On 2023-12-21 10:42 am, Lukas Wunner wrote:
On Wed, Dec 13, 2023 at 11:54:05AM +0000, Robin Murphy wrote:
I think if we want to ensure ATCs are invalidated on hot-unplug we need an
additional pre-removal notifier to take care of that, and that step would
then want to distinguish between an orderly removal where cleaning up is
somewhat meaningful, and a surprise removal where it definitely isn't.
Even if a user starts the process for orderly removal, the device may be
surprise-removed *during* that process. So we cannot assume that the
device is actually accessible if orderly removal has been initiated.
If the form factor supports surprise removal, the device may be gone
at any time.
Sure, whatever we do there's always going to be some unavoidable
time-of-check-to-time-of-use race window so we can never guarantee that
sending a request to the device will succeed. I was just making the
point that if we *have* already detected a surprise removal, then
cleaning up its leftover driver model state should still generate a
BUS_NOTIFY_REMOVE_DEVICE call, but in that case we can know there's no
point trying to send any requests to the device that's already gone.
Thanks,
Robin.
