[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YzTwgxX+WMuJyAJy@T590>
Date: Thu, 29 Sep 2022 09:10:27 +0800
From: Ming Lei <ming.lei@...hat.com>
To: Bart Van Assche <bvanassche@....org>
Cc: "Martin K . Petersen" <martin.petersen@...cle.com>,
linux-scsi@...r.kernel.org, Luis Chamberlain <mcgrof@...nel.org>,
Christoph Hellwig <hch@....de>, Hannes Reinecke <hare@...e.de>,
John Garry <john.garry@...wei.com>,
Mike Christie <michael.christie@...cle.com>,
Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-modules@...r.kernel.org, linux-kernel@...r.kernel.org,
"James E.J. Bottomley" <jejb@...ux.ibm.com>,
Tejun Heo <tj@...nel.org>
Subject: Re: [PATCH v5 6/7] module: Improve support for asynchronous module
exit code
On Wed, Sep 28, 2022 at 12:27:07PM -0700, Bart Van Assche wrote:
> On 9/27/22 18:09, Ming Lei wrote:
> > On Wed, Sep 14, 2022 at 03:56:20PM -0700, Bart Van Assche wrote:
> > > Some kernel modules call device_del() from their module exit code and
> > > schedule asynchronous work from inside the .release callback without waiting
> > > until that callback has finished. As an example, many SCSI LLD drivers call
> >
> > It isn't only related with device, any kobject has such issue, or any
> > reference counter usage has similar potential risk, see previous discussion:
> >
> > https://lore.kernel.org/lkml/YsZm7lSXYAHT14ui@T590/
> >
> > IMO, it is one fundamental problem wrt. module vs. reference counting or
> > kobject uses at least, since the callback depends on module code
> > segment.
> >
> > > scsi_remove_host() from their module exit code. scsi_remove_host() may
> > > invoke scsi_device_dev_release_usercontext() asynchronously.
> > > scsi_device_dev_release_usercontext() uses the host template pointer and
> > > that pointer usually exists in static storage in the SCSI LLD. Support
> > > using the module reference count to keep the module around until
> > > asynchronous module exiting has completed by waiting in the delete_module()
> > > system call until the module reference count drops to zero.
> >
> > The issue can't be addressed by the normal mod->refcnt, since user need
> > to unload module when the device isn't used.
>
> Hi Ming,
>
> How about removing support for calling scsi_device_put() from atomic context
> as is done in the untested patch below?
That can't work.
The problem is that no existed mechanism can guarantee that kobject reference
drops to zero inside module_exit().
Thanks,
Ming
Powered by blists - more mailing lists