Tejun Heo <tj@xxxxxxxxxx> writes: > Eric W. Biederman wrote: >> Also, I'm quite uncomfortable with these things >>> being done in non-atomic manner. It can be made to work but things >>> like this can lead to subtle race conditions and with the kind of >>> layering we put on top of sysfs (kobject, driver model, driver >>> midlayers and so on), it isn't all that easy to verify what's going >>> on, so NACK for this one. >> >> Total nonsense. >> >> Mucking about with sysfs after we start deleting a directory is a bug. >> At worst my change makes a buggy race slightly less deterministic. >> >> I am not ready to consider keeping the current unnecessary atomic >> removal step. That unnecessary atomicity makes the following patches >> more difficult, and requires a lot of unnecessary retesting. >> >> What do you think the extra unnecessary atomicity helps protect? > > It's just not a clean API. When people are trying to code things way > up in the stack, they aren't likely to look up the code to see what > assumptions are being made especially when the stack is deep and > complex and sysfs is near the bottom of the tall stack. IMHO > implementing the usually expected semantics at this depth is worth > every effort. It's just good implementation style which might look > like wasted effort but will harden the stack in the long run. Plus, > it's not like making it atomic is difficult or anything. I guess we are going to have to disagree on this one. My take is simply that a correct user has to wait until no one else can find the kobject before calling kobject_del. At which point races are impossible, and it doesn't matter if sysfs_mutex is held across the entire operation. For the long term I still intend to kill __sysfs_remove_dir. Just not in this patch series. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
