Re: [RFC] Raceless module interface

From: Rusty Russell (rusty@rustcorp.com.au)
Date: Wed Sep 11 2002 - 20:42:45 EST

Next message: Horst von Brand: "Re: Western Digital hard drive and DMA"
Previous message: Rusty Russell: "Re: [RFC] Raceless module interface"
In reply to: Daniel Phillips: "Re: [RFC] Raceless module interface"
Next in thread: Jamie Lokier: "Re: [RFC] Raceless module interface"
Reply: Jamie Lokier: "Re: [RFC] Raceless module interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <E17pFKr-0007V7-00@starship> you write:
> On Wednesday 11 September 2002 23:26, Jamie Lokier wrote:
> > Daniel Phillips wrote:
> > > Really, that's not so, there are limits. 30 seconds? Whatever.
> > > Remember, during this time the service provided by the module is
> > > unavailable, so this is denial-of-service land. You could of
> > > course put in extra code to abort the unload process on demand,
> > > but, hmm, it probably wouldn't work ;-)
> >
> > If you're going to do it right, you should fix that denial-of-service by
> > waiting until the module has finished unloading and then demand-loading
> > the module again.
>
> That doesn't make the DoS go away, it just makes it a little
> harder to trigger. Anyway, one thing we could do if the rest
> of the module mechanism is up to it, is know that somebody is
> trying to reactivate a module that has just returned from
> module_cleanup(), and immediately reactivate it instead of
> freeing it, hoping to save some disk activity - if this turns
> out to be a real problem, that is. The null solution is likely
> the winner here.

Ah, yes, four-point module interface: init, start, stop, destroy.
Then you can call stop, realize the module is not at zero refcnt (you
lost a race), then call start again. Similar thing if someone
requests a stopped module.

Now you're going to have to change request_module() so the kernel can
realize that you're requesting a module which already exists
(request_module()'s effect currently depends on /etc/modules.conf of
course).

Now, of course, your module interface is starting to look really
complex, too. Because you want to solve the "half-loaded" problem, so
you really want "init" to reserve resources, and "start" to register
them (ie. start can't fail). So every register_xxx interface needs to
be split into reserve_xxx and use_xxx.

We can do all this, of course. I have an awful lot of patches. But
I'm not really happy with any of them.

Rusty.

--
  Anyone who quotes me in their sig is an idiot. -- Rusty Russell.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Horst von Brand: "Re: Western Digital hard drive and DMA"
Previous message: Rusty Russell: "Re: [RFC] Raceless module interface"
In reply to: Daniel Phillips: "Re: [RFC] Raceless module interface"
Next in thread: Jamie Lokier: "Re: [RFC] Raceless module interface"
Reply: Jamie Lokier: "Re: [RFC] Raceless module interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Sep 15 2002 - 22:00:27 EST