From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752230AbaJAXdM (ORCPT ); Wed, 1 Oct 2014 19:33:12 -0400 Received: from relay3-d.mail.gandi.net ([217.70.183.195]:55158 "EHLO relay3-d.mail.gandi.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751690AbaJAXdL (ORCPT ); Wed, 1 Oct 2014 19:33:11 -0400 Date: Wed, 1 Oct 2014 16:33:05 -0700 From: josh@joshtriplett.org To: Andy Lutomirski Cc: Rob Landley , Andrew Morton , frowand.list@gmail.com, "linux-kernel@vger.kernel.org" , Chuck Ebbert , Randy Dunlap , Shuah Khan Subject: Re: [PATCH v5] init: Allow CONFIG_INIT_FALLBACK=n to disable defaults if init= fails Message-ID: <20141001233305.GC30343@cloud> References: <3c2331ea2aaffcde808995cdd93aa48f6455dd93.1412204084.git.luto@amacapital.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3c2331ea2aaffcde808995cdd93aa48f6455dd93.1412204084.git.luto@amacapital.net> User-Agent: Mutt/1.5.20 (2009-06-14) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 01, 2014 at 03:56:41PM -0700, Andy Lutomirski wrote: > If a user puts init=/whatever on the command line and /whatever > can't be run, then the kernel will try a few default options before > giving up. If init=/whatever came from a bootloader prompt, then > this is unexpected but probably harmless. On the other hand, if it > comes from a script (e.g. a tool like virtme or perhaps a future > kselftest script), then the fallbacks are likely to exist, but > they'll do the wrong thing. For example, they might unexpectedly > invoke systemd. > > This adds a config option CONFIG_INIT_FALLBACK. If unset, > then a failure to run the specified init= process be fatal. > > The intent is to switch the default to N after a while and to > possibly even remove the option entirely > > Signed-off-by: Andy Lutomirski Nit: why does this patch gratuitously change the indentation of the second line of pr_err? That aside: Reviewed-by: Josh Triplett > > Changes from v4: > - Switch the default to y > > Changes from v3: > - Get rid of the strictinit option. Now the new behavior is the default > unless CONFIG_INIT_FALLBACK=y (Rob Landley) > > Changes from v2: > - Improve docs further, to leave the door open to giving strictinit > some sensible semantics if init= is not set. > - Improve error output in the failure case (Shuah Khan). > > Changes from v1: > - Add missing "if" to the docs (Randy Dunlap) > > init/Kconfig | 16 ++++++++++++++++ > init/main.c | 7 ++++++- > 2 files changed, 22 insertions(+), 1 deletion(-) > > diff --git a/init/Kconfig b/init/Kconfig > index e84c6423a2e5..ebbd5846478e 100644 > --- a/init/Kconfig > +++ b/init/Kconfig > @@ -1299,6 +1299,22 @@ source "usr/Kconfig" > > endif > > +config INIT_FALLBACK > + bool "Fall back to defaults if init= parameter is bad" > + default y > + help > + If enabled, the kernel will try the default init binaries if an > + explicit request from the init= parameter fails. > + > + This can have unexpected effects. For example, booting > + with init=/sbin/kiosk_app will run /sbin/init or even /bin/sh > + if /sbin/kiosk_app cannot be executed. > + > + The default value of Y is consistent with historical behavior. > + Selecting N is likely to be more appropriate for most uses, > + especially on kiosks and on kernels that are indended to be > + run under the control of a script. > + > config CC_OPTIMIZE_FOR_SIZE > bool "Optimize for size" > help > diff --git a/init/main.c b/init/main.c > index bb1aed928f21..2bd6105e5dc5 100644 > --- a/init/main.c > +++ b/init/main.c > @@ -960,8 +960,13 @@ static int __ref kernel_init(void *unused) > ret = run_init_process(execute_command); > if (!ret) > return 0; > +#ifndef CONFIG_INIT_FALLBACK > + panic("Requested init %s failed (error %d).", > + execute_command, ret); > +#else > pr_err("Failed to execute %s (error %d). Attempting defaults...\n", > - execute_command, ret); > + execute_command, ret); > +#endif > } > if (!try_to_run_init_process("/sbin/init") || > !try_to_run_init_process("/etc/init") || > -- > 1.9.3 >