From mboxrd@z Thu Jan  1 00:00:00 1970
From: ebiederm@xmission.com (Eric W. Biederman)
Subject: Re: [PATCH 04/24] sysfs: Normalize removing sysfs directories.
Date: Sat, 30 May 2009 06:07:47 -0700
Message-ID: <m1d49qoi1o.fsf@fess.ebiederm.org>
References: <m1zlcwltri.fsf_-_@fess.ebiederm.org>
	<1243551665-23596-4-git-send-email-ebiederm@xmission.com>
	<4A1FA777.3040200@kernel.org> <m1zlcvdf7j.fsf@fess.ebiederm.org>
	<4A210DEF.2030203@kernel.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Greg Kroah-Hartman <gregkh@suse.de>,
	linux-kernel@vger.kernel.org,
	Cornelia Huck <cornelia.huck@de.ibm.com>,
	linux-fsdevel@vger.kernel.org, Kay Sievers <kay.sievers@vrfy.org>,
	Greg KH <greg@kroah.com>,
	"Eric W. Biederman" <ebiederm@aristanetworks.com>
To: Tejun Heo <tj@kernel.org>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from out01.mta.xmission.com ([166.70.13.231]:53373 "EHLO
	out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1757873AbZE3NHy (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Sat, 30 May 2009 09:07:54 -0400
In-Reply-To: <4A210DEF.2030203@kernel.org> (Tejun Heo's message of "Sat\, 30 May 2009 19\:43\:59 +0900")
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

Tejun Heo <tj@kernel.org> writes:

> Eric W. Biederman wrote:
>>   Also, I'm quite uncomfortable with these things
>>> being done in non-atomic manner.  It can be made to work but things
>>> like this can lead to subtle race conditions and with the kind of
>>> layering we put on top of sysfs (kobject, driver model, driver
>>> midlayers and so on), it isn't all that easy to verify what's going
>>> on, so NACK for this one.
>> 
>> Total nonsense.
>> 
>> Mucking about with sysfs after we start deleting a directory is a bug.
>> At worst my change makes a buggy race slightly less deterministic.
>> 
>> I am not ready to consider keeping the current unnecessary atomic
>> removal step.  That unnecessary atomicity makes the following patches
>> more difficult, and requires a lot of unnecessary retesting.
>> 
>> What do you think the extra unnecessary atomicity helps protect?
>
> It's just not a clean API.  When people are trying to code things way
> up in the stack, they aren't likely to look up the code to see what
> assumptions are being made especially when the stack is deep and
> complex and sysfs is near the bottom of the tall stack.  IMHO
> implementing the usually expected semantics at this depth is worth
> every effort.  It's just good implementation style which might look
> like wasted effort but will harden the stack in the long run.  Plus,
> it's not like making it atomic is difficult or anything.

I guess we are going to have to disagree on this one.

My take is simply that a correct user has to wait until no one else
can find the kobject before calling kobject_del.  At which point
races are impossible, and it doesn't matter if sysfs_mutex is held
across the entire operation.


For the long term I still intend to kill __sysfs_remove_dir.  Just
not in this patch series.

Eric