Hi,
in the old days you couldn't call a sleeping function in a module
before doing a MOD_INC or after doing a MOD_DEC. Then some safety nets
were added that made these obsolete (in some number of places). I was
told that people had decided to potentially get rid of all safety
nets. Is this true? Is it worthwhile to have a checker for these two
rules?
On Wed, 4 Apr 2001, Dawson Engler wrote:
> Hi,
>
> in the old days you couldn't call a sleeping function in a module
> before doing a MOD_INC or after doing a MOD_DEC. Then some safety nets
> were added that made these obsolete (in some number of places). I was
> told that people had decided to potentially get rid of all safety
> nets. Is this true? Is it worthwhile to have a checker for these two
> rules?
It's worth removing the MOD_{INC,DEC}_USE_COUNT. Which had been done
in quite a few places. Let the caller handle the refcount on callee -
_that_ is definitely safe.
On Wed, 4 Apr 2001 18:25:08 -0700 (PDT),
Dawson Engler <[email protected]> wrote:
>in the old days you couldn't call a sleeping function in a module
>before doing a MOD_INC or after doing a MOD_DEC. Then some safety nets
>were added that made these obsolete (in some number of places). I was
>told that people had decided to potentially get rid of all safety
>nets. Is this true? Is it worthwhile to have a checker for these two
>rules?
I expect to reintroduce the MOD_{INC,DEC} rules in 2.5. Al Viro's
patches to bump the module use count in the caller work up to a point
but they are not a complete fix. You cannot bump the module use count
from an interrupt, which causes problem for netfilter (ask Rusty for
details).
A module can have multiple associated areas including the code segment,
the exception table and arch specific data like the IA64 unwind lists.
Al Viro's fix does not cover all of these areas, Alan Cox added a
spinlock for the exception table but nothing covers the arch specific
data. Adding more spinlocks is not the answer, it penalizes the
mainline code to guard against an unusual event (module unload).