From: Johannes Berg <johannes@sipsolutions.net>
To: Nicolai Stange <nstange@suse.de>
Cc: David Laight <David.Laight@ACULAB.COM>,
'Taehee Yoo' <ap420073@gmail.com>,
"davem@davemloft.net" <davem@davemloft.net>,
"kuba@kernel.org" <kuba@kernel.org>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>,
"wil6210@qti.qualcomm.com" <wil6210@qti.qualcomm.com>,
"brcm80211-dev-list@cypress.com" <brcm80211-dev-list@cypress.com>,
"b43-dev@lists.infradead.org" <b43-dev@lists.infradead.org>,
"linux-bluetooth@vger.kernel.org"
<linux-bluetooth@vger.kernel.org>
Subject: Re: [PATCH net 000/117] net: avoid to remove module when its debugfs is being used
Date: Fri, 09 Oct 2020 09:45:20 +0200 [thread overview]
Message-ID: <fd8aaf06b53f32eae7b5bdcec2f3ea9e1f419b1d.camel@sipsolutions.net> (raw)
In-Reply-To: <87v9fkgf4i.fsf@suse.de>
On Fri, 2020-10-09 at 07:09 +0200, Nicolai Stange wrote:
> Johannes Berg <johannes@sipsolutions.net> writes:
>
> > On Thu, 2020-10-08 at 15:59 +0000, David Laight wrote:
> > > From: Taehee Yoo
> > > > Sent: 08 October 2020 16:49
> > > >
> > > > When debugfs file is opened, its module should not be removed until
> > > > it's closed.
> > > > Because debugfs internally uses the module's data.
> > > > So, it could access freed memory.
> > > >
> > > > In order to avoid panic, it just sets .owner to THIS_MODULE.
> > > > So that all modules will be held when its debugfs file is opened.
> > >
> > > Can't you fix it in common code?
>
> Probably not: it's the call to ->release() that's faulting in the Oops
> quoted in the cover letter and that one can't be protected by the
> core debugfs code, unfortunately.
>
> There's a comment in full_proxy_release(), which reads as
>
> /*
> * We must not protect this against removal races here: the
> * original releaser should be called unconditionally in order
> * not to leak any resources. Releasers must not assume that
> * ->i_private is still being meaningful here.
> */
Yeah, found that too now :-)
> > Yeah I was just wondering that too - weren't the proxy_fops even already
> > intended to fix this?
>
> No, as far as file_operations are concerned, the proxy fops's intent was
> only to ensure that the memory the file_operations' ->owner resides in
> is still valid so that try_module_get() won't splat at file open
> (c.f. [1]).
Right.
> You're right that the default "full" proxy fops do prevent all
> file_operations but ->release() from getting invoked on removed files,
> but the motivation had not been to protect the file_operations
> themselves, but accesses to any stale data associated with removed files
> ([2]).
:)
I actually got this to work in a crazy way, I'll send something out but
I'm sure it's a better idea to add the .owner everywhere, but please
let's do it in fewer than hundreds of patches :-)
johannes
next prev parent reply other threads:[~2020-10-09 7:45 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-08 15:48 [PATCH net 000/117] net: avoid to remove module when its debugfs is being used Taehee Yoo
2020-10-08 15:59 ` David Laight
2020-10-08 16:14 ` Johannes Berg
2020-10-08 16:37 ` Taehee Yoo
2020-10-09 5:38 ` Nicolai Stange
2020-10-09 10:07 ` Taehee Yoo
2020-10-09 5:09 ` Nicolai Stange
2020-10-09 7:45 ` Johannes Berg [this message]
2020-10-09 10:15 ` Taehee Yoo
2020-10-09 10:21 ` Johannes Berg
2020-10-09 10:41 ` [RFC] debugfs: protect against rmmod while files are open Johannes Berg
2020-10-09 10:48 ` Johannes Berg
2020-10-09 10:56 ` David Laight
2020-10-09 10:56 ` Johannes Berg
2020-10-09 11:15 ` gregkh
2020-10-09 15:33 ` [PATCH net 000/117] net: avoid to remove module when its debugfs is being used Steve deRosier
2020-10-09 7:53 ` [CRAZY-RFF] debugfs: track open files and release on remove Johannes Berg
2020-10-09 8:03 ` Greg KH
2020-10-09 8:06 ` Johannes Berg
2020-10-09 8:16 ` Greg KH
2020-10-09 8:19 ` Johannes Berg
2020-10-09 8:34 ` David Laight
2020-10-09 8:44 ` Johannes Berg
2020-10-09 9:00 ` David Laight
2020-10-09 8:47 ` Greg KH
2020-10-09 8:48 ` Johannes Berg
2020-10-10 9:38 ` Greg KH
2020-10-10 10:47 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fd8aaf06b53f32eae7b5bdcec2f3ea9e1f419b1d.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=David.Laight@ACULAB.COM \
--cc=ap420073@gmail.com \
--cc=b43-dev@lists.infradead.org \
--cc=brcm80211-dev-list@cypress.com \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=linux-wireless@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=nstange@suse.de \
--cc=wil6210@qti.qualcomm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).