| Message ID | 20230806101217.164068-1-loic.poulain@linaro.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v3] init: Add support for rootwait timeout parameter | expand |
On 2023-08-06 18:12, Loic Poulain <loic.poulain@linaro.org> wrote: > Add an optional timeout arg to 'rootwait' as the maximum time in > seconds to wait for the root device to show up before attempting > forced mount of the root filesystem. > > Use case: > In case of device mapper usage for the rootfs (e.g. root=/dev/dm-0), > if the mapper is not able to create the virtual block for any reason > (wrong arguments, bad dm-verity signature, etc), the `rootwait` param > causes the kernel to wait forever. It may however be desirable to only > wait for a given time and then panic (force mount) to cause device reset. > This gives the bootloader a chance to detect the problem and to take some > measures, such as marking the booted partition as bad (for A/B case) or > entering a recovery mode. > > In success case, mounting happens as soon as the root device is ready, > unlike the existing 'rootdelay' parameter which performs an unconditional > pause. > > Signed-off-by: Loic Poulain <loic.poulain@linaro.org> > --- > v2: rebase + reword: add use case example > v3: Use kstrtoint instead of deprecated simple_strtoul > > .../admin-guide/kernel-parameters.txt | 4 ++++ > init/do_mounts.c | 24 +++++++++++++++++-- > 2 files changed, 26 insertions(+), 2 deletions(-) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index a1457995fd41..387cf9c2a2c5 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -5501,6 +5501,10 @@ > Useful for devices that are detected asynchronously > (e.g. USB and MMC devices). > > + rootwait= [KNL] Maximum time (in seconds) to wait for root device > + to show up before attempting to mount the root > + filesystem. > + > rproc_mem=nn[KMG][@address] > [KNL,ARM,CMA] Remoteproc physical memory block. > Memory area to be used by remote processor image, > diff --git a/init/do_mounts.c b/init/do_mounts.c > index 1aa015883519..98190bf34a9f 100644 > --- a/init/do_mounts.c > +++ b/init/do_mounts.c > @@ -18,6 +18,7 @@ > #include <linux/slab.h> > #include <linux/ramfs.h> > #include <linux/shmem_fs.h> > +#include <linux/ktime.h> > > #include <linux/nfs_fs.h> > #include <linux/nfs_fs_sb.h> > @@ -71,12 +72,25 @@ static int __init rootwait_setup(char *str) > { > if (*str) > return 0; > - root_wait = 1; > + root_wait = -1; > return 1; > } > > __setup("rootwait", rootwait_setup); > > +static int __init rootwait_timeout_setup(char *str) > +{ > + if (kstrtoint(str, 0, &root_wait) || root_wait < 0) { > + pr_warn("ignoring invalid rootwait value\n"); > + /* fallback to indefinite wait */ > + root_wait = -1; Will it be a little better to add the 'fallback to infinite wait' message into pr_wran as well? > + } > + > + return 1; > +} > + > +__setup("rootwait=", rootwait_timeout_setup); > + > static char * __initdata root_mount_data; > static int __init root_data_setup(char *str) > { > @@ -384,14 +398,20 @@ void __init mount_root(char *root_device_name) > /* wait for any asynchronous scanning to complete */ > static void __init wait_for_root(char *root_device_name) > { > + const ktime_t end = ktime_add_ms(ktime_get_raw(), root_wait * MSEC_PER_SEC); > + > if (ROOT_DEV != 0) > return; > > pr_info("Waiting for root device %s...\n", root_device_name); > > while (!driver_probe_done() || > - early_lookup_bdev(root_device_name, &ROOT_DEV) < 0) > + early_lookup_bdev(root_device_name, &ROOT_DEV) < 0) { Seems like one indent issue here? > msleep(5); > + if (root_wait > 0 && ktime_after(ktime_get_raw(), end)) > + break; > + } > + > async_synchronize_full(); > > } > -- > 2.34.1 Regards. Liang Li
On Sun, Aug 06, 2023 at 12:12:17PM +0200, Loic Poulain wrote: > Add an optional timeout arg to 'rootwait' as the maximum time in > seconds to wait for the root device to show up before attempting > forced mount of the root filesystem. > > Use case: > In case of device mapper usage for the rootfs (e.g. root=/dev/dm-0), > if the mapper is not able to create the virtual block for any reason > (wrong arguments, bad dm-verity signature, etc), the `rootwait` param > causes the kernel to wait forever. It may however be desirable to only > wait for a given time and then panic (force mount) to cause device reset. > This gives the bootloader a chance to detect the problem and to take some > measures, such as marking the booted partition as bad (for A/B case) or > entering a recovery mode. > > In success case, mounting happens as soon as the root device is ready, > unlike the existing 'rootdelay' parameter which performs an unconditional > pause. > > Signed-off-by: Loic Poulain <loic.poulain@linaro.org> > --- > v2: rebase + reword: add use case example > v3: Use kstrtoint instead of deprecated simple_strtoul > > .../admin-guide/kernel-parameters.txt | 4 ++++ > init/do_mounts.c | 24 +++++++++++++++++-- > 2 files changed, 26 insertions(+), 2 deletions(-) > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index a1457995fd41..387cf9c2a2c5 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -5501,6 +5501,10 @@ > Useful for devices that are detected asynchronously > (e.g. USB and MMC devices). > > + rootwait= [KNL] Maximum time (in seconds) to wait for root device > + to show up before attempting to mount the root > + filesystem. > + > rproc_mem=nn[KMG][@address] > [KNL,ARM,CMA] Remoteproc physical memory block. > Memory area to be used by remote processor image, > diff --git a/init/do_mounts.c b/init/do_mounts.c > index 1aa015883519..98190bf34a9f 100644 > --- a/init/do_mounts.c > +++ b/init/do_mounts.c > @@ -18,6 +18,7 @@ > #include <linux/slab.h> > #include <linux/ramfs.h> > #include <linux/shmem_fs.h> > +#include <linux/ktime.h> > > #include <linux/nfs_fs.h> > #include <linux/nfs_fs_sb.h> > @@ -71,12 +72,25 @@ static int __init rootwait_setup(char *str) > { > if (*str) > return 0; > - root_wait = 1; > + root_wait = -1; > return 1; > } > > __setup("rootwait", rootwait_setup); > > +static int __init rootwait_timeout_setup(char *str) > +{ > + if (kstrtoint(str, 0, &root_wait) || root_wait < 0) { > + pr_warn("ignoring invalid rootwait value\n"); > + /* fallback to indefinite wait */ > + root_wait = -1; > + } > + > + return 1; > +} > + > +__setup("rootwait=", rootwait_timeout_setup); > + > static char * __initdata root_mount_data; > static int __init root_data_setup(char *str) > { > @@ -384,14 +398,20 @@ void __init mount_root(char *root_device_name) > /* wait for any asynchronous scanning to complete */ > static void __init wait_for_root(char *root_device_name) > { > + const ktime_t end = ktime_add_ms(ktime_get_raw(), root_wait * MSEC_PER_SEC); I'd only initialize @end after the ROOT_DEV check. Also, afaict, this currently allows userspace to overflow, i.e., root_wait=2147483647 ktime_add_ms(..., root_wait(2147483647) * MSEC_PER_SEC(1000)) So idk, you probably want to convert root_wait to ms right away and do sm like (completely untested): static int __init rootwait_timeout_setup(char *str) { int ret, tmp; THIS LINE WILL BREAK COMPILATION if (*str) return 0; /* always fallback to indefinite wait */ root_wait = -1; ret = kstrtoint(str, 0, &tmp)); if (ret || tmp < 0) { pr_warn("ignoring invalid rootwait value\n"); return 1; } if (check_mul_overflow(tmp, MSEC_PER_SEC, &root_wait)) pr_warn("ignoring excessive rootwait value\n"); return 1; }
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index a1457995fd41..387cf9c2a2c5 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5501,6 +5501,10 @@ Useful for devices that are detected asynchronously (e.g. USB and MMC devices). + rootwait= [KNL] Maximum time (in seconds) to wait for root device + to show up before attempting to mount the root + filesystem. + rproc_mem=nn[KMG][@address] [KNL,ARM,CMA] Remoteproc physical memory block. Memory area to be used by remote processor image, diff --git a/init/do_mounts.c b/init/do_mounts.c index 1aa015883519..98190bf34a9f 100644 --- a/init/do_mounts.c +++ b/init/do_mounts.c @@ -18,6 +18,7 @@ #include <linux/slab.h> #include <linux/ramfs.h> #include <linux/shmem_fs.h> +#include <linux/ktime.h> #include <linux/nfs_fs.h> #include <linux/nfs_fs_sb.h> @@ -71,12 +72,25 @@ static int __init rootwait_setup(char *str) { if (*str) return 0; - root_wait = 1; + root_wait = -1; return 1; } __setup("rootwait", rootwait_setup); +static int __init rootwait_timeout_setup(char *str) +{ + if (kstrtoint(str, 0, &root_wait) || root_wait < 0) { + pr_warn("ignoring invalid rootwait value\n"); + /* fallback to indefinite wait */ + root_wait = -1; + } + + return 1; +} + +__setup("rootwait=", rootwait_timeout_setup); + static char * __initdata root_mount_data; static int __init root_data_setup(char *str) { @@ -384,14 +398,20 @@ void __init mount_root(char *root_device_name) /* wait for any asynchronous scanning to complete */ static void __init wait_for_root(char *root_device_name) { + const ktime_t end = ktime_add_ms(ktime_get_raw(), root_wait * MSEC_PER_SEC); + if (ROOT_DEV != 0) return; pr_info("Waiting for root device %s...\n", root_device_name); while (!driver_probe_done() || - early_lookup_bdev(root_device_name, &ROOT_DEV) < 0) + early_lookup_bdev(root_device_name, &ROOT_DEV) < 0) { msleep(5); + if (root_wait > 0 && ktime_after(ktime_get_raw(), end)) + break; + } + async_synchronize_full(); }
Add an optional timeout arg to 'rootwait' as the maximum time in seconds to wait for the root device to show up before attempting forced mount of the root filesystem. Use case: In case of device mapper usage for the rootfs (e.g. root=/dev/dm-0), if the mapper is not able to create the virtual block for any reason (wrong arguments, bad dm-verity signature, etc), the `rootwait` param causes the kernel to wait forever. It may however be desirable to only wait for a given time and then panic (force mount) to cause device reset. This gives the bootloader a chance to detect the problem and to take some measures, such as marking the booted partition as bad (for A/B case) or entering a recovery mode. In success case, mounting happens as soon as the root device is ready, unlike the existing 'rootdelay' parameter which performs an unconditional pause. Signed-off-by: Loic Poulain <loic.poulain@linaro.org> --- v2: rebase + reword: add use case example v3: Use kstrtoint instead of deprecated simple_strtoul .../admin-guide/kernel-parameters.txt | 4 ++++ init/do_mounts.c | 24 +++++++++++++++++-- 2 files changed, 26 insertions(+), 2 deletions(-)