process_killer
is a utility to search for and kill processes that might hold up the tearing down and safe unmounting of stateful storage mounts/devices. On ChromeOS, the mounts/devices of interest include any encrypted storage mount/device (eg. cryptohome mounts, encrypted stateful partition's dm-crypt device) as well as the stateful filesystem.
process_killer
looks for the following types of processes:
--file_holders
).--mount_holders
). Such processes don't prevent clean unmounts in the init mount namespace but will still hold a reference to the mount (and by extension, the filesystem superblock/underlying block device) during end of session and shutdown.process_killer
is currently used in the following situations:
ui-post-stop
): At end of the session, process_killer
is used to first find processes that have files open into the user cryptohome. This allows cryptohome a shot into safely unmounting all encrypted user mounts. As a failsafe, cryptohome falls back to doing a lazy unmount. Finally, process_killer
is called as a last resort for processes still holding user cryptohome mounts in a cloned MS_PRIVATE mount namespace.chromeos_shutdown
): At shutdown, process_killer
is used as a last resort to kill any service still accessing stateful mounts. Barring misconfigured init scripts, few processes are running at shutdown so process_killer
does a final sweep of all file and mount holders before starting the teardown process for the stateful mounts.