Date: Sat, 29 Aug 2015 13:30:49 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: John Baldwin <jhb@freebsd.org> Cc: freebsd-drivers@freebsd.org, Leonardo Fogel <leonardofogel@yahoo.com.br> Subject: Re: Race conditions Message-ID: <20150829103049.GA2072@kib.kiev.ua> In-Reply-To: <2785418.Nryjt2Jbzi@ralph.baldwin.cx> References: <1439923294.98963.YahooMailBasic@web120801.mail.ne1.yahoo.com> <6889344.0OebVsM7Q3@ralph.baldwin.cx> <20150819145239.GS2072@kib.kiev.ua> <2785418.Nryjt2Jbzi@ralph.baldwin.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 28, 2015 at 01:34:58PM -0700, John Baldwin wrote: > Perhaps we could force cloning to serialize with opens? That is, use > some sort of global lock in devfs such that any non-cloning opens use > a shared lock but an exclusive lock is taken before running clone > event handlers (and held until after d_open returns)? To really > close this sort of race, the exclusive lock acquired when a clone > is created in lookup() would have to be held until devfs_open() is > called. That's rather gross. I suppose you could always aquire the > lock in devfs_lookup() when ISOPEN is set (exclusive if you have to > clone, otherwise shared) and then drop it in devfs_open() after d_open > returns. Hm, I do not think taking a lock in lookup(ISOPEN) is feasible. VFS migh not call VOP_OPEN() after the lookup, for misc. reasons (e.g. due to the permissions, or forced umount reclaiming vnode as two obvious cases). Also, I am not sure about the definition about non-cloning open. Other thread might race with the cloner and open the newly cloned node before the cloner has a chance to proceed. Do you want to prevent this situation ? If yes, then why ? si_drv1 issue should be handled by other means. > Well, we've had this race in most cdev drivers in the tree for a long > time. It's a narrow one that doesn't get hit often (if at all) in > practice, but if I were to do a sweep to patch all the open routines > to handle it, I'd rather we do it this way instead. OTOH, I don't have > a burning desire to patch all the open routines. For the race to be real, the device must be created after the userspace is running. I think that the main case there are pty. I do not see a possibility of removing existing make_dev*() after the make_dev_uber() is introduced, so there is no need for the whole tree sweep.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150829103049.GA2072>