On Thu, Sep 19, 2019 at 11:19:22AM +0000, Horia Geanta wrote: > > What should a driver do when: > -user tries to unbind it AND > -there are tfms referencing algorithms registered by this driver > > 1. If driver tries to unregister the algorithms during its .remove() > callback, then this BUG_ON is hit: > > int crypto_unregister_alg(struct crypto_alg *alg) > { > [...] > BUG_ON(refcount_read(&alg->cra_refcnt) != 1); You must not unregister the algorithm until it's no longer in use. Normally we enforce this using module reference counts. For hardware devices that need to be unregistered without unloading the module at the same time, you will need your own reference counting to determine when unregistration can be carried out. But it must be carefully done so that it is not racy. > 2. If driver exits without unregistering the algorithms, > next time one of the tfms referencing those algorithms will be used > bad things will happen. Well remember hardware devices can always go away (e.g., dead or unplugged) so the driver must do something sensible when that happens. If this happened on a live tfm then further operations should ideally fail and any outstanding requests should also fail in a timely manner. > 3. There is no mechanism in crypto core for notifying users > to stop using a tfm. For software implementations we use the module reference count as the mechanism to signal that an algorithm is going away. In particular try_module_get (and consequently crypto_mod_get) will fail when the module is being unregistered. We should extend this to cover hardware devices. Perhaps we can introduce a callback in crypto_alg that crypto_mod_get can invoke which would then fail if the device is going away (or has gone away). Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt