Unloading a module with a function which is used by a static call

Unloading a module with a function which is used by a static call

[Denis Efremov]

Hi,

I'm not sure, but is it intentional that we don't increase a module refcounter
when we call static_call_update()? Let's imagine that:

we load "Module A" with:
  void fire_a(...) {...}
  DEFINE_STATIC_CALL(fire, fire_a);
  EXPORT_STATIC_CALL_GPL(fire);
  static_call(fire)(); // from time-to-time
and load "Module B" that:
  void fire_b(...) {...}
  static_call_update(fire, &fire_b);

and then unload "Module B" without updating back "fire" to "fire_a".
"Module A" will try to call "fire_b" and will crash the kernel or
call something else instead. Maybe pointing static call to a default
value in static_call_del_module() with a WARN can be used instead
of module_get().

I reproduced this scenario here:
https://github.com/evdenis/static_calls_unload_test

Regards,
Denis Efremov

Re: Unloading a module with a function which is used by a static call

[Peter Zijlstra]

On Fri, Sep 17, 2021 at 11:07:22PM +0300, Denis Efremov wrote:
> Hi,
> 
> I'm not sure, but is it intentional that we don't increase a module refcounter
> when we call static_call_update()? Let's imagine that:

For all intents and purposes, static_call_update() is the same as
assinging a function pointer. That also doesn't increment module counts.

If your case requires management of module refcounts, you get to do so.