On Monday 12 June 2006 20:50, Ian Dowse wrote: > In message <[EMAIL PROTECTED]>, John Baldwin writes: > >On Saturday 10 June 2006 13:04, Ian Dowse wrote: > >> Keep firmware images on the list until they have been unregistered > >> with firmware_unregister(). Previously when the last driver reference > >> had been dropped we would clear the list entry under the assumption > >> that the firmware module was about to be unloaded, but this was not > >> true if the firmware image had been loaded manually with kldload. > > > >I think you still need to clear the entire entry in unloadentry() and not > >just > >clear fp->file. Otherwise, another thread could gain a reference on this > >entry in the table after you drop the firmware mutex and before > >firmware_unregister() is ran by the kernel linker. > > That would bring back the original issue where a manually kldloaded > firmware image would be removed from the list when a driver calls > firmware_put(), even though the kld will remain loaded; there is > nothing that a driver can do to get the entry back on the list since > calling linker_reference_module() will not result in a call to > firmware_register() because the module is already (manually) loaded.
No it wouldn't. :) unloadentry() is only called when we are unloading an explicitly loaded module from the taskqueue. That is where I think the 'fp->file = NULL' should be changed to 'clearentry()'. Either that or don't clear fp->file at all. > Shouldn't this race be fixed by your other suggested change of > having a firmware_unregister() failure preventing the image module > from unloading? (I didn't realise it wasn't already checking) The > firmware_unregister() function atomically checks for references and > clears the full entry, so with your change there is no way for the > module to be unloaded while a reference exists. No. You've cleared fp->file. This means that if the other thread gets a reference, the firmware_unregister() will fail, but now the kernel will never unload this file on a subsequent firmware_put() since it won't see that it was explicitly loaded by the kernel since fp->file == NULL. The awk script patch fixes a different race where kldunload would succeed even though there were open references and drivers would have pointers into unmapped memory (or possibly mapped to something else). -- John Baldwin <[EMAIL PROTECTED]> <>< http://www.FreeBSD.org/~jhb/ "Power Users Use the Power to Serve" = http://www.FreeBSD.org _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"
