lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 19 Nov 2012 00:16:33 +0800
From:	Jiang Liu <liuj97@...il.com>
To:	Toshi Kani <toshi.kani@...com>
CC:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	"Rafael J. Wysocki" <rjw@...k.pl>,
	Vasilis Liaskovitis <vasilis.liaskovitis@...fitbricks.com>,
	linux-acpi@...r.kernel.org, isimatu.yasuaki@...fujitsu.com,
	wency@...fujitsu.com, lenb@...nel.org,
	linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [RFC PATCH v2 0/3] acpi: Introduce prepare_remove device operation

On 11/17/2012 08:25 AM, Toshi Kani wrote:
> On Fri, 2012-11-16 at 16:22 -0800, Greg Kroah-Hartman wrote:
>> On Fri, Nov 16, 2012 at 05:08:53PM -0700, Toshi Kani wrote:
>>>>>>>>>> So the question is, does the ACPI core have to do that and if so, then why?
>>>>>>>>>
>>>>>>>>> The problem is that acpi_memory_devcie_remove() can fail.  However,
>>>>>>>>> device_release_driver() is a void function, so it cannot report its
>>>>>>>>> error.  Here are function flows for SCI, sysfs eject and unbind.
>>>>>>>>
>>>>>>>> Then don't ever let acpi_memory_device_remove() fail.  If the user wants
>>>>>>>> it gone, it needs to go away.  Just like any other device in the system
>>>>>>>> that can go away at any point in time, you can't "fail" that.
>>>>>>>
>>>>>>> That would be ideal, but we cannot delete a memory device that contains
>>>>>>> kernel memory.  I am curious, how do you deal with a USB device that is
>>>>>>> being mounted in this case?
>>>>>>
>>>>>> As the device is physically gone now, we deal with it and clean up
>>>>>> properly.
>>>>>>
>>>>>> And that's the point here, what happens if the memory really is gone?
>>>>>> You will still have to handle it now being removed, you can't "fail" a
>>>>>> physical removal of a device.
>>>>>>
>>>>>> If you remove a memory device that has kernel memory on it, well, you
>>>>>> better be able to somehow remap it before the kernel needs it :)
>>>>>
>>>>> :)
>>>>>
>>>>> Well, we are not trying to support surprise removal here.  All three
>>>>> use-cases (SCI, eject, and unbind) are for graceful removal.  Therefore
>>>>> they should fail if the removal operation cannot complete in graceful
>>>>> way.
>>>>
>>>> Then handle that in the ACPI bus code, it isn't anything that the driver
>>>> core should care about, right?
>>>
>>> Unfortunately not.  Please take a look at the function flow for the
>>> unbind case in my first email.  This request directly goes to
>>> driver_unbind(), which is a driver core function.
>>
>> Yes, and as the user asked for the driver to be unbound from the device,
>> it can not fail.
>>
>> And that is WAY different from removing the memory from the system
>> itself.  Don't think that this is the "normal" way that memory should be
>> removed, that is what stuff like "eject" was created for the PCI slots.
>>
>> Don't confuse the two things here, unbinding a driver from a device
>> should not remove the memory from the system, it doesn't do that for any
>> other type of 'unbind' call for any other bus.  The device is still
>> present, just that specific driver isn't controlling it anymore.
>>
>> In other words, you should NEVER have a normal userspace flow that is
>> trying to do unbind.  unbind is only for radical things like
>> disconnecting a driver from a device if a userspace driver wants to
>> control it, or a hacked up way to implement revoke() for a device.
>>
>> Again, no driver core changes are needed here.
> 
> Okay, we might be able to make the eject case to fail if an ACPI driver
> is not bound to a device.  This way, the unbind case may be harmless to
> proceed.  Let us think about this further on this (but we may come up
> again :). 
Hi all,
	The ACPI based system device hotplug framework project I'm working
on has already provided a solution for this issue.
	We have added several callbacks to struct acpi_device_ops to support
ACPI system device hotplug. By that way, we could guarantee unbinding ACPI
CPU/memory/PCI host bridge drivers will always success. And we have a plan
to implement the existing "eject" interface with the new hotplug framework.

	For more information, please take a look at:
http://www.spinics.net/lists/linux-acpi/msg39487.html
http://www.spinics.net/lists/linux-acpi/msg39490.html

Thanks!
Gerry

> 
> Thanks,
> -Toshi 
> 
> 
> 
> 
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-acpi" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ