Re: Notifier chains are unsafe

[Alan Stern]

On Thu, 27 Oct 2005, Chandra Seetharaman wrote:

> So, requirements to fix the bug are:
> 	- no sleeping in register/unregister(if we want to keep the
>           current way of use. We can change it and make the relevant
>           changes in the kernel code, if it is agreeable)

I think we will have to make these changes.  In principal it shouldn't be 
hard to add a simple "enabled" flag to each callout which currently is
registered/unregistered atomically or while running.  We could even put 
such a flag into the notifier_block structure and add routines to set or 
clear it, using appropriate barriers.

> 	- notifier_call_chain could be called from any context
> 	- callout function could sleep
> 	- no acquiring locks in notifier_call_chain
>         - make sure the list is consistent :) (which is problem Alan
>           started to fix)
> 	- anything else ?

Let's clarify the "list is consistent" statement.  Obviously it implies 
that no more than one thread can modify the list pointers at any time.  
Beyond that, there should be a guarantee that when unregister returns, the 
routine being removed is not in use and will not be called by any thread.  
Likewise, after register returns, any invocation of notifier_call_chain 
should see the new routine.

Alan Stern

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/