Re: Are modunload and ifconfig create racy?

[Paul Goyette <paul%whooppee.com@localhost>]

(Replying _without_ looking at the code!  I can look more deeply if you 
could re-send a pointer to the code...)

Generally, the module's unload code should detach the devsw entry for 
the driver first, to prevent any new accesses.

Then, the config_fini_component() call will fail if existing devices 
cannot be detached.  If this does fail, the module unload code should 
re-attach the devsw entry and return failure.

The only chance I see for any race condition is if the open/create logic 
can clone a new entry which is not seen by config_cfdata_detach() when 
it scans for device instances which need to be detached.

If there is a race condition, it should be solved in each interface's 
driver module, or within the autoconfig framework.  Each driver module 
is responsible for managing its own integration with autoconfig (ie, 
calling config_{init,fini}_component and devsw_{att},det}ach routines).



On Fri, 20 Jan 2017, Kengo NAKAHARA wrote:

> Hi,
>
> As riastradh@n.o pointed out below mail, it seems there is race in
> module unload processing about interfaces.
>    http://mail-index.netbsd.org/tech-net/2017/01/19/msg006250.html
> ========== quote ==========
>   +static int
>   +l2tpdetach(void)
>   +{
>   +       int error;
>   +
>   +       if (!LIST_EMPTY(&l2tp_softc_list))
>   +               return EBUSY;
>
> Need lock here?  Need to first set flag preventing new creation?
>
> mutex_enter(&l2tp_softc.lock);
> KASSERT(!l2tp_softc.dying);
> l2tp_softc.detaching = true;
> if (!LIST_EMPTY(&l2tp_softc.list)) {
> 	l2tp_softc.detaching = false;
> 	mutex_exit(&l2tp_softc.lock);
> 	return EBUSY;
> }
> mutex_exit(&l2tp_softc.lock);
>
> Anyone trying to add to l2tp_softc.list must also check
> l2tp_softc.detaching before proceeding.
> ========== quote ==========
>
> I think this detaching flag exclusion is required to kernel module'd
> interfaces such as pppoe(4), gre(4) and so on. Is this correct?
> # I am not familiar with kernel module load/unload locking...
>
> If correct, it seems some kind of exclusion is required in kernel module
> framework to prevent race between modunload(8) kernel module of such
> interface and ifconfig(8) create of such interface.
>
>
> Could anyone have any ideas about this?
>
>
> Thanks,
>
> --
> //////////////////////////////////////////////////////////////////////
> Internet Initiative Japan Inc.
>
> Device Engineering Section,
> IoT Platform Development Department,
> Network Division,
> Technology Unit
>
> Kengo NAKAHARA <k-nakahara%iij.ad.jp@localhost>
>
> !DSPAM:58820233275462253564689!

+------------------+--------------------------+------------------------+
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:      |
| (Retired)        | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com   |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org |
+------------------+--------------------------+------------------------+