[PATCH 0/2] Fix (improve) deadlock condition on module removal
netfilter socket option removal
Rusty Russell
rusty at rustcorp.com.au
Wed Sep 5 19:41:37 CEST 2007
On Wed, 2007-09-05 at 13:08 -0400, Neil Horman wrote:
> On Thu, Sep 06, 2007 at 02:13:26AM +1000, Rusty Russell wrote:
> > On Wed, 2007-09-05 at 17:22 +0200, Patrick McHardy wrote:
> > > But I'm wondering, wouldn't module refcounting alone fix this problem?
> > > If we make nf_sockopt() call try_module_get(ops->owner), remove_module()
> > > on ip_tables.ko would simply fail because the refcount is above zero
> > > (so it would fail at point 3 above). Am I missing something important?
> >
> > Yes, that seems the correct solution to me, too. ISTR that this code
> > predates the current module code.
> >
> > Rusty.
>
> Thanks guys-
> When I first started looking at this problem I would have agreed with
> you, that module reference counting alone would fix the problem. However,
> delete_module can work in either a non-blocking or a blocking mode. rmmod
> passes O_NONBLOCK to delete module, and so is fine, but modprobe does not.
Hi Neil,
You have this backwards: O_NONBLOCK is the default. That seems to be
what everyone wants, although I implemented 'rmmod -w' because it seemed
like a good option.
Rusty.
More information about the netfilter-devel
mailing list