| Message ID | 20191129113131.1954-1-pdurrant@amazon.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | xen-blkback: allow module to be cleanly unloaded | expand |
On 29.11.2019 12:31, Paul Durrant wrote: > --- a/drivers/block/xen-blkback/xenbus.c > +++ b/drivers/block/xen-blkback/xenbus.c > @@ -173,6 +173,8 @@ static struct xen_blkif *xen_blkif_alloc(domid_t domid) > init_completion(&blkif->drain_complete); > INIT_WORK(&blkif->free_work, xen_blkif_deferred_free); > > + __module_get(THIS_MODULE); > + > return blkif; > } > > @@ -320,6 +322,8 @@ static void xen_blkif_free(struct xen_blkif *blkif) > > /* Make sure everything is drained before shutting down */ > kmem_cache_free(xen_blkif_cachep, blkif); > + > + module_put(THIS_MODULE); > } I realize there are various example of this in the tree, but isn't this a flawed approach? __module_get() (nor even try_module_get()) will prevent an unload attempt ahead of it getting invoked, while execution is already in this module's .text section. I think the xenbus driver should do this before calling ->probe(), in case of its failure, and after a successful call to ->remove(). Jan
> -----Original Message----- > From: Jan Beulich <jbeulich@suse.com> > Sent: 29 November 2019 11:56 > To: Durrant, Paul <pdurrant@amazon.com> > Cc: xen-devel@lists.xenproject.org; linux-block@vger.kernel.org; linux- > kernel@vger.kernel.org; Roger Pau Monné <roger.pau@citrix.com>; Jens Axboe > <axboe@kernel.dk>; Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> > Subject: Re: [PATCH] xen-blkback: allow module to be cleanly unloaded > > On 29.11.2019 12:31, Paul Durrant wrote: > > --- a/drivers/block/xen-blkback/xenbus.c > > +++ b/drivers/block/xen-blkback/xenbus.c > > @@ -173,6 +173,8 @@ static struct xen_blkif *xen_blkif_alloc(domid_t > domid) > > init_completion(&blkif->drain_complete); > > INIT_WORK(&blkif->free_work, xen_blkif_deferred_free); > > > > + __module_get(THIS_MODULE); > > + > > return blkif; > > } > > > > @@ -320,6 +322,8 @@ static void xen_blkif_free(struct xen_blkif *blkif) > > > > /* Make sure everything is drained before shutting down */ > > kmem_cache_free(xen_blkif_cachep, blkif); > > + > > + module_put(THIS_MODULE); > > } > > I realize there are various example of this in the tree, but > isn't this a flawed approach? __module_get() (nor even > try_module_get()) will prevent an unload attempt ahead of it > getting invoked, while execution is already in this module's > .text section. Good point. That does appear to be a race. > I think the xenbus driver should do this > before calling ->probe(), in case of its failure, and after > a successful call to ->remove(). > That does sound better. I'll see if I can pick up other occurrences (certainly netback) and fix. Paul
diff --git a/drivers/block/xen-blkback/blkback.c b/drivers/block/xen-blkback/blkback.c index fd1e19f1a49f..e562a7e20c3c 100644 --- a/drivers/block/xen-blkback/blkback.c +++ b/drivers/block/xen-blkback/blkback.c @@ -1504,5 +1504,13 @@ static int __init xen_blkif_init(void) module_init(xen_blkif_init); +static void __exit xen_blkif_fini(void) +{ + xen_blkif_xenbus_fini(); + xen_blkif_interface_fini(); +} + +module_exit(xen_blkif_fini); + MODULE_LICENSE("Dual BSD/GPL"); MODULE_ALIAS("xen-backend:vbd"); diff --git a/drivers/block/xen-blkback/common.h b/drivers/block/xen-blkback/common.h index 1d3002d773f7..49132b0adbbe 100644 --- a/drivers/block/xen-blkback/common.h +++ b/drivers/block/xen-blkback/common.h @@ -375,9 +375,12 @@ struct phys_req { struct block_device *bdev; blkif_sector_t sector_number; }; + int xen_blkif_interface_init(void); +void xen_blkif_interface_fini(void); int xen_blkif_xenbus_init(void); +void xen_blkif_xenbus_fini(void); irqreturn_t xen_blkif_be_int(int irq, void *dev_id); int xen_blkif_schedule(void *arg); diff --git a/drivers/block/xen-blkback/xenbus.c b/drivers/block/xen-blkback/xenbus.c index b90dbcd99c03..f948584fcf66 100644 --- a/drivers/block/xen-blkback/xenbus.c +++ b/drivers/block/xen-blkback/xenbus.c @@ -173,6 +173,8 @@ static struct xen_blkif *xen_blkif_alloc(domid_t domid) init_completion(&blkif->drain_complete); INIT_WORK(&blkif->free_work, xen_blkif_deferred_free); + __module_get(THIS_MODULE); + return blkif; } @@ -320,6 +322,8 @@ static void xen_blkif_free(struct xen_blkif *blkif) /* Make sure everything is drained before shutting down */ kmem_cache_free(xen_blkif_cachep, blkif); + + module_put(THIS_MODULE); } int __init xen_blkif_interface_init(void) @@ -333,6 +337,12 @@ int __init xen_blkif_interface_init(void) return 0; } +void xen_blkif_interface_fini(void) +{ + kmem_cache_destroy(xen_blkif_cachep); + xen_blkif_cachep = NULL; +} + /* * sysfs interface for VBD I/O requests */ @@ -1122,3 +1132,8 @@ int xen_blkif_xenbus_init(void) { return xenbus_register_backend(&xen_blkbk_driver); } + +void xen_blkif_xenbus_fini(void) +{ + xenbus_unregister_driver(&xen_blkbk_driver); +}
Add a module_exit() to perform the necessary clean-up. Also add __module_get() and module_put() calls into xen_blkif_alloc() and xen_blkif_free() respectively to make sure an in-use module cannot be unloaded. Signed-off-by: Paul Durrant <pdurrant@amazon.com> --- Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: "Roger Pau Monné" <roger.pau@citrix.com> Cc: Jens Axboe <axboe@kernel.dk> --- drivers/block/xen-blkback/blkback.c | 8 ++++++++ drivers/block/xen-blkback/common.h | 3 +++ drivers/block/xen-blkback/xenbus.c | 15 +++++++++++++++ 3 files changed, 26 insertions(+)