core: add and use NM_SHUTDOWN_TIMEOUT_MS as duration that we plan for shutdown

nm_ppp_manager_stop() wants to ensure that the pppd process is really gone. For that it uses nm_utils_kill_child_async() to first send SIGTERM, and sending SIGKILL after a timeout. Later, we want to fix shutdown of NetworkManager to iterate the mainloop during shutdown, so that such operations are still handled. However, we can only delay shutdown for a certain time. After a timeout (NM_SHUTDOWN_TIMEOUT_MS plus NM_SHUTDOWN_TIMEOUT_MS_GRACE) we really have to give up and terminate. That means, the right amount of time between sending SIGTERM and SIGKILL is exactly NM_SHUTDOWN_TIMEOUT_MS. Hopefully that is of course sufficient in the first place. If not, send SIGKILL afterwards, and give a bit more time (NM_SHUTDOWN_TIMEOUT_MS_GRACE) to reap the child. And if all this time is still not enough, something is really odd and we abort waiting, with a warning in the logfile. Since we don't properly handle shutdown yet, the description above is not really true. But with this patch, we fix it from point of view of NMPPPManager.
2025-12-29 09:10:10 +01:00 · 2018-05-18 14:37:14 +02:00 · 2018-05-18 14:37:14 +02:00 · eaf36db68b
commit eaf36db68b
parent 43f67b4210
2 changed files with 21 additions and 1 deletions
--- a/src/NetworkManagerUtils.h
+++ b/src/NetworkManagerUtils.h
@ -56,6 +56,25 @@ int nm_match_spec_device_by_pllink (const NMPlatformLink *pllink,

 /*****************************************************************************/

+/* during shutdown, there are two relevant timeouts. One is
+ * NM_SHUTDOWN_TIMEOUT_MS which is plenty of time, that we give for all
+ * actions to complete. Of course, during shutdown components should hurry
+ * to cleanup.
+ *
+ * When we initiate shutdown, we should start killing child processes
+ * with SIGTERM. If they don't complete within NM_SHUTDOWN_TIMEOUT_MS, we send
+ * SIGKILL.
+ *
+ * After NM_SHUTDOWN_TIMEOUT_MS, NetworkManager will however not yet terminate right
+ * away. It iterates the mainloop for another NM_SHUTDOWN_TIMEOUT_MS_EXTRA. This
+ * should give time to reap the child process (after SIGKILL).
+ *
+ * So, the maxiumum time we should wait before sending SIGKILL should be at most
+ * NM_SHUTDOWN_TIMEOUT_MS.
+ */
+#define NM_SHUTDOWN_TIMEOUT_MS            1500
+#define NM_SHUTDOWN_TIMEOUT_MS_WATCHDOG    500
+
 typedef struct _NMShutdownWaitObjHandle NMShutdownWaitObjHandle;

 NMShutdownWaitObjHandle *_nm_shutdown_wait_obj_register (GObject *watched_obj,
--- a/src/ppp/nm-ppp-manager.c
+++ b/src/ppp/nm-ppp-manager.c
@ -1253,7 +1253,8 @@ _ppp_manager_stop (NMPPPManager *self,
 	handle->shutdown_waitobj = g_object_new (G_TYPE_OBJECT, NULL);
 	nm_shutdown_wait_obj_register (handle->shutdown_waitobj, "ppp-manager-wait-kill-pppd");
 	nm_utils_kill_child_async (nm_steal_int (&priv->pid),
-	                           SIGTERM, LOGD_PPP, "pppd", 2000,
+	                           SIGTERM, LOGD_PPP, "pppd",
+	                           NM_SHUTDOWN_TIMEOUT_MS,
 	                           _stop_child_cb, handle);

 	return handle;