created in the core directory:
255 .Pa vmcore_encrypted.#
258 is the number of the last core dump saved by
261 .Pa vmcore_encrypted.#
262 can be decrypted using the
266 .Dl # decryptcore -p private.pem -k key.# -e vmcore_encrypted.# -c vmcore.#
270 .Dl # decryptcore -p private.pem -n #
274 can be now examined using
277 .Dl # kgdb /usr/obj/sys/GENERIC/kernel.debug vmcore.#
281 .Dl # kgdb -n # /usr/obj/sys/GENERIC/kernel.debug
283 The core was decrypted properly if
285 does not print any errors.
307 Because the file system layer is already dead by the time a crash dump
308 is taken, it is not possible to send crash dumps directly to a file.
310 It is currently not possible to configure both compression and encryption.
311 The encrypted dump format assumes that the kernel dump size is a multiple
312 of the cipher block size, which may not be true when the dump is compressed.