2008/5/9 Sean Sprague <[EMAIL PROTECTED]>: > > The fact that if a driver returns a fail on detach() then it will not be > unloaded strikes me as being nasty. The phrase "trojan horse" comes to > mind... Whilst I guess that it is not straightforward for the kernel to > "decide" when a manlfunctioning (or malevolent (or just badly coded ;-) )) > driver should be forcibly ejected, I suspect that there should be some means > of achieving this. >
Think of a driver as part of the kernel. The kernel cannot just forcibly unload part of itself; it's not modular to this level. One could consider running drivers in user-land (essentially as daemons) so that they could be killed if they detectably malfunctioned, and so that they would not necessarily bring down the system should they crash. This *has* been considered at least a couple of times in my recent memory, but it brings with it a lot of challenges and usually kills system performance. Paul -- Paul Durrant http://www.linkedin.com/in/pdurrant _______________________________________________ opensolaris-code mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
