tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

re: Locking strategy for device deletion (also see PR kern/48536)



Paul Goyette writes:
> Can anyone suggest a reliable way to ensure that a device-driver module 
> can be _really_ safely detached?

the method the USB drivers use seems to be fairly safe.  there's one
condition i'm not 100% sure about, but seems unlikely.

see the usage of eg, sc_dying in ugen.c.  there still could be a
problem if a thread were to lookup it's device data, and get
preempted for some other task, and while this is happening, the
module could be unloaded and then it's running on unmapped exec
pages and boom.

that one i think is a much larger issue that affects *all* of our
drivers and needs a general fix where eg device_lookup_private()
returns a reference counted value that must be returned, before the
module can be considered ready to unload (this still leaves a very
minor race between device_put(d); and return;...)


.mrg.


Home | Main Index | Thread Index | Old Index