On Sun, 05 Jul 2020 at 12:08:41 +0200, Vincent Lefevre wrote: > On 2020-07-04 01:07:15 +0200, Guilhem Moulin wrote: >> That would introduce back the race condition described in #943459. > > I don't think so, as this would be equivalent to the current code when > it reaches the 60-second timeout, except that the wait_for_dropbear() > function will return earlier (with return value 1).
The raison d'ĂȘtre of wait_for_dropbear() is to avoid handing the execution over to init(1) with a running ipconfig process or unclean network stack. This is what the race condition described in #943459 is about. wait_for_dropbear() somewhat of a hack, but ipconfig doesn't seem to react to SIGTERM and I couldn't do better at the time. If wait_for_dropbear() were to have an abort mechanism that didn't wait for ipconfig to settle or give up, then we would reintroduce the race condition. > Thus this would be no worse than the current code. Consider a slow DHCP setup where ipconfig gets a lease after 45s or so. While it's running you unlock drives so the boot process can proceed. If the execution is handed over to init(1) right away, without waiting for ipconfig to settle or give up (nor for dropbear to start), then ipconfig and dropbear will race with the network stack resp. SSHd of the main system. This might yield a static IP being overwritten by DHCP, like in #943459, and/or OpenSSH failing to start because dropbear listens on 22/tcp already. -- Guilhem.
signature.asc
Description: PGP signature
