> Sure. One way is for the driver to single thread itself before calling > mac_register, but if that is a pain because mac_register can fail, and > the driver has to undo its actions, your proposal of separating the > unregister from the free is fine and solves that.
I presume you mean mac_unregister() above? When I was originally talking through this problem with Seb (which led to mac_condemn()), my contention was that the very notion that a destructive operation can fail represents a design flaw (indeed, we have many of these in Unix -- close(2) being the most notable). The introduction of mac_condemn() should make it possible to ensure that mac_unregister() *will* not fail (short of passing it bogus arguments or other minutia), thus eliminating any need to worry about undoing partial teardowns. -- meem _______________________________________________ networking-discuss mailing list [email protected]
