The topic of module unload races - where the kernel can end up calling into
a module which has been removed - comes back occasionally. Much work has
been done in 2.5 to reduce and eliminate these races. Part of that effort was
moving module reference counting outside of the modules themselves. The
result was a safer scheme, but one which imposes new requirements on kernel
code which calls into modules. In some kernel subsystems (networking), the
maintainers have decided that there is no need to worry about reference
counting for modules; they simply ignore it.
Enter Rusty Russell. Since the reference counts are seen to be a pain, and
some code isn't using them at all, why not simply get rid of them? He has
submitted a patch which does exactly that.
Of course, the issue of how to safely remove modules remains. Without
reference counts, how does the kernel know when it can actually get rid of
a particular module? With Rusty's patch, a different approach is taken:
modules are never actually removed. If an administrator invokes
rmmod, the module's cleanup function will be called and all kernel
knowledge of the module will go away - but the module code itself will
remain in the kernel. The patch thus sacrifices some system memory on
every unload as a way of avoiding unload races.
Some developers liked this patch, others didn't. For a kernel hacker who
is debugging a module, a little lost memory for each load/unload cycle is
probably not a big problem; the system will likely be rebooted soon
anyway. The patch does present a bigger problem for Linux installers,
however; many of these do hardware detection by loading almost every module
available and seeing which ones actually find something. On a "small"
system (that is, say, 64MB), it is possible that some distribution
installers would simply run out of memory and die.
Rusty proposed adding a special rmmod option which would clean up
memory left behind by deleted modules (while also marking the kernel
tainted). For now, however, all of this has been made irrelevant by Linus,
who decreed: "First off - we're not
changing fundamental module stuff any more." This statement drew an amused response from Rusty ("OK. Who
are you and what have you done with the real Linus?"), but the
general sigh of relief from most kernel hackers could be heard worldwide.
It seems that Linus is truly holding the line and keeping out potentially
disruptive changes this time around.
to post comments)