m/node: panic on unknown NMIs Configure the kernel to panic in case it receives an unknown NMI. This can be used to induce a crash in a hanging kernel, allowing crash diagnostics (pstore currently, maybe kdump in the future) to be used to diagnose the hang. This can have false positives on some badly-configured client systems, but is expected to be fine on servers as other server kernels like ESXi's vmkernel behave the same. Change-Id: Ie41e7b816be8492636b6fa596c1c299c0a7a0fc2 Reviewed-on: https://review.monogon.dev/c/monogon/+/2754 Tested-by: Jenkins CI Reviewed-by: Serge Bazanski <serge@monogon.tech>

commit: 6cb00ed6d867466d824ee5e3464f707787ed035c [log] [tgz]
author: Lorenz Brun <lorenz@monogon.tech> Thu Feb 08 17:49:19 2024 +0100
committer: Lorenz Brun <lorenz@monogon.tech> Mon Feb 12 18:10:28 2024 +0000
tree: fd7f6a1340634ed4233f6f9ec1bad479f17b5ec6
parent: acdfba5e65701520a23e3b3a90c5cb17c0cf3ac2 [diff]
diff --git a/metropolis/node/BUILD.bazel b/metropolis/node/BUILD.bazel
index b1173db..eb7e870 100644
--- a/metropolis/node/BUILD.bazel
+++ b/metropolis/node/BUILD.bazel

@@ -118,7 +118,7 @@
 
 efi_unified_kernel_image(
     name = "kernel_efi",
-    cmdline = "console=ttyS0,115200 console=ttyS1,115200 console=tty0 quiet rootfstype=erofs init=/init loadpin.exclude=kexec-image,kexec-initramfs",
+    cmdline = "console=ttyS0,115200 console=ttyS1,115200 console=tty0 quiet rootfstype=erofs init=/init loadpin.exclude=kexec-image,kexec-initramfs kernel.unknown_nmi_panic=1",
     initrd = [":ucode"],
     kernel = "//third_party/linux",
     os_release = ":os-release-info",
commit	6cb00ed6d867466d824ee5e3464f707787ed035c	[log] [tgz]
author	Lorenz Brun <lorenz@monogon.tech>	Thu Feb 08 17:49:19 2024 +0100
committer	Lorenz Brun <lorenz@monogon.tech>	Mon Feb 12 18:10:28 2024 +0000
tree	fd7f6a1340634ed4233f6f9ec1bad479f17b5ec6
parent	acdfba5e65701520a23e3b3a90c5cb17c0cf3ac2 [diff]