Received:  by oss.sgi.com id <S42353AbQFUDsC>;
	Tue, 20 Jun 2000 20:48:02 -0700
Received: from smtprch2.nortelnetworks.com ([192.135.215.15]:8601 "EHLO
        smtprch2.nortel.com") by oss.sgi.com with ESMTP id <S42305AbQFUDrl>;
	Tue, 20 Jun 2000 20:47:41 -0700
Received: from zrchb213.us.nortel.com (actually zrchb213) 
          by smtprch2.nortel.com; Tue, 20 Jun 2000 22:44:22 -0500
Received: from zctwb003.asiapac.nortel.com ([47.152.32.111]) 
          by zrchb213.us.nortel.com 
          with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) 
          id NKANVNJ3; Tue, 20 Jun 2000 22:47:27 -0500
Received: from pwold011.asiapac.nortel.com ([47.181.193.45]) 
          by zctwb003.asiapac.nortel.com 
          with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) 
          id NCLF8DMY; Wed, 21 Jun 2000 13:47:27 +1000
Received: from uow.edu.au (IDENT:akpm@localhost [127.0.0.1]) 
          by pwold011.asiapac.nortel.com (8.9.3/8.9.3) with ESMTP id NAA28063;
          Wed, 21 Jun 2000 13:47:29 +1000
Message-ID: <39503AD1.99A54D57@uow.edu.au>
Date:   Wed, 21 Jun 2000 03:47:29 +0000
X-Sybari-Space: 00000000 00000000 00000000
From:   Andrew Morton <andrewm@uow.edu.au>
X-Mailer: Mozilla 4.61 [en] (X11; I; Linux 2.4.0-test1-ac10 i686)
X-Accept-Language: en
MIME-Version: 1.0
To:     Donald Becker <becker@scyld.com>
CC:     "netdev@oss.sgi.com" <netdev@oss.sgi.com>
Subject: Re: modular net drivers, take 2
References: <395017F3.516165AD@uow.edu.au> <Pine.LNX.4.10.10006202140210.26261-100000@vaio.greennet>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Orig: <andrewm@uow.edu.au>
Sender: owner-netdev@oss.sgi.com
Precedence: bulk
Return-Path: <owner-netdev@oss.sgi.com>
X-Orcpt: rfc822;netdev-outgoing

Donald Becker wrote:
> 
> On Wed, 21 Jun 2000, Andrew Morton wrote:
> 
> > In this example, both dev->ioctl() and dev->get_stats() are called while
> > the module refcount is zero.   So they're as risky as open(); these code
> > paths need to be audited for races wrt kmalloc->schedule()
> > opportunities.
> 
> Hmmm, now this is an important point.
> 
> I just "know" that ioctl() and get_stats() should be "simple" functions that
> shouldn't do call any kernel function, except for perhaps printk().  This is
> not documented in the skeleton driver, or elsewhere.
> 
> I'm guessing that the documentation should advise locking the module if any
> operation is done in get_stats() or private_ioctl() that might result in a
> reschedule.

Yes, these functions tend to be atomic in-and-out.  But there are
opportunities for module unload prior to them even being called.

The call path appears to be:

sys_ioctl()
  lock_kernel()
  -> fd.file_operations.ioctl()  (sock_ioctl())
       unlock_kernel()
       -> sock.proto_ops.ioctl() (inet_ioctl() for af_inet)
            -> dev_ioctl()
               dev_load()
                 -> dev_ifsioc()
                      __dev_get_by_name() (Fails if unloaded)
                      netif_device_present()
                        -> dev->ioctl()

So there are some small SMP-only opportunities for the module
to be unloaded prior to netdevice.do_ioctl() even being called.

This is getting sticky, isn't it?

[ Yipes.  3c527.c does a sleep_on() when the module refcount is zero ]