chiark / gitweb /
core: go on a killing spree when transitioning from initrd to main system
authorLennart Poettering <lennart@poettering.net>
Fri, 13 Jul 2012 12:41:57 +0000 (14:41 +0200)
committerLennart Poettering <lennart@poettering.net>
Fri, 13 Jul 2012 12:41:57 +0000 (14:41 +0200)
Makefile.am
src/core/killall.c [new file with mode: 0644]
src/core/killall.h [new file with mode: 0644]
src/core/main.c
src/core/shutdown.c

index 362c466..dafd65d 100644 (file)
@@ -877,7 +877,9 @@ libsystemd_core_la_SOURCES = \
        src/core/build.h \
        src/core/sysfs-show.h \
        src/core/switch-root.h \
-       src/core/switch-root.c
+       src/core/switch-root.c \
+       src/core/killall.h \
+       src/core/killall.c
 
 nodist_libsystemd_core_la_SOURCES = \
        src/core/load-fragment-gperf.c \
@@ -1134,7 +1136,9 @@ systemd_shutdown_SOURCES = \
        src/core/umount.h \
        src/core/shutdown.c \
        src/core/mount-setup.c \
-       src/core/mount-setup.h
+       src/core/mount-setup.h \
+       src/core/killall.h \
+       src/core/killall.c
 
 systemd_shutdown_LDADD = \
        libsystemd-label.la \
diff --git a/src/core/killall.c b/src/core/killall.c
new file mode 100644 (file)
index 0000000..5f589ea
--- /dev/null
@@ -0,0 +1,176 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+  This file is part of systemd.
+
+  Copyright 2010 ProFUSION embedded systems
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <sys/wait.h>
+#include <signal.h>
+#include <errno.h>
+
+#include "util.h"
+#include "def.h"
+#include "killall.h"
+
+#define TIMEOUT_USEC (5 * USEC_PER_SEC)
+
+static bool ignore_proc(pid_t pid) {
+        char buf[PATH_MAX];
+        FILE *f;
+        char c;
+        size_t count;
+        uid_t uid;
+        int r;
+
+        /* We are PID 1, let's not commit suicide */
+        if (pid == 1)
+                return true;
+
+        r = get_process_uid(pid, &uid);
+        if (r < 0)
+                return true; /* not really, but better safe than sorry */
+
+        /* Non-root processes otherwise are always subject to be killed */
+        if (uid != 0)
+                return false;
+
+        snprintf(buf, sizeof(buf), "/proc/%lu/cmdline", (unsigned long) pid);
+        char_array_0(buf);
+
+        f = fopen(buf, "re");
+        if (!f)
+                return true; /* not really, but has the desired effect */
+
+        count = fread(&c, 1, 1, f);
+        fclose(f);
+
+        /* Kernel threads have an empty cmdline */
+        if (count <= 0)
+                return true;
+
+        /* Processes with argv[0][0] = '@' we ignore from the killing
+         * spree.
+         *
+         * http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons */
+        if (count == 1 && c == '@')
+                return true;
+
+        return false;
+}
+
+static void wait_for_children(int n_processes, sigset_t *mask) {
+        usec_t until;
+
+        assert(mask);
+
+        until = now(CLOCK_MONOTONIC) + TIMEOUT_USEC;
+        for (;;) {
+                struct timespec ts;
+                int k;
+                usec_t n;
+
+                for (;;) {
+                        pid_t pid = waitpid(-1, NULL, WNOHANG);
+
+                        if (pid == 0)
+                                break;
+
+                        if (pid < 0 && errno == ECHILD)
+                                return;
+
+                        if (n_processes > 0)
+                                if (--n_processes == 0)
+                                        return;
+                }
+
+                n = now(CLOCK_MONOTONIC);
+                if (n >= until)
+                        return;
+
+                timespec_store(&ts, until - n);
+
+                if ((k = sigtimedwait(mask, NULL, &ts)) != SIGCHLD) {
+
+                        if (k < 0 && errno != EAGAIN) {
+                                log_error("sigtimedwait() failed: %m");
+                                return;
+                        }
+
+                        if (k >= 0)
+                                log_warning("sigtimedwait() returned unexpected signal.");
+                }
+        }
+}
+
+static int killall(int sig) {
+        DIR *dir;
+        struct dirent *d;
+        unsigned int n_processes = 0;
+
+        dir = opendir("/proc");
+        if (!dir)
+                return -errno;
+
+        while ((d = readdir(dir))) {
+                pid_t pid;
+
+                if (d->d_type != DT_DIR &&
+                    d->d_type != DT_UNKNOWN)
+                        continue;
+
+                if (parse_pid(d->d_name, &pid) < 0)
+                        continue;
+
+                if (ignore_proc(pid))
+                        continue;
+
+                if (kill(pid, sig) >= 0)
+                        n_processes++;
+                else if (errno != ENOENT)
+                        log_warning("Could not kill %d: %m", pid);
+        }
+
+        closedir(dir);
+
+        return n_processes;
+}
+
+void broadcast_signal(int sig) {
+        sigset_t mask, oldmask;
+        int n_processes;
+
+        assert_se(sigemptyset(&mask) == 0);
+        assert_se(sigaddset(&mask, SIGCHLD) == 0);
+        assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0);
+
+        if (kill(-1, SIGSTOP) < 0 && errno != ESRCH)
+                log_warning("kill(-1, SIGSTOP) failed: %m");
+
+        n_processes = killall(sig);
+
+        if (kill(-1, SIGCONT) < 0 && errno != ESRCH)
+                log_warning("kill(-1, SIGCONT) failed: %m");
+
+        if (n_processes <= 0)
+                goto finish;
+
+        wait_for_children(n_processes, &mask);
+
+finish:
+        sigprocmask(SIG_SETMASK, &oldmask, NULL);
+}
diff --git a/src/core/killall.h b/src/core/killall.h
new file mode 100644 (file)
index 0000000..8b5bd52
--- /dev/null
@@ -0,0 +1,27 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#ifndef fookillallhfoo
+#define fookillallhfoo
+
+/***
+  This file is part of systemd.
+
+  Copyright 2012 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+void broadcast_signal(int sig);
+
+#endif
index 6f6b565..87cb4ff 100644 (file)
@@ -51,6 +51,7 @@
 #include "path-util.h"
 #include "switch-root.h"
 #include "capability.h"
+#include "killall.h"
 
 #include "mount-setup.h"
 #include "loopback-setup.h"
@@ -1676,6 +1677,11 @@ finish:
                 make_console_stdio();
 
                 if (switch_root_dir) {
+                        /* Kill all remaining processes from the initrd */
+                        broadcast_signal(SIGTERM);
+                        broadcast_signal(SIGKILL);
+
+                        /* And switch root */
                         r = switch_root(switch_root_dir);
                         if (r < 0)
                                 log_error("Failed to switch root, ignoring: %s", strerror(-r));
index 194a1cc..363046e 100644 (file)
 #include "virt.h"
 #include "watchdog.h"
 
-#define TIMEOUT_USEC (5 * USEC_PER_SEC)
 #define FINALIZE_ATTEMPTS 50
 
-static bool ignore_proc(pid_t pid) {
-        char buf[PATH_MAX];
-        FILE *f;
-        char c;
-        size_t count;
-        uid_t uid;
-        int r;
-
-        /* We are PID 1, let's not commit suicide */
-        if (pid == 1)
-                return true;
-
-        r = get_process_uid(pid, &uid);
-        if (r < 0)
-                return true; /* not really, but better safe than sorry */
-
-        /* Non-root processes otherwise are always subject to be killed */
-        if (uid != 0)
-                return false;
-
-        snprintf(buf, sizeof(buf), "/proc/%lu/cmdline", (unsigned long) pid);
-        char_array_0(buf);
-
-        f = fopen(buf, "re");
-        if (!f)
-                return true; /* not really, but has the desired effect */
-
-        count = fread(&c, 1, 1, f);
-        fclose(f);
-
-        /* Kernel threads have an empty cmdline */
-        if (count <= 0)
-                return true;
-
-        /* Processes with argv[0][0] = '@' we ignore from the killing
-         * spree.
-         *
-         * http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons */
-        if (count == 1 && c == '@')
-                return true;
-
-        return false;
-}
-
-static int killall(int sign) {
-        DIR *dir;
-        struct dirent *d;
-        unsigned int n_processes = 0;
-
-        dir = opendir("/proc");
-        if (!dir)
-                return -errno;
-
-        while ((d = readdir(dir))) {
-                pid_t pid;
-
-                if (parse_pid(d->d_name, &pid) < 0)
-                        continue;
-
-                if (ignore_proc(pid))
-                        continue;
-
-                if (kill(pid, sign) == 0)
-                        n_processes++;
-                else
-                        log_warning("Could not kill %d: %m", pid);
-        }
-
-        closedir(dir);
-
-        return n_processes;
-}
-
-static void wait_for_children(int n_processes, sigset_t *mask) {
-        usec_t until;
-
-        assert(mask);
-
-        until = now(CLOCK_MONOTONIC) + TIMEOUT_USEC;
-        for (;;) {
-                struct timespec ts;
-                int k;
-                usec_t n;
-
-                for (;;) {
-                        pid_t pid = waitpid(-1, NULL, WNOHANG);
-
-                        if (pid == 0)
-                                break;
-
-                        if (pid < 0 && errno == ECHILD)
-                                return;
-
-                        if (n_processes > 0)
-                                if (--n_processes == 0)
-                                        return;
-                }
-
-                n = now(CLOCK_MONOTONIC);
-                if (n >= until)
-                        return;
-
-                timespec_store(&ts, until - n);
-
-                if ((k = sigtimedwait(mask, NULL, &ts)) != SIGCHLD) {
-
-                        if (k < 0 && errno != EAGAIN) {
-                                log_error("sigtimedwait() failed: %m");
-                                return;
-                        }
-
-                        if (k >= 0)
-                                log_warning("sigtimedwait() returned unexpected signal.");
-                }
-        }
-}
-
-static void send_signal(int sign) {
-        sigset_t mask, oldmask;
-        int n_processes;
-
-        assert_se(sigemptyset(&mask) == 0);
-        assert_se(sigaddset(&mask, SIGCHLD) == 0);
-        assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0);
-
-        if (kill(-1, SIGSTOP) < 0 && errno != ESRCH)
-                log_warning("kill(-1, SIGSTOP) failed: %m");
-
-        n_processes = killall(sign);
-
-        if (kill(-1, SIGCONT) < 0 && errno != ESRCH)
-                log_warning("kill(-1, SIGCONT) failed: %m");
-
-        if (n_processes <= 0)
-                goto finish;
-
-        wait_for_children(n_processes, &mask);
-
-finish:
-        sigprocmask(SIG_SETMASK, &oldmask, NULL);
-}
-
-static void ultimate_send_signal(int sign) {
-        sigset_t mask, oldmask;
-        int r;
-
-        assert_se(sigemptyset(&mask) == 0);
-        assert_se(sigaddset(&mask, SIGCHLD) == 0);
-        assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0);
-
-        if (kill(-1, SIGSTOP) < 0 && errno != ESRCH)
-                log_warning("kill(-1, SIGSTOP) failed: %m");
-
-        r = kill(-1, sign);
-        if (r < 0 && errno != ESRCH)
-                log_warning("kill(-1, %s) failed: %m", signal_to_string(sign));
-
-        if (kill(-1, SIGCONT) < 0 && errno != ESRCH)
-                log_warning("kill(-1, SIGCONT) failed: %m");
-
-        if (r < 0)
-                goto finish;
-
-        wait_for_children(0, &mask);
-
-finish:
-        sigprocmask(SIG_SETMASK, &oldmask, NULL);
-}
-
 static int prepare_new_root(void) {
         static const char dirs[] =
                 "/run/initramfs/oldroot\0"
@@ -267,6 +97,7 @@ static int prepare_new_root(void) {
 }
 
 static int pivot_to_new_root(void) {
+
         if (chdir("/run/initramfs") < 0) {
                 log_error("Failed to change directory to /run/initramfs: %m");
                 return -errno;
@@ -302,7 +133,7 @@ int main(int argc, char *argv[]) {
         int cmd, r;
         unsigned retries;
         bool need_umount = true, need_swapoff = true, need_loop_detach = true, need_dm_detach = true;
-        bool killed_everbody = false, in_container, use_watchdog = false;
+        bool in_container, use_watchdog = false;
         char *arguments[3];
 
         log_parse_environment();
@@ -345,10 +176,10 @@ int main(int argc, char *argv[]) {
         mlockall(MCL_CURRENT|MCL_FUTURE);
 
         log_info("Sending SIGTERM to remaining processes...");
-        send_signal(SIGTERM);
+        broadcast_signal(SIGTERM);
 
         log_info("Sending SIGKILL to remaining processes...");
-        send_signal(SIGKILL);
+        broadcast_signal(SIGKILL);
 
         if (in_container) {
                 need_swapoff = false;
@@ -414,21 +245,10 @@ int main(int argc, char *argv[]) {
                 }
 
                 /* If in this iteration we didn't manage to
-                 * unmount/deactivate anything, we either kill more
-                 * processes, or simply give up */
+                 * unmount/deactivate anything, we simply give up */
                 if (!changed) {
-
-                        if (killed_everbody) {
-                                /* Hmm, we already killed everybody,
-                                 * let's just give up */
-                                log_error("Cannot finalize remaining file systems and devices, giving up.");
-                                break;
-                        }
-
-                        log_warning("Cannot finalize remaining file systems and devices, trying to kill remaining processes.");
-                        ultimate_send_signal(SIGTERM);
-                        ultimate_send_signal(SIGKILL);
-                        killed_everbody = true;
+                        log_error("Cannot finalize remaining file systems and devices, giving up.");
+                        break;
                 }
 
                 log_debug("Couldn't finalize remaining file systems and devices after %u retries, trying again.", retries+1);