Skip to content

blockdev: Fix loopback device resource leak on signal interruption #1402

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 22, 2025
Merged

blockdev: Fix loopback device resource leak on signal interruption #1402

merged 1 commit into from
Jul 22, 2025

Conversation

@gursewak1997
Copy link
Contributor

@gursewak1997 gursewak1997 commented Jul 10, 2025

This commit implements issue #799 by creating a signal-safe cleanup helper for loopback devices to prevent resource leaks when bootc install --via-loopback is interrupted by signals like SIGINT (Ctrl-C).

The solution uses an 'out-of-process drop' helper that:

  • Forks a cleanup helper process when creating a loopback device
  • Uses PR_SET_PDEATHSIG to detect when the parent process dies
  • Masks most signals to avoid being killed accidentally
  • Automatically cleans up leaked loopback devices if the parent dies
  • Gracefully terminates when the parent performs normal cleanup

This prevents the common issue where interrupting bootc install --via-loopback with Ctrl-C would leave /dev/loopN devices allocated on the system.

Fixes: #799

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jul 10, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a signal-safe cleanup mechanism for loopback devices to prevent resource leaks on signal interruption. It uses an out-of-process helper to clean up leaked loopback devices. I've added comments to enhance error logging for better debugging.

@gursewak1997 gursewak1997 force-pushed the bootc-799 branch 6 times, most recently from 70c2b77 to a4ab303 Compare July 11, 2025 05:59
@cgwalters
Copy link
Collaborator

cgwalters commented Jul 11, 2025

Thanks for working on this! While it will be a bit more awkward can you try doing it this way #799 (comment) - that should 100% avoid all the unsafe code.

Basically instead of a raw fork() (source of basically all the unsafe in general) we fork+exec our own binary /proc/self/exe. Look at e.g. reexec_with_guardenv.

cgwalters
cgwalters requested changes Jul 11, 2025
View reviewed changes
Copy link
Collaborator

@cgwalters cgwalters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! Looking closer

cgwalters
cgwalters requested changes Jul 16, 2025
View reviewed changes
Copy link
Collaborator

@cgwalters cgwalters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, looking a lot closer!

@gursewak1997 gursewak1997 force-pushed the bootc-799 branch 2 times, most recently from 507ad56 to f0de48a Compare July 18, 2025 04:58
@cgwalters
Copy link
Collaborator

cgwalters commented Jul 22, 2025

This is looking pretty good to me now! Is there a reason it's still in draft? Can you also mark issues in the discussion as resolved when they're fixed?

@gursewak1997 gursewak1997 marked this pull request as ready for review July 22, 2025 18:09
@gursewak1997
Copy link
Contributor Author

gursewak1997 commented Jul 22, 2025
edited
Loading

Can you also mark issues in the discussion as resolved when they're fixed?

Every issue in discussion should be fixed now.

@gursewak1997 gursewak1997 reopened this Jul 22, 2025
@gursewak1997 gursewak1997 requested a review from cgwalters July 22, 2025 18:12
cgwalters
cgwalters requested changes Jul 22, 2025
View reviewed changes
Copy link
Collaborator

@cgwalters cgwalters left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM aside from one last bit

@gursewak1997
blockdev: implement signal-safe loopback device cleanup helper
c2c918c 
Add fork+exec based cleanup helper to prevent loopback device leaks when
bootc install --via-loopback is interrupted by signals like SIGINT.

- Add loopback-cleanup-helper CLI subcommand
- Implement run_loopback_cleanup_helper() with PR_SET_PDEATHSIG
- Update LoopbackDevice to spawn cleanup helper process
- Add tests for spawn mechanism
@gursewak1997 gursewak1997 requested a review from cgwalters July 22, 2025 19:46
@gursewak1997 gursewak1997 enabled auto-merge July 22, 2025 19:47
@gursewak1997 gursewak1997 merged commit ed787b4 into bootc-dev:main Jul 22, 2025
28 of 31 checks passed
@cgwalters
Copy link
Collaborator

cgwalters commented Jul 23, 2025

Fallout in #1439

@SamD2021 SamD2021 mentioned this pull request Aug 14, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cgwalters cgwalters cgwalters approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

drop loopback out-of-process

2 participants

@gursewak1997 @cgwalters