From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756198AbbAZRQK (ORCPT ); Mon, 26 Jan 2015 12:16:10 -0500 Received: from bombadil.infradead.org ([198.137.202.9]:33028 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751517AbbAZRQI (ORCPT ); Mon, 26 Jan 2015 12:16:08 -0500 Date: Mon, 26 Jan 2015 09:16:03 -0800 From: Christoph Hellwig To: James Bottomley Cc: Christoph Hellwig , Rusty Russell , Masami Hiramatsu , linux-kernel , linux-scsi Subject: Re: module: fix module_refcount() return when running in a module exit routine Message-ID: <20150126171603.GA32729@infradead.org> References: <54BC93C3.7010808@hitachi.com> <878ugzco8c.fsf@rustcorp.com.au> <1421683701.2080.25.camel@HansenPartnership.com> <871tmqcmau.fsf@rustcorp.com.au> <1421774615.2080.88.camel@HansenPartnership.com> <20150122165018.GA27377@infradead.org> <1421946175.2093.1.camel@HansenPartnership.com> <87iofyurzc.fsf@rustcorp.com.au> <20150123131758.GC8045@infradead.org> <1422038567.2126.14.camel@HansenPartnership.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1422038567.2126.14.camel@HansenPartnership.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org See http://www.infradead.org/rpr.html Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 23, 2015 at 10:42:47AM -0800, James Bottomley wrote: > To that point, Rusty's patch just keeps the status quo in the new > module_refcount() environment, so it's the quick bandaid. > > I think the use case you're worrying about is what happens if someone > tries to use a device after module removal begins executing but before > the device has been deleted (say by opening it)? We'll exit the device > removal routines and then kill the module, because after the module code > gets to ->exit(), nothing re-checks the module refcount, so the host > module will get free'd while we're still using the device. > > The fix for this seems to be to differentiate between special uses of > scsi_get_device, which are allowed to get the device in the module exit > routines and ordinary uses which aren't. Something like this? (the > patch isn't complete, but you get the idea). Yes, that's exactly what I worry about. But you're right, the patch doesn't make anything worse compared to the 3.18 and earlier status quo. So I think I'm fine with the __module_get patch (which I assume will go through the module tree as well?), and I'll get back to my series to unwind our bandaids back to the start for the proper fix.