On 08/09/2021 17.44, Luis Chamberlain wrote: > On Tue, Sep 07, 2021 at 08:00:03PM -0700, Andrew Morton wrote: >> From: Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx> >> Any call of wait_for_initramfs() done before the unpacking has been >> scheduled (i.e. before rootfs_initcall time) must just return >> immediately [and let the caller find an empty file system] in order >> not to deadlock the machine. I mistakenly thought, and my limited >> testing confirmed, that there were no such calls, so I added a >> pr_warn_once() in wait_for_initramfs(). It turns out that one can >> indeed hit request_module() as well as kobject_uevent_env() during >> those early init calls, leading to a user-visible warning in the >> kernel log emitted consistently for certain configurations. > > Further proof that the semantics for init is still loose. Formalizing > dependencies on init is something we should strive to. Eventualy with a > DAG. The linker-tables work I had done years ago strived to get us > there which allows us to get a simple explicit DAG through the linker. > Unfortunately that patch set fell through because folks were > more interested in questioning the alternative side benefits of > linker-tables, but the use-case for helping with init is still valid. > > If we *do* want to resurrect this folks should let me know. Heh, a while back I actually had some completely unrelated thing where I'd want to make use of the linker tables infrastructure - I remembered reading about it on LWN, and was quite surprised when I learnt that that work had never made it in. I don't quite remember the use case (I think it was for some test module infrastructure). But if you do have time to resurrect those patches, I'd certainly be interested. > Since the kobject_uevent_env() interest here is for /sbin/hotplug and > that crap is deprecated, in practice the relevant calls we'd care about > are the request_module() calls. Yes - the first report I got about that pr_warn_once was indeed fixed by the reporter simply disabling CONFIG_UEVENT_HELPER (https://lore.kernel.org/lkml/9849be80-cfe5-b33e-8224-590a4c451415@xxxxxxxxx/). >> We could just remove the pr_warn_once(), but I think it's better to >> postpone enabling the usermodehelper framework until there is at least >> some chance of finding the executable. That is also a little more >> efficient in that a lot of work done in umh.c will be elided. > > I *don't* think we were aware that such request_module() calls were > happening before the fs was even ready and failing silently with > -ENOENT. Probably not, no, otherwise somebody would have noticed. As such, although moving the usermodehelper_enable() > to right after scheduling populating the rootfs is the right thing, > we do loose on the opportunity to learn who were those odd callers > before. We could not care... but this is also a missed opportunity > in finding those. How important that is, is not clear to me as > this was silently failing before... > > If we wanted to keep a print for the above purpose though, we'd likely > want the full stack trace to see who the hell made the call. Well, yes, I have myself fallen into that trap not just once, but at least twice. The first time when I discovered this behaviour on one of the ppc targets I did this work for in the first place (before I came up with the CONFIG_MODPROBE_PATH patch). The second when I asked a reporter to replace the pr_warn_once by WARN_ONCE: https://lore.kernel.org/lkml/4434f245-db3b-c02a-36c4-0111a0dfb78d@xxxxxxxxxxxxxxxxxx/ The problem is that request_module() just fires off some worker thread and then the original calling thread sits back and waits for that worker to return a result. >> However, >> it does change the error seen by those early callers from -ENOENT to >> -EBUSY, so there is a risk of a regression if any caller care about >> the exact error value. > > I'd see this as a welcomed evolution as it tells us more: we're saying > "it's coming, try again" or whatever. Indeed, and I don't think it's the end of the world if somebody notices some change due to that, because we'd learn more about where those early request_module() calls come from. > A debug option to allow us to get a full warning trace in the -EBUSY > case on early init would be nice to have. As noted above, that's difficult. We'd need a way to know which other task is waiting for us, then print the trace of that guy. I don't think anybody is gonna hear this tree falling, so let's not try to solve a problem before we know there is one. Rasmus
