| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <460D27E3.2050602@gmail.com>
Date: Sat, 31 Mar 2007 00:08:19 +0900
From: Tejun Heo <htejun@...il.com>
To: Cornelia Huck <cornelia.huck@...ibm.com>
CC: gregkh@...e.de, hugh@...itas.com, dmitry.torokhov@...il.com,
oneukum@...e.de, maneesh@...ibm.com, rpurdie@...ys.net,
James.Bottomley@...elEye.com, Jeff Garzik <jgarzik@...ox.com>,
lkml <linux-kernel@...r.kernel.org>,
"linux-ide@...r.kernel.org" <linux-ide@...r.kernel.org>,
SCSI Mailing List <linux-scsi@...r.kernel.org>
Subject: Re: [RFD driver-core] Lifetime problems of the current driver model
Cornelia Huck wrote:
> On Fri, 30 Mar 2007 22:58:39 +0900,
> Tejun Heo <htejun@...il.com> wrote:
>
>> It's a little bit more convoluted than that. Module reference count of
>> zero doesn't indicate that there is no one referencing the module. It
>> just means that the module can be unloaded. ie. There still can be any
>> number of kobjects with release function backed by the module but as
>> long as all of them can be deleted and released by module exit function,
>> the module is unloadable at that point.
>>
>> IOW, module reference count does not count number of objects depending
>> on the module. It counts the number of active usages of those objects.
>
> We must make sure that the module is never deleted while there may be
> calls to ->release functions - the exit function can only return when
> all ->release calls have returned. This can be guaranteed if we (1)
> don't allow the module to unload if there are outstanding kobjects (we
> may need a "self destruct" knob then) or (2) make sure the ->release
> functions are outside of the module (see, for example,
> drivers/s390/s390_rdev.c).
(3) make sure all existing kobjects are released by module exit function.
For example, let's say there is a hypothetical disk device /dev/dk0
driven by a hypothetical driver mydrv. /dev/dk0 is represented like the
following in the sysfs tree.
/sys/devices/pci0000:00/0000:00:1f.0/dk0/{myknob0,myknob1}
Owner of both attrs myknob0 and myknob1 is mydrv and opening either
increases the reference counts of dk0 and mydrv and closing does the
opposite.
* When there is no opener of either knob and the /dev/dk0 isn't used by
anyone. Reference count of dk0 is 1, mydrv 0.
* User issues rmmod mydrv. As mydrv's reference count is zero, unload
proceeds and mydrv's exit function is called.
* mydrv's exit function looks like the following.
mydrv_exit()
{
sysfs_remove_file(dk0, myknob0);
sysfs_remove_file(dk1, myknob1);
device_del(dk0);
deinit controller;
release all resources;
}
The device_del(dk0) drops dk0's reference count to zero and its
->release is invoked immediately.
This method is widely used to allow modules to be unloaded even when
there still are valid objects if there's no active user.
> (Gah, that stuff is always giving me headaches. Sorry if I'm not making
> sense...)
Yeap, this is confusing. Hope my explanation makes sense.
--
tejun
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists