Add details on oopses and warnings

This commit is contained in:
Raja Grewal 2024-08-25 12:57:22 +10:00
parent e4909b5e28
commit 32de5e7c49
No known key found for this signature in database
GPG Key ID: 92CA473C156B64C4
2 changed files with 5 additions and 2 deletions

View File

@ -135,6 +135,8 @@ kernel.perf_event_paranoid=3
## Force the kernel to panic on "oopses" and kernel warnings in the WARN() path. ## Force the kernel to panic on "oopses" and kernel warnings in the WARN() path.
## Can sometimes potentially indicate and thwart certain kernel exploitation attempts. ## Can sometimes potentially indicate and thwart certain kernel exploitation attempts.
## Panics may be due to false-positives such as bad drivers. ## Panics may be due to false-positives such as bad drivers.
## Oopses are serious but non-fatal errors.
## Kernel warnings are useful to avoid a when attempting to access the location of a WARN().
## ##
## https://en.wikipedia.org/wiki/Kernel_panic#Linux ## https://en.wikipedia.org/wiki/Kernel_panic#Linux
## https://en.wikipedia.org/wiki/Linux_kernel_oops ## https://en.wikipedia.org/wiki/Linux_kernel_oops
@ -150,7 +152,7 @@ kernel.perf_event_paranoid=3
## The limits are applicable when using Linux kernel >= 6.2 (retained here for future-proofing and completeness). ## The limits are applicable when using Linux kernel >= 6.2 (retained here for future-proofing and completeness).
## ##
#kernel.panic=-1 #kernel.panic=-1
kernel.panic_on_oops=1 #kernel.panic_on_oops=1
#kernel.panic_on_warn=1 #kernel.panic_on_warn=1
#kernel.oops_limit=1 #kernel.oops_limit=1
#kernel.warn_limit=1 #kernel.warn_limit=1

View File

@ -14,7 +14,8 @@ fi
## Makes the kernel panic on oopses. This prevents the kernel ## Makes the kernel panic on oopses. This prevents the kernel
## from continuing to run a flawed processes. Many kernel exploits ## from continuing to run a flawed processes. Many kernel exploits
## will also cause an oops which this will make the kernel kill. ## will also cause an oops which this will make the kernel kill
## the offending processes.
#sysctl kernel.panic=-1 #sysctl kernel.panic=-1
sysctl kernel.panic_on_oops=1 sysctl kernel.panic_on_oops=1
#sysctl kernel.panic_on_warn=1 #sysctl kernel.panic_on_warn=1