This is basically the same technique used in my current patch. We set
module->live = 0, sychronize_kernel(), then look at reference count.
In this case, instead of setting a flag, try_inc_mod_count (aka
try_module_get()) bumps the refcount, to similar effect to the flag.
> > You can't disable preemption before calling in, because there is no
> > way to sleep with preemption disabled. 8(
>
> Why is that harder than bumping a counter that makes preempt_schedule
> return without doing anything?
Definitely. We could simply allow schedule() to be called when
preempt is disabled, but it's a useful debugging tool to not do that.
And, of course, disabling preemption widely kind of defeats the point
of having a preemptive kernel 8(
I really wish the security guys had gone down the macro path, with
something like
#define security_check(func, default_val, ...)
({ if (try_inc_mod_count(security_ops->owner))
security_ops->func(__VA_ARGS__);
else
default_val;
})
This also allows the whole thing to vanish if
CONFIG_SECURITY_CAPABILITIES=n, and allows more flexibility for
schemes like "always run with preemption disabled around security ops"
or whatever, rather than having to search for all the references to
security_ops.
Cheers,
Rusty.
-- Anyone who quotes me in their sig is an idiot. -- Rusty Russell. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/