[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <alpine.LFD.0.999.0708312057470.9261@enigma.security.iitk.ac.in>
Date: Fri, 31 Aug 2007 21:24:21 +0530 (IST)
From: Satyam Sharma <satyam@...radead.org>
To: Andrew Morton <akpm@...ux-foundation.org>
cc: Robert Hancock <hancockr@...w.ca>,
Rusty Russell <rusty@...tcorp.com.au>,
bugme-daemon@...zilla.kernel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
mattilinnanvuori@...oo.com
Subject: Re: [Bugme-new] [Bug 8957] New: Exported functions and variables
should not be reachable by the outside of the module until module_init
finishes
Hi Andrew,
On Wed, 29 Aug 2007, Andrew Morton wrote:
> On Wed, 29 Aug 2007 19:33:48 -0600 Robert Hancock <hancockr@...w.ca> wrote:
>
> > Andrew Morton wrote:
> > > On Wed, 29 Aug 2007 11:33:06 -0700 (PDT) bugme-daemon@...zilla.kernel.org wrote:
> > >
> > >> http://bugzilla.kernel.org/show_bug.cgi?id=8957
> > >>
> > >> Summary: Exported functions and variables should not be reachable
> > >> by the outside of the module until module_init finishes
> > >> Product: Other
> > >> Version: 2.5
> > >> KernelVersion: 2.6.23-rc4
> > >> Platform: All
> > >> OS/Version: Linux
> > >> Tree: Mainline
> > >> Status: NEW
> > >> Severity: normal
> > >> Priority: P1
> > >> Component: Modules
> > >> AssignedTo: other_modules@...nel-bugs.osdl.org
> > >> ReportedBy: mattilinnanvuori@...oo.com
> > >>
> > >>
> > >> Problem Description: a module's exported functions can be called before before
> > >> they are properly initialized by the module_init function.
> > >>
> > >> Steps to reproduce: write a module that exports functions that require
> > >> initialization by the module_init function to work correctly.
> > >>
> > >> E.g. spin lock variables are no longer allowed to be initialized by C
> > >> initializers of the module but only by spin_lock_init that can be called by the
> > >> module_init function. If an exported function calls spin_lock before it is
> > >> initialized, it deadlocks.
> > >
> > > ooh, nice bug ;)
> >
> > Under what circumstances is this actually happening? What are these
> > functions that are being called?
> >
> > Normally things are set up such that this isn't a problem, i.e. if
> > module A depends on module B, module A can't load until module B is
> > finished loading.
>
> Good point.
>
> This thus-far-undescribed module could make its internals externally
> visible via one of the kernel's many register_foo() interfaces,
What you're saying is a plausible problem, but note that it is quite a
completely different issue to what Matti Linnanvuori suggested in the
original bug report.
The report was about module B (which depends on module A, because it
references symbol exported by module A) being able to call a function
(or access data) /exported/ by module A _without_ the module_init()
function of module A having finished completely (and hence the possibility
of accessing uninitialized data etc). But this is not possible -- see the
last reply to Matti.
You're referring to is a module implementing an (possibly un-exported)
function that refers to module-local data, and registering that function
(say through a notifier_block) _before_ initializing_ the data used by
that function. But ...
> but it
> would be a buggy module if it was doing register_foo(my_foo) before
> my_foo() was ready to be called.
... exactly. That module is the buggy culprit here, nothing wrong with
the kernel's core module code.
[ BTW I suspect there /are/ modules out there that get this register_foo()
ordering wrong in their module_init functions.
Even more widespread (as I have noticed) is the sad habit of modules
to not unregister_foo() their stuff (in the module_exit function) in
the exact reverse order of the register_foo() calls made during
module_init. This can clearly lead to oopsen, but the only reason why
we don't see them frequently is because the module_init and module_exit
codepaths are rarely ever executed at runtime, and even more rarely
concurrently with other stuff that's using the module. ]
Satyam
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists