MontaVista’s Alexander Kaliadin on the instant shutdown of a Linux OS

I had a great interview with the architects of MontaVista Software’s 1-second boot-time real-time Linux. After the interview went to press it occurred to me to ask Alexander Kaliadin a related question. If smart people like him can figure out how to boot a computer in less than a second, is it also possible to turn the computer off in a short time? His answer was that you could possibly just flip the power switch, if the hardware was designed to allow this. His response and elaboration are below.

There is no problem to shutdown the kernel within 250ms or less. However network and file operations might affect this scenario - for example if your stack is waiting for network hands shake to complete with server in another country or you need to dump 8-16-32 Mbytes of disk cache content to physical media using CPU as extreme examples.

The file system used is also very important. Ideally if nearly everything is read-only, NOR-flash-based and your applications are designed properly to handle power loss - you just can kill it instantly. This is how our automotive instrument cluster demo is designed - you can flip the switch at any time with no data loss.

Bad hardware design adds problems as well - it is fairly typical these days to have separate dedicated power management circuitry to handle power sequencing on/off on the board and you will be surprised to see numerous cases with buggy/very conservative power management microcode seriously affecting both start-up and shut down behavior.

With some ODM boards I have been working with recently, power sequencing in hw or/and hardcoded in firmware took up to 750 ms. which is more then I need to get kernel the up. And there is nothing you can do because the way board is powered via the power management circuitry.

In a nutshell it depends on use case and accurate hardware design, but as an example, I am currently working on TI OMAP-based military project with required shutdown time of 200ms.

To cut a long story short - avoid uber-smart hardware if you need fast boot/shutdown and real-time capability.

I mentioned to Alex that I would like to publish the above comments in my blog and he was nice enough to elaborate on them in the following communication:

In a typical desktop box, the proper Linux shutdown process will involve flushing disk caches, closing multiple files and un-mounting drives (local or networked). Depending on the use case, certain daemons or processes may wait for various operations to complete in order to proceed with the shutdown process.

However, many embedded designs tend to use exactly the same system/user image loaded from read-only media and keep only few logs and files open for write access. That provides a potential to accelerate the shutdown process significantly.

For example, it is fairly common in industrial or automotive applications to have all the system running out of read-only flash having only tiny battery backed RAM to hold configuration changes. In such a scenario, the system can be typically shut down in a fraction of second.

Another viable alternative widely used in consumer electronics today is to replace shutdown with stand-by mode. Unfortunately, such approach is strictly prohibited in most mil-aero, industrial, automotive and other mission-critical applications where batteries are banned due to the available power budget, weight, or reliability.

A sub-second boot/shutdown target can also be affected by hardware choices. For example, if you start your design with an off-the-shelf ODM board, you may find that dedicated power management circuitry is hardcoded with very conservative clock/power sequencing timing reaching several hundred milliseconds in worst cases. This is comparable to the time needed to boot a Linux kernel on the same board. It must be evaluated carefully prior to project start and potentially get re-designed since hardware behavior is (mostly) out of software control.

I think this is a nice bracket to the interview I did with Cedric and Alexander. It shows that you can have a complex full-featured operating system that even has real-time capability, and that you can get such a system to boot in less than a second and turn off when you flip the switch. Once Windows started making us ask permission to turn a computer off, I knew the OS people had veered off course. You don’t ask your toaster permission to turn it off and the same should go for your PC.