There isn't such a thing as a small race. Either there is a race or there
is no race. 'Should usually work' is not enough, especially when security
is concerned.
> > - Error handling. What do you do if the invocation ends in EIO ?
>
> Which invocation? From /sbin/hotplug?
Yes.
This is a serious problem. Your scheme has very nasty failure modes.
By implementing this in user space you are introducing additional
failure modes.
- You need disk access -> EIO
- You have no control over memory allocation -> ENOMEM, EIO in swap space
Usually I'd not care about EIO, but here security is threatened. EIO crashing
the system under some circumstances is inevitable, EIO opening a security
hole is not acceptable however.
> > - Performance. What happens if you plug in 4000 disks at once?
>
> You crash your power supply :)
>
> Seriously, the kernel spawns 4000 instances of /sbin/hotplug just like
> it always does. I'm working on keeping udev from spawning anything else
> to keep the process cound down (right now it fork/execs for mknod, but
> that was just me being lazy.)
4000 spawnings is 32MB for kernel stacks alone.
You cannot assume that resources will be sufficient for that.
That again is a serious problem, because you cannot resync.
If you lose a 'remove' event you're screwed.
And of course, what do you do if the driver is not yet loaded?
Regards
Oliver
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/