init: fix signal handling and LOG(FATAL) in child processes
Child processes inherit the signal handlers from their parent process.
In the case of init, fork()'ed processes, will attempt to reboot the
system if they receive a fatal signal). This is not the correct behavior;
these processes should terminate due to the provided signal like other
processes on the system.
This is particularly important as there are multiple LOG(FATAL) calls
in service.cpp for failures after fork() but before execv() when a
service is started.
Note, that pthread_atfork() is not a viable solution since clone() is
used in some cases instead of fork() and atfork handlers are not
called with clone().
Bug: 65637054
Test: LOG(FATAL) from a child process of init and see that it
terminates due to a signal correctly
Test: LOG(FATAL) from init proper and see that it reboots to the
bootloader
Change-Id: I875ebd7a5f6b3f5e3e2c028af3306917c4409db3
diff --git a/init/init.cpp b/init/init.cpp
index 9671560..58f5f23 100644
--- a/init/init.cpp
+++ b/init/init.cpp
@@ -948,7 +948,7 @@
}
}
-static void install_reboot_signal_handlers() {
+static void InstallRebootSignalHandlers() {
// Instead of panic'ing the kernel as is the default behavior when init crashes,
// we prefer to reboot to bootloader on development builds, as this will prevent
// boot looping bad configurations and allow both developers and test farms to easily
@@ -956,7 +956,13 @@
struct sigaction action;
memset(&action, 0, sizeof(action));
sigfillset(&action.sa_mask);
- action.sa_handler = [](int) {
+ action.sa_handler = [](int signal) {
+ // These signal handlers are also caught for processes forked from init, however we do not
+ // want them to trigger reboot, so we directly call _exit() for children processes here.
+ if (getpid() != 1) {
+ _exit(signal);
+ }
+
// panic() reboots to bootloader
panic();
};
@@ -983,7 +989,7 @@
}
if (REBOOT_BOOTLOADER_ON_PANIC) {
- install_reboot_signal_handlers();
+ InstallRebootSignalHandlers();
}
add_environment("PATH", _PATH_DEFPATH);