Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> writes: > On Wed, Apr 15, 2009 at 07:18:44AM -0700, Eric W. Biederman wrote: >> >> So holding the reference only blocks us indefinitely in >> netdev_wait_allrefs, blocking the network namespace exit, and holding >> net_mutex indefinitely. > > OK that's a killer because process A in my previous scenario can > kill the device itself and cause a dead-lock. > > So how about this? We replace the dev destructor with our own that > doesn't immediately call free_netdev. We only call free_netdev once > all tun fd's attached to the device have been closed. > > This can be achieved by simply adding a counter to tun_struct. > We'd also change the async detach path to set a marker instead > of detaching. That marker can then be checked in places like > tun_get. That sounds like it would work, and allow us to have big tun_struct. Which is sounds simpler overall. I still have the feeling that putting the socket in tun_file instead of in tun_struct might be conceptually cleaner, but one big blob that is allocated and destroyed together is certainly easier and a lot less racy to deal with. Eric _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/virtualization
