root/lib/common/watchdog.c

/* [previous][next][first][last][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. sysrq_trigger
  2. panic_local
  3. panic_sbd
  4. pcmk__panic
  5. pcmk__locate_sbd
  6. pcmk__get_sbd_timeout
  7. pcmk__get_sbd_sync_resource_startup
  8. pcmk__auto_watchdog_timeout
  9. pcmk__valid_sbd_timeout
   1 /*
   2  * Copyright 2013-2023 the Pacemaker project contributors
   3  *
   4  * The version control history for this file may have further details.
   5  *
   6  * This source code is licensed under the GNU Lesser General Public License
   7  * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
   8  */
   9 
  10 #include <crm_internal.h>
  11 
  12 #include <sched.h>
  13 #include <sys/ioctl.h>
  14 #include <sys/reboot.h>
  15 
  16 #include <sys/types.h>
  17 #include <sys/stat.h>
  18 #include <unistd.h>
  19 #include <ctype.h>
  20 #include <dirent.h>
  21 #include <signal.h>
  22 
  23 #ifdef _POSIX_MEMLOCK
  24 #  include <sys/mman.h>
  25 #endif
  26 
  27 static pid_t sbd_pid = 0;
  28 
  29 static void
  30 sysrq_trigger(char t)
     /* [previous][next][first][last][top][bottom][index][help] */
  31 {
  32 #if HAVE_LINUX_PROCFS
  33     FILE *procf;
  34 
  35     // Root can always write here, regardless of kernel.sysrq value
  36     procf = fopen("/proc/sysrq-trigger", "a");
  37     if (!procf) {
  38         crm_perror(LOG_WARNING, "Opening sysrq-trigger failed");
  39         return;
  40     }
  41     crm_info("sysrq-trigger: %c", t);
  42     fprintf(procf, "%c\n", t);
  43     fclose(procf);
  44 #endif // HAVE_LINUX_PROCFS
  45     return;
  46 }
  47 
  48 
  49 /*!
  50  * \internal
  51  * \brief Panic the local host (if root) or tell pacemakerd to do so
  52  */
  53 static void
  54 panic_local(void)
     /* [previous][next][first][last][top][bottom][index][help] */
  55 {
  56     int rc = pcmk_ok;
  57     uid_t uid = geteuid();
  58     pid_t ppid = getppid();
  59 
  60     if(uid != 0 && ppid > 1) {
  61         /* We're a non-root pacemaker daemon (pacemaker-based,
  62          * pacemaker-controld, pacemaker-schedulerd, pacemaker-attrd, etc.) with
  63          * the original pacemakerd parent.
  64          *
  65          * Of these, only the controller is likely to be initiating resets.
  66          */
  67         crm_emerg("Signaling parent %lld to panic", (long long) ppid);
  68         crm_exit(CRM_EX_PANIC);
  69         return;
  70 
  71     } else if (uid != 0) {
  72 #if HAVE_LINUX_PROCFS
  73         /*
  74          * No permissions, and no pacemakerd parent to escalate to.
  75          * Track down the new pacemakerd process and send a signal instead.
  76          */
  77         union sigval signal_value;
  78 
  79         memset(&signal_value, 0, sizeof(signal_value));
  80         ppid = pcmk__procfs_pid_of("pacemakerd");
  81         crm_emerg("Signaling pacemakerd[%lld] to panic", (long long) ppid);
  82 
  83         if(ppid > 1 && sigqueue(ppid, SIGQUIT, signal_value) < 0) {
  84             crm_perror(LOG_EMERG, "Cannot signal pacemakerd[%lld] to panic",
  85                        (long long) ppid);
  86         }
  87 #endif // HAVE_LINUX_PROCFS
  88 
  89         /* The best we can do now is die */
  90         crm_exit(CRM_EX_PANIC);
  91         return;
  92     }
  93 
  94     /* We're either pacemakerd, or a pacemaker daemon running as root */
  95 
  96     if (pcmk__str_eq("crash", getenv("PCMK_panic_action"), pcmk__str_casei)) {
  97         sysrq_trigger('c');
  98     } else if (pcmk__str_eq("sync-crash", getenv("PCMK_panic_action"), pcmk__str_casei)) {
  99         sync();
 100         sysrq_trigger('c');
 101     } else {
 102         if (pcmk__str_eq("sync-reboot", getenv("PCMK_panic_action"), pcmk__str_casei)) {
 103             sync();
 104         }
 105         sysrq_trigger('b');
 106     }
 107     /* reboot(RB_HALT_SYSTEM); rc = errno; */
 108     reboot(RB_AUTOBOOT);
 109     rc = errno;
 110 
 111     crm_emerg("Reboot failed, escalating to parent %lld: %s " CRM_XS " rc=%d",
 112               (long long) ppid, pcmk_rc_str(rc), rc);
 113 
 114     if(ppid > 1) {
 115         /* child daemon */
 116         exit(CRM_EX_PANIC);
 117     } else {
 118         /* pacemakerd or orphan child */
 119         exit(CRM_EX_FATAL);
 120     }
 121 }
 122 
 123 /*!
 124  * \internal
 125  * \brief Tell sbd to kill the local host, then exit
 126  */
 127 static void
 128 panic_sbd(void)
     /* [previous][next][first][last][top][bottom][index][help] */
 129 {
 130     union sigval signal_value;
 131     pid_t ppid = getppid();
 132 
 133     crm_emerg("Signaling sbd[%lld] to panic", (long long) sbd_pid);
 134 
 135     memset(&signal_value, 0, sizeof(signal_value));
 136     /* TODO: Arrange for a slightly less brutal option? */
 137     if(sigqueue(sbd_pid, SIGKILL, signal_value) < 0) {
 138         crm_perror(LOG_EMERG, "Cannot signal sbd[%lld] to terminate",
 139                    (long long) sbd_pid);
 140         panic_local();
 141     }
 142 
 143     if(ppid > 1) {
 144         /* child daemon */
 145         exit(CRM_EX_PANIC);
 146     } else {
 147         /* pacemakerd or orphan child */
 148         exit(CRM_EX_FATAL);
 149     }
 150 }
 151 
 152 /*!
 153  * \internal
 154  * \brief Panic the local host
 155  *
 156  * Panic the local host either by sbd (if running), directly, or by asking
 157  * pacemakerd. If trace logging this function, exit instead.
 158  *
 159  * \param[in] origin   Function caller (for logging only)
 160  */
 161 void
 162 pcmk__panic(const char *origin)
     /* [previous][next][first][last][top][bottom][index][help] */
 163 {
 164     /* Ensure sbd_pid is set */
 165     (void) pcmk__locate_sbd();
 166 
 167     pcmk__if_tracing(
 168         {
 169             // getppid() == 1 means our original parent no longer exists
 170             crm_emerg("Shutting down instead of panicking the node "
 171                       CRM_XS " origin=%s sbd=%lld parent=%d",
 172                       origin, (long long) sbd_pid, getppid());
 173             crm_exit(CRM_EX_FATAL);
 174             return;
 175         },
 176         {}
 177     );
 178 
 179     if(sbd_pid > 1) {
 180         crm_emerg("Signaling sbd[%lld] to panic the system: %s",
 181                   (long long) sbd_pid, origin);
 182         panic_sbd();
 183 
 184     } else {
 185         crm_emerg("Panicking the system directly: %s", origin);
 186         panic_local();
 187     }
 188 }
 189 
 190 /*!
 191  * \internal
 192  * \brief Return the process ID of sbd (or 0 if it is not running)
 193  */
 194 pid_t
 195 pcmk__locate_sbd(void)
     /* [previous][next][first][last][top][bottom][index][help] */
 196 {
 197     char *pidfile = NULL;
 198     char *sbd_path = NULL;
 199     int rc;
 200 
 201     if(sbd_pid > 1) {
 202         return sbd_pid;
 203     }
 204 
 205     /* Look for the pid file */
 206     pidfile = crm_strdup_printf(PCMK_RUN_DIR "/sbd.pid");
 207     sbd_path = crm_strdup_printf("%s/sbd", SBIN_DIR);
 208 
 209     /* Read the pid file */
 210     rc = pcmk__pidfile_matches(pidfile, 0, sbd_path, &sbd_pid);
 211     if (rc == pcmk_rc_ok) {
 212         crm_trace("SBD detected at pid %lld (via PID file %s)",
 213                   (long long) sbd_pid, pidfile);
 214 
 215 #if HAVE_LINUX_PROCFS
 216     } else {
 217         /* Fall back to /proc for systems that support it */
 218         sbd_pid = pcmk__procfs_pid_of("sbd");
 219         crm_trace("SBD detected at pid %lld (via procfs)",
 220                   (long long) sbd_pid);
 221 #endif // HAVE_LINUX_PROCFS
 222     }
 223 
 224     if(sbd_pid < 0) {
 225         sbd_pid = 0;
 226         crm_trace("SBD not detected");
 227     }
 228 
 229     free(pidfile);
 230     free(sbd_path);
 231 
 232     return sbd_pid;
 233 }
 234 
 235 long
 236 pcmk__get_sbd_timeout(void)
     /* [previous][next][first][last][top][bottom][index][help] */
 237 {
 238     static long sbd_timeout = -2;
 239 
 240     if (sbd_timeout == -2) {
 241         sbd_timeout = crm_get_msec(getenv("SBD_WATCHDOG_TIMEOUT"));
 242     }
 243     return sbd_timeout;
 244 }
 245 
 246 bool
 247 pcmk__get_sbd_sync_resource_startup(void)
     /* [previous][next][first][last][top][bottom][index][help] */
 248 {
 249     static int sync_resource_startup = PCMK__SBD_SYNC_DEFAULT;
 250     static bool checked_sync_resource_startup = false;
 251 
 252     if (!checked_sync_resource_startup) {
 253         const char *sync_env = getenv("SBD_SYNC_RESOURCE_STARTUP");
 254 
 255         if (sync_env == NULL) {
 256             crm_trace("Defaulting to %sstart-up synchronization with sbd",
 257                       (PCMK__SBD_SYNC_DEFAULT? "" : "no "));
 258 
 259         } else if (crm_str_to_boolean(sync_env, &sync_resource_startup) < 0) {
 260             crm_warn("Defaulting to %sstart-up synchronization with sbd "
 261                      "because environment value '%s' is invalid",
 262                      (PCMK__SBD_SYNC_DEFAULT? "" : "no "), sync_env);
 263         }
 264         checked_sync_resource_startup = true;
 265     }
 266     return sync_resource_startup != 0;
 267 }
 268 
 269 long
 270 pcmk__auto_watchdog_timeout(void)
     /* [previous][next][first][last][top][bottom][index][help] */
 271 {
 272     long sbd_timeout = pcmk__get_sbd_timeout();
 273 
 274     return (sbd_timeout <= 0)? 0 : (2 * sbd_timeout);
 275 }
 276 
 277 bool
 278 pcmk__valid_sbd_timeout(const char *value)
     /* [previous][next][first][last][top][bottom][index][help] */
 279 {
 280     long st_timeout = value? crm_get_msec(value) : 0;
 281 
 282     if (st_timeout < 0) {
 283         st_timeout = pcmk__auto_watchdog_timeout();
 284         crm_debug("Using calculated value %ld for stonith-watchdog-timeout (%s)",
 285                   st_timeout, value);
 286     }
 287 
 288     if (st_timeout == 0) {
 289         crm_debug("Watchdog may be enabled but stonith-watchdog-timeout is disabled (%s)",
 290                   value? value : "default");
 291 
 292     } else if (pcmk__locate_sbd() == 0) {
 293         crm_emerg("Shutting down: stonith-watchdog-timeout configured (%s) "
 294                   "but SBD not active", (value? value : "auto"));
 295         crm_exit(CRM_EX_FATAL);
 296         return false;
 297 
 298     } else {
 299         long sbd_timeout = pcmk__get_sbd_timeout();
 300 
 301         if (st_timeout < sbd_timeout) {
 302             crm_emerg("Shutting down: stonith-watchdog-timeout (%s) too short "
 303                       "(must be >%ldms)", value, sbd_timeout);
 304             crm_exit(CRM_EX_FATAL);
 305             return false;
 306         }
 307         crm_info("Watchdog configured with stonith-watchdog-timeout %s and SBD timeout %ldms",
 308                  value, sbd_timeout);
 309     }
 310     return true;
 311 }
/* [previous][next][first][last][top][bottom][index][help] */