* Borislav Petkov <[email protected]> wrote:
> On Mon, Feb 06, 2017 at 02:18:32PM +0100, Robert Richter wrote:
>
> > Isn't there the danger the previous watchdog state is never restored if for
> > some reason perf got killed? So maybe have some other task running that
> > restores it once perf is gone.
>
> Currently, I'm restoring it in the atexit() sighandler. Isn't that always
> called?
Normally yes, but it's not guaranteed as atexit() is all user-space, SIGKILL
(or
OOM) or a straight exit (or a crash in the exit handler itself) will cause it
to
not run.
But there's only so much we can do about that, the /proc/sys API is
fundamentally
lossy in that regard. We'd have to add much more involved kernel support to
guarantee that the watchdog state is restored.
A way to do it would be create a new /proc/sys/kernel/watchdog_disable_file
that
disables that watchdog while it's _open_. When a task exits and the kernel
automatically closes the file, the watchdog is re-enabled again. (Or the
process
itself can close the file too.)
This method would also nest properly and would handle multi-processes races
correctly: for example if a script runs perf as root, and root uses 'perf top',
the two should not race and the hardware watchdog should not end up being
disabled...
Thanks,
Ingo
