Oliver Neukum <oliver@xxxxxxxxxx> wrote: > > Am Sonntag, 19. Februar 2006 22:02 schrieb Andrew Morton: > > Oliver Neukum <oliver@xxxxxxxxxx> wrote: > > > > > > Am Sonntag, 19. Februar 2006 21:02 schrieb Andrew Morton: > > > > For a), the current kernel behaviour is what we want - make the thing > > > > appear at a new place in the namespace and in the hierarchy. Then > > > > userspace can do whatever needs to be done to identify the device, and > > > > apply some sort of policy decision to the result. > > > > > > How? If you have a running user space the connection to the open files > > > is already severed, as any access in that time window must fail. > > > > That's a separate issue, which we haven't discussed yet. We have a device > > which has gone away and which might come back later on. Presently we will > > return an I/O error if I/O is attempted in that window. Obviously we'll > > need to do something different, such as block reads and block or defer writes. > > But how do you handle memory management? > If you simply block writes, the system will stall random tasks laundering > pages, including those needed to make progress. Even syncing before > suspend won't help you, as a running user space may dirty pages. Well of _course_ that will happen. If we have dirty pages we need to either keep them in memory or lose them. If someone wants to run a massive memory stresstest, unplug the disks in the middle of it and have the machine serenely sail along as if nothing happened then they're being unreasonable. > And what about the rootfs? If you disconnect that then everything stops until you reconnect it, provided all the tools needed to handle the reconnect are in the correct place - if the system providers got that wrong then the machine is obviously toast. Your questions boil down to "what if the user is crazy or the implementation is buggy?". Let's assume neither is true, OK?