Re: [PATCH v3] init: Add support for rootwait timeout parameter
From: Christian Brauner
Date: Sun Aug 06 2023 - 08:45:54 EST
On Sun, Aug 06, 2023 at 12:12:17PM +0200, Loic Poulain wrote:
> Add an optional timeout arg to 'rootwait' as the maximum time in
> seconds to wait for the root device to show up before attempting
> forced mount of the root filesystem.
>
> Use case:
> In case of device mapper usage for the rootfs (e.g. root=/dev/dm-0),
> if the mapper is not able to create the virtual block for any reason
> (wrong arguments, bad dm-verity signature, etc), the `rootwait` param
> causes the kernel to wait forever. It may however be desirable to only
> wait for a given time and then panic (force mount) to cause device reset.
> This gives the bootloader a chance to detect the problem and to take some
> measures, such as marking the booted partition as bad (for A/B case) or
> entering a recovery mode.
>
> In success case, mounting happens as soon as the root device is ready,
> unlike the existing 'rootdelay' parameter which performs an unconditional
> pause.
>
> Signed-off-by: Loic Poulain <loic.poulain@xxxxxxxxxx>
> ---
> v2: rebase + reword: add use case example
> v3: Use kstrtoint instead of deprecated simple_strtoul
>
> .../admin-guide/kernel-parameters.txt | 4 ++++
> init/do_mounts.c | 24 +++++++++++++++++--
> 2 files changed, 26 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index a1457995fd41..387cf9c2a2c5 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -5501,6 +5501,10 @@
> Useful for devices that are detected asynchronously
> (e.g. USB and MMC devices).
>
> + rootwait= [KNL] Maximum time (in seconds) to wait for root device
> + to show up before attempting to mount the root
> + filesystem.
> +
> rproc_mem=nn[KMG][@address]
> [KNL,ARM,CMA] Remoteproc physical memory block.
> Memory area to be used by remote processor image,
> diff --git a/init/do_mounts.c b/init/do_mounts.c
> index 1aa015883519..98190bf34a9f 100644
> --- a/init/do_mounts.c
> +++ b/init/do_mounts.c
> @@ -18,6 +18,7 @@
> #include <linux/slab.h>
> #include <linux/ramfs.h>
> #include <linux/shmem_fs.h>
> +#include <linux/ktime.h>
>
> #include <linux/nfs_fs.h>
> #include <linux/nfs_fs_sb.h>
> @@ -71,12 +72,25 @@ static int __init rootwait_setup(char *str)
> {
> if (*str)
> return 0;
> - root_wait = 1;
> + root_wait = -1;
> return 1;
> }
>
> __setup("rootwait", rootwait_setup);
>
> +static int __init rootwait_timeout_setup(char *str)
> +{
> + if (kstrtoint(str, 0, &root_wait) || root_wait < 0) {
> + pr_warn("ignoring invalid rootwait value\n");
> + /* fallback to indefinite wait */
> + root_wait = -1;
> + }
> +
> + return 1;
> +}
> +
> +__setup("rootwait=", rootwait_timeout_setup);
> +
> static char * __initdata root_mount_data;
> static int __init root_data_setup(char *str)
> {
> @@ -384,14 +398,20 @@ void __init mount_root(char *root_device_name)
> /* wait for any asynchronous scanning to complete */
> static void __init wait_for_root(char *root_device_name)
> {
> + const ktime_t end = ktime_add_ms(ktime_get_raw(), root_wait * MSEC_PER_SEC);
I'd only initialize @end after the ROOT_DEV check.
Also, afaict, this currently allows userspace to overflow, i.e.,
root_wait=2147483647
ktime_add_ms(..., root_wait(2147483647) * MSEC_PER_SEC(1000))
So idk, you probably want to convert root_wait to ms right away and do
sm like (completely untested):
static int __init rootwait_timeout_setup(char *str)
{
int ret, tmp;
THIS LINE WILL BREAK COMPILATION
if (*str)
return 0;
/* always fallback to indefinite wait */
root_wait = -1;
ret = kstrtoint(str, 0, &tmp));
if (ret || tmp < 0) {
pr_warn("ignoring invalid rootwait value\n");
return 1;
}
if (check_mul_overflow(tmp, MSEC_PER_SEC, &root_wait))
pr_warn("ignoring excessive rootwait value\n");
return 1;
}