On Mon, Apr 25, 2022 at 8:01 AM Jakub Kicinski <kuba@xxxxxxxxxx> wrote: > > On Mon, 25 Apr 2022 16:49:34 +0200 Jann Horn wrote: > > > Doesn't mean we should make it legal. We can add a warning to catch > > > abuses. > > > > That was the idea with > > https://lore.kernel.org/netdev/20220128014303.2334568-1-jannh@xxxxxxxxxx/, > > but I didn't get any replies when I asked what the precise semantics > > of dev_hold() are supposed to be > > (https://lore.kernel.org/netdev/CAG48ez1-OyZETvrYAfaHicYW1LbrQUVp=C0EukSWqZrYMej73w@xxxxxxxxxxxxxx/), > > so I don't know how to proceed... > > Yeah, I think after you pointed out that the netdev per cpu refcounting > is fundamentally broken everybody decided to hit themselves with the > obliviate spell :S dev_hold() has been an increment of a refcount, and dev_put() a decrement. Not sure why it is fundamentally broken. There are specific steps at device dismantles making sure no more users can dev_hold() It is a contract. Any buggy layer can overwrite any piece of memory, including a refcount_t. Traditionally we could not add a test in dev_hold() to prevent an increment if the device is in dismantle phase. Maybe the situation is better nowadays.
