| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.44L0.0704231535310.5236-100000@iolanthe.rowland.org> Date: Mon, 23 Apr 2007 15:47:49 -0400 (EDT) From: Alan Stern <stern@...land.harvard.edu> To: Cornelia Huck <cornelia.huck@...ibm.com> cc: Greg KH <greg@...ah.com>, Tejun Heo <htejun@...il.com>, linux-kernel <linux-kernel@...r.kernel.org>, Rusty Russell <rusty@...tcorp.com.au>, Dmitry Torokhov <dmitry.torokhov@...il.com> Subject: Re: [PATCH RFD] alternative kobject release wait mechanism On Mon, 23 Apr 2007, Cornelia Huck wrote: > On Sun, 22 Apr 2007 10:40:51 -0700, > Greg KH <greg@...ah.com> wrote: > > > > Looking some more, kobject_get_path() is used for kobject renaming, > > > uevent handling, and a little bit in the input core. None of these things > > > should try to access a kobject after it has been del()ed. After all, it's > > > no longer present in the filesystem so it doesn't _have_ a path. > > > > But we _have_ to have a full path at that time to tell userspace what > > just went away. That is the main reason we enforce this (there were > > tons of issues with scsi devices and this in the past which is what > > caused us to enforce this.) > > What we need to ensure is that the parent device is kept at least until > all children, grandchildren and so on are done with their uevent needs. > This would imply it needed to stay as long as those children, > grandchildren, ... are still registered. Would it be save to suggest > that a ->remove callback would always need to unregister the children? > Then putting the parent reference at the end of kobject_del() (which is > after kobject_uevent() in kobject_unregister()) should be safe. Yes, this is the weak spot. For some reason I had assumed that it was illegal to unregister a device while it had registered children (just as it is illegal to rmdir a non-empty directory). If it isn't illegal, then perhaps we should arrange things so that device_del() will recursively call itself for all the device's children. > Question: What now? > > 1. Make it mandatory that all children must be unregistered when > device_del() returns. > > 2. Don't demand an empty directory in sysfs_drop_dentry(). I'm in favor of (1). But instead of making it mandatory, simply force it to be true by having device_del() call itself for all remaining children. For this to be safe, we also have to allow device_del() to be called multiple times (since the device's owner might not be aware that the core had already unregistered it). That's no problem; just add: if (!device_is_registered(dev)) return; to the start of the routine. Alan Stern - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists