Re: [Lse-tech] Re: [PATCH 0/7]: Fix for unsafe notifier chain

[Andrew Morton]

Keith Owens <kaos@xxxxxxx> wrote:
>
> On Sun, 27 Nov 2005 18:27:25 +0100, 
> Andi Kleen <ak@xxxxxxx> wrote:
> >On Mon, Nov 28, 2005 at 02:59:05AM +1100, Keith Owens wrote:
> >> On Sun, 27 Nov 2005 14:47:36 +0100, 
> >> Andi Kleen <ak@xxxxxxx> wrote:
> >> >akpm wrote
> >> >>   - Introduce a new notifier API which is wholly unlocked
> >> >
> >> >The old notifiers were already wholly unlocked.

The register and unregister functions take a write_lock on notifier_lock. 
notifier_call_chain() runs unlocked.

> So it wouldn't 
> >> >even need any changes. Just additional locks everywhere.
> >> 
> >> Wrong.  
> >
> >Did you actually read what I wrote? 
> 
> Of course I did.

No you didn't!

>  The whole point is that _ALL_ of the existing
> notifier chain callback code is racy[*].

yup.

>  Saying that the code can be
> left without any changes is simply ignoring the existing races.  They
> _ALL_ need to be fixed.

We're saying that kernel/sys.c:notifier_lock should be removed and that all
callers of notifier_chain_register(), notifier_chain_unregister() and
notifier_call_chain() should be changed to define and use their own lock.

So the _callers_ get to decide whether they're going to use down(),
spin_lock(), down_read(), read_lock(), preempt_disable(), local_irq_disable()
or whatever.

Furthermore we should alter notifier_call_chain() so that a callback may
safely perform notifier_chain_unregister() - that's sane and easy enough.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/