grub: increase kernel ring buffer size to 2MB

[rucoder]

Description

NOTE: 2M may look like an overkill but on really big machine it is better to be save than sorry.

Add log_buf_len=2M to the kernel command line in grub rootfs.cfg to increase the kernel ring buffer from the default 128KB (CONFIG_LOG_BUF_SHIFT=17) to 2MB. This prevents early dmesg messages from being lost when the kernel ring buffer overflows before newlogd starts draining /dev/kmsg.

This can happen on any system with a large number of PCI devices, where hardware probing and driver initialization generate enough messages to overflow the 128KB buffer even under normal load. It is also critical for RT workloads where kernel-level diagnostics (latency spikes, IRQ storms, OOM events) are the most valuable debug information.

The 4MB buffer provides headroom for ~15,000–25,000 kernel messages. The memory cost is negligible on modern systems.

The log_buf_len parameter can also be overridden per-device via:

• CONFIG/grub.cfg: set_global dom0_extra_args "$dom0_extra_args log_buf_len=8M"
• EFI variable eve-kernel-extra-cmdline

How to test and validate this PR

1. Build an EVE image with this change
2. Boot the device and check the kernel ring buffer size:

   dmesg | grep "log_buf_len"
   

   Expected output should show log_buf_len: 20977152 bytes
3. Under heavy load or on a system with many PCI devices, verify that early boot messages are preserved in newlogd output and not lost due to ring buffer overflow

Changelog notes

Increased kernel ring buffer size from 128KB to 2MB to prevent loss of early boot kernel messages, particularly on systems with many PCI devices or under heavy system load.

PR Backports

• 16.0-stable: No.
• 14.5-stable: No.
• 13.4-stable: No.

Checklist

• I've provided a proper description

• I've added the proper documentation

• I've tested my PR on amd64 device

• I've tested my PR on arm64 device

• I've written the test verification instructions

• I've set the proper labels to this PR

• I've checked the boxes above, or I've provided a good reason why I didn't
  check them.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 29.49%. Comparing base (2281599) to head (8c3bdb7).
⚠️ Report is 302 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #5627      +/-   ##
==========================================
+ Coverage   19.52%   29.49%   +9.96%     
==========================================
  Files          19       18       -1     
  Lines        3021     2417     -604     
==========================================
+ Hits          590      713     +123     
+ Misses       2310     1552     -758     
- Partials      121      152      +31     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[rene]

I always prefer to be more conservative thinking on devices that uses Satellite connectivity. I understand 128KB is just simple not enough for bigger devices, but 4MB, as you said, looks overkill. @rucoder in your tests, what is the minimum need to not lost kernel logs? 1MB or 2MB would be enough?

[rucoder]

@rene this is hard to tell. I saw servers with 100s of PCI , but yeah, 4Mb may be an overkill. 1M ? (~9x) ? and btw, it won't affect any traffic consumption, this is just RAM: whether we loose logs or not

[rene]

LGTM