Hi Christian, On Tue, 30 May 2023 at 11:45, Christian Brauner <brauner@xxxxxxxxxx> wrote: > > On Fri, May 26, 2023 at 03:07:16PM +0200, Loic Poulain wrote: > > Add an optional timeout arg to 'rootwait' as the maximum time in > > seconds to wait for the root device to show up before attempting > > forced mount of the root filesystem. > > > > This can be helpful to force boot failure and restart in case the > > root device does not show up in time, allowing the bootloader to > > take any appropriate measures (e.g. recovery, A/B switch, retry...). > > > > In success case, mounting happens as soon as the root device is ready, > > contrary to the existing 'rootdelay' parameter (unconditional delay). > > > > Signed-off-by: Loic Poulain <loic.poulain@xxxxxxxxxx> > > --- > > Not terribly opposed and not terribly convinced yet. > So, we have rootdelay= with a timeout parameter that allows to specify a > delay before attempting to mount the root device. And we have rootwait > currently as an indefinite wait. Adding a timeout for rootwait doesn't > seem crazy and is backwards compatible. But there's no mention of any > concrete users or use-case for this which is usually preferable. If this > is just "could be useful for someone eventually" it's way less desirable > to merge this than when it's "here's a/multiple user/users"... So I > would love to see a use-case described here. I can integrate the following use case into a v2 if you think it makes sense: In case of device mapper usage for the root filesystem (e.g. root=/dev/dm-0), if the mapper is not able to create the virtual block for any reasons (wrong arguments, bad dm-verity signature, etc), the `rootwait` parameter will cause the kernel to wait forever. Adding a timeout allows it to detect the 'error' (panic) and reset the device after a few seconds, the bootloader can then decide to mark this non-bootable partition/parameter and fallback to another partition (A/B case) or into a recovery mode. But it's not specific to device mapper, if a eMMC/SDCARD is not detected at boot time because of hardware or software problems (e.g. updated with a bad devicetree), it could be desirable to panic/reboot instead of waiting for something that will never happen. > > And this is only useful if there isn't an early userspace init that > parses and manages root=. So we need to hit prepare_namespaces() as a > rootwait timeout isn't meaningful if this is done by and early init in > the initramfs for example. Indeed, and I do not use initramfs in the above use case, the mapped device is created directly from the kernel (thanks to dm-mod.create=), mostly for boot time optimization reason, and this is for the same reason that rootdelay does not fit. Regards, Loic
