From owner-svn-src-head@FreeBSD.ORG Wed Aug 11 19:50:07 2010 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C771106566C; Wed, 11 Aug 2010 19:50:07 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from mail.cksoft.de (mail.cksoft.de [IPv6:2001:4068:10::3]) by mx1.freebsd.org (Postfix) with ESMTP id 188CF8FC14; Wed, 11 Aug 2010 19:50:07 +0000 (UTC) Received: from localhost (amavis.fra.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 147F841C6B4; Wed, 11 Aug 2010 21:50:06 +0200 (CEST) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([192.168.74.103]) by localhost (amavis.fra.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id R1fTgAAFbA6S; Wed, 11 Aug 2010 21:50:05 +0200 (CEST) Received: by mail.cksoft.de (Postfix, from userid 66) id 9849641C6A1; Wed, 11 Aug 2010 21:50:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 08F904449AA; Wed, 11 Aug 2010 19:45:20 +0000 (UTC) Date: Wed, 11 Aug 2010 19:45:20 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Will Andrews In-Reply-To: Message-ID: <20100811192959.S48418@maildrop.int.zabbadoz.net> References: <201008110051.o7B0pp10084996@svn.freebsd.org> <20100811143430.GB1707@garage.freebsd.pl> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Pawel Jakub Dawidek , Will Andrews Subject: Re: svn commit: r211157 - in head/sys: modules modules/if_carp net netinet netinet6 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Aug 2010 19:50:07 -0000 On Wed, 11 Aug 2010, Will Andrews wrote: > On Wed, Aug 11, 2010 at 8:34 AM, Pawel Jakub Dawidek wrote: >> Wouldn't it be better to allow unload only if there are no carp(4) >> interfaces? I'd be glad to destroy my carp interfaces before unloading >> the module, but recompiling the kernel to unload it? Not so much. > > Well, in theory, if_clone_detach() is supposed to do that, and it's > called during the unload process prior to NULLing the fp's. But I've > been unable to verify whether that is enough to prevent races. In addition only the module, not the kernel needs to be recompiled. Maybe I should add some more blah ... Actually destroying most (cloned) interfaces is not save at the moment. There could be an mbuf in a netisr queue with an ifp to that interface, or just a packet being processed on another PU, so there is more to this entire picture. Assume that the current way and what is under the #ifdef is a temporary thing and that we'll be able to flip the switch in the future. But there's still quite a bit of work into infratructure and details ahead, some of that will come with more VIMAGE/vnet work on network stack teardown, some might be done independently. SeND will have the cleanup/check to allow to unload under #ifdef __noyet__ as well, once it'll hit the tree, but for that the hooks will need proper ND6 locking as well. The point is, it's currently just not 100% save to just unload and we've been very lenient and lazy with that in the past. It's just that times have changed and the races become true more easily so adding new code/features need to be made aware of that or the pile will just grow. Unfortunately adding extra locking for all those things is nothing you'd want either. If you accept the risk for now that's fine but for the majority of our users we'll have to err on the save side, while allowing them to use freebsd-update now if it was only carp they needed (and not say IPSEC as well) and they can just load the module and be happy w/o having to recompile their own kernel. /bz -- Bjoern A. Zeeb This signature is about you not me.