Re: execve replacement.

From: Brian Gerst (bgerst@didntduck.org)
Date: Wed Oct 04 2000 - 10:01:00 EST


John Levon wrote:
> anyway, you can just put refcounts in your hijacked system calls; that is
> the safe way to do it, and doesn't require any kernel patches, just extra
> cost in the intercepted system calls.
>
> e.g. :
>
> my_syswhatever(...)
> {
> MOD_INC_USE_COUNT;
> original_syswhatever(...);
> MOD_DEC_USE_COUNT;
> }
>
> Can you explain to me the race with this approach ?

There is a small period of time between the last MOD_DEC_USE_COUNT and
the return of the function where the module could be unloaded by another
CPU (SMP only). It is a tiny race window, but still possible.

MOD_DEC_USE_COUNT is only safe if it does not reduce the use count to
zero. The only exceptions to this are if the caller to the module takes
the Big Kernel Lock or unload_lock. This race was brought to light
because lock_kernel() was removed from the open path in the VFS. Any
time you call through a function pointer that could possibly be in an
unreferenced module, you need to use try_inc_mod_count() before calling.

--

Brian Gerst - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Oct 07 2000 - 21:00:14 EST