From: Johannes Berg > Sent: 09 October 2020 09:19 > > On Fri, 2020-10-09 at 10:16 +0200, Greg KH wrote: > > On Fri, Oct 09, 2020 at 10:06:14AM +0200, Johannes Berg wrote: > > > We used to say the proxy_fops weren't needed and it wasn't an issue, and > > > then still implemented it. Dunno. I'm not really too concerned about it > > > myself, only root can hold the files open and remove modules ... > > > > proxy_fops were needed because devices can be removed from the system at > > any time, causing their debugfs files to want to also be removed. It > > wasn't because of unloading kernel code. > > Indeed, that's true. Still, we lived with it for years. > > Anyway, like I said, I really just did this more to see that it _could_ > be done, not to suggest that it _should_ :-) > > I think adding the .owner everywhere would be good, and perhaps we can > somehow put a check somewhere like > > WARN_ON(is_module_address((unsigned long)fops) && !fops->owner); > > to prevent the issue in the future? Does it ever make any sense to set .owner to anything other than THIS_MODULE? If not the code that saves the 'struct file_operations' address ought to be able to save the associated module. I was also wondering if this affects normal opens? They should hold a reference on the module to stop it being unloaded. Does that rely on .owner being set? For debugfs surely it is possible to determine and save THIS_MODULE when he nodes are registers and do a try_module_get() in the open? David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
