Re: [PATCH v6 3/8] firmware_loader: Move module refcounts to allow unloading

[Russ Weight]

On Thu, Nov 14, 2024 at 01:30:16PM -0600, Tom Lendacky wrote:
> On 11/14/24 12:17, Dan Williams wrote:
> > Russ Weight wrote:
> > [..]
> >> Clearly this would be an unexpected/unusual case. Someone with root
> >> access would have to remove the device driver. I'm not sure how much
> >> effort should be expended in preventing it - but this is the reasoning
> >> behind the incrementing/decrementing of the module reference counts.
> > 
> > The module reference needs to be held only if the producer of those
> > symbols can be removed without triggering some coordinated removal with
> > action consumer. A driver that fails to call
> > firmware_upload_unregister() in its module removal path is simply a driver
> > with a memory-leak and use-after-free bug, not something the firmware
> > upload core needs to worry about.
> > 
> > So, the prevention mechanism is "thou shalt use
> > firmware_upload_unregister() correctly", and when that is in place
> > explicit module references are not only redundant, but trying to
> > implement them causes circular dependency loops.

Thanks for the explanation. Makes total sense to me. I agree that the
module reference counts can/should be removed.

- Russ
> 
> I believe that is how other similar services, like debugfs, work, the
> module is responsible for cleaning up.
> 
> Thanks,
> Tom