[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20110621183004.GE16311@hmsreliant.think-freely.org>
Date: Tue, 21 Jun 2011 14:30:04 -0400
From: Neil Horman <nhorman@...driver.com>
To: Stephen Hemminger <shemminger@...tta.com>
Cc: Prarit Bhargava <prarit@...hat.com>, netdev@...r.kernel.org,
davem@...emloft.net, agospoda@...hat.com, nhorman@...hat.com,
lwoodman@...hat.com
Subject: Re: [PATCH]: Add Network Sysrq Support
On Tue, Jun 21, 2011 at 10:08:58AM -0700, Stephen Hemminger wrote:
> On Tue, 21 Jun 2011 09:00:40 -0400
> Prarit Bhargava <prarit@...hat.com> wrote:
>
> > Add Network Sysrq Support
> >
> > In some circumstances, a system can hang/lockup in such a way that the system
> > is completely unresponsive to keyboard or console input but is still
> > responsive to ping. The config option, CONFIG_SYSRQ_PING, builds
> > net/ipv4/sysrq-ping.ko which allows a root user to configure the system for
> > a remote sysrq.
> >
> > To use this do:
> >
> > mount -t debugfs none /sys/kernel/debug/
> > echo 1 > /proc/sys/kernel/sysrq
> > echo <hex digit val> > /sys/kernel/debug/network_sysrq_magic
> > echo 1 > /sys/kernel/debug/network_sysrq_enable
> >
> > Then on another system on the network you can do:
> >
> > ping -c 1 -p <up to 30 hex digit val><hex val of sysrq> <target_system_name>
> >
> > ex) sysrq-m, m is ascii 0x6d
> >
> > ping -c 1 p 1623a06f554d46d676d <target_system_name>
> >
> > Note that the network sysrq automatically disables after the receipt of
> > the ping, ie) it is single-shot mode. If you want to use this again, you
> > must complete the above four steps again.
> >
> > Signed-off-by: Prarit Bhargava <prarit@...hat.com>
>
> Isn't same functionality already available with netconsole?
Negative, netconsole is a unidirectional protocol. It registers no rx_hook and
so it doesn't receive frames. It could be added, and we could add this
functionality that way, but that would seem wierd (to me at least):
1) It would mean that netconsole was writeable, which means we would need a
utility on the remote server to do that writing to the proper udp port
2) Said utility in (1) would have some security concerns, unless we implemented
the exact same magic key sequencing that prarit has here. Otherwise any
attacker could send an unsolicited request to the netconsole port on a system.
I like the idea of keeping this functionality separate from a feature that gets
such wide use in a production environment.
I've hacked this kind of feature together to solve this problem a few times now,
I think it would be good to have it as a well defined feature permanently.
Acked-by: Neil Horman <nhorman@...driver.com>
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists