On 2/14/2018 12:53 PM, Deb McLemore wrote:
The only reproduction we were able to perform injected via a BMC soft poweroff
being triggered.
This then called into kernel/reboot.c (orderly_poweroff where the schedule_work
was performed) utilizing the
usermodehelper during the run_cmd /sbin/poweroff.
I'd like to point out that there's still a race condition, since when
init starts it might kick off the rest of your startup sequence before
the idle reboot process gets a time slice to discover that init is alive
and send the signal.
Would it maybe be better to have the main script that initializes your
system check for the existence of the socket, and if found, stop
everything and tell init to shutdown?
Also, why not have the reboot process look for something in the
filesystem to indicate whether the system has started booting? Before
init starts, there won't be anything in the filesystem, but that's not a
problem because you can just wait until there is.
To make a complete proposal, why not:
reboot_helper:
1) create abstract socket
2) wait for any filesystem path that indicates init sequence has
started (/proc maybe)
3) send reboot signal to init
init_userspace.sh
1) check for abstract socket, and if exists, send signal to init and
then exit
2) else run startup sequence
This will give you even better "instant boot sequence abort" performance
than you would get with the design you're proposing, unless you have
some insanely high polling rate in the reboot_helper that you think can
actually deliver the signal before init has even forked for the first time.
-Mike
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
