From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg KH Date: Thu, 03 Jun 2004 19:02:06 +0000 Subject: Re: hotplug remove vs. device driver close Message-Id: <20040603190206.GA23248@kroah.com> List-Id: References: <20040602181455.C17544@forte.austin.ibm.com> In-Reply-To: <20040602181455.C17544@forte.austin.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-hotplug@vger.kernel.org On Thu, Jun 03, 2004 at 01:50:44PM -0500, linas@austin.ibm.com wrote: > On Thu, Jun 03, 2004 at 09:20:20AM -0700, Greg KH wrote: > > On Thu, Jun 03, 2004 at 11:40:04AM +1000, Anton Blanchard wrote: > > > > > > > > We are hitting a situation where we are hot-plug removing a pci card > > > > > before closing the device driver. This seems to lead to kernel > > > > > memory leaks if not outright crashes. I'm trying to understand what > > > > > the correct solution to this is supposed to be. > > > > > > > > To paraphrase from the PCI Hotplug spec, "DO NOT DO THAT!" > > > > > > How do you currently guarantee this on cardbus? > > > > We make no such guarantee. As I stated, the Cardbus/PCMCIA handle this > > quite easily, so it is pretty simple to fix up a PCI driver to also > > handle this. > > > > But the main answer is that the PCI Hotplug spec states that the OS does > > NOT have to protect for this happening to regular PCI devices. > > So if I understand what you are saying: if the OS crashes because of > a sysadmin error or a script error during pci hotplug remove, that's > considered OK? As sysadmin I can delete your whole root fs, and reboot the box into obvilion. Are you considering changing this ability too? :) If you are really worried about this, then look into a different permisssion model for Linux like SELinux. Or you can simply fix up your PCI driver to properly handle reading all FF when the device has been removed. That seems to be what you need to do to solve this for your small subset of drivers on your platform, correct? > I understand why the PCI spec would say that: they have no desire > to over-burden already struggling OS developers: the PCI spec > committee probably thinks in terms of "provide function not policy". > That's normal and as it should be. That's also what the kernel provides, function not policy. Put your policy in userspace and force your admin to use a tool that ensures that the device has properly shutdown anything that is bound to that device before it tells the kernel to remove it from the system. thanks, greg k-h ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel