From: "Michal Koutný" <mkoutny@suse.com>
To: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
bpf@vger.kernel.org, cake@lists.bufferbloat.net
Cc: "David S . Miller" <davem@davemloft.net>,
"Eric Dumazet" <edumazet@google.com>,
"Jakub Kicinski" <kuba@kernel.org>,
"Paolo Abeni" <pabeni@redhat.com>,
"Jamal Hadi Salim" <jhs@mojatatu.com>,
"Cong Wang" <xiyou.wangcong@gmail.com>,
"Jiri Pirko" <jiri@resnulli.us>,
"Alexei Starovoitov" <ast@kernel.org>,
"Daniel Borkmann" <daniel@iogearbox.net>,
"Andrii Nakryiko" <andrii@kernel.org>,
"Martin KaFai Lau" <martin.lau@linux.dev>,
"Song Liu" <song@kernel.org>,
"Yonghong Song" <yonghong.song@linux.dev>,
"John Fastabend" <john.fastabend@gmail.com>,
"KP Singh" <kpsingh@kernel.org>,
"Stanislav Fomichev" <sdf@google.com>,
"Hao Luo" <haoluo@google.com>, "Jiri Olsa" <jolsa@kernel.org>,
"Toke Høiland-Jørgensen" <toke@toke.dk>,
"Vinicius Costa Gomes" <vinicius.gomes@intel.com>,
"Stephen Hemminger" <stephen@networkplumber.org>,
"Petr Pavlu" <ppavlu@suse.cz>,
"Michal Kubecek" <mkubecek@suse.cz>,
"Martin Wilck" <mwilck@suse.com>
Subject: [PATCH v3 3/4] net/sched: Load modules via their alias
Date: Fri, 12 Jan 2024 19:06:45 +0100 [thread overview]
Message-ID: <20240112180646.13232-4-mkoutny@suse.com> (raw)
In-Reply-To: <20240112180646.13232-1-mkoutny@suse.com>
The cls_,sch_,act_ modules may be loaded lazily during network
configuration but without user's awareness and control.
Switch the lazy loading from canonical module names to a module alias.
This allows finer control over lazy loading, the precedent from
commit 7f78e0351394 ("fs: Limit sys_mount to only request filesystem
modules.") explains it already:
Using aliases means user space can control the policy of which
filesystem^W net/sched modules are auto-loaded by editing
/etc/modprobe.d/*.conf with blacklist and alias directives.
Allowing simple, safe, well understood work-arounds to known
problematic software.
By default, nothing changes. However, if a specific module is
blacklisted (its canonical name), it won't be modprobe'd when requested
under its alias (i.e. kernel auto-loading). It would appear as if the
given module was unknown.
The module can still be loaded under its canonical name, which is an
explicit (privileged) user action.
Signed-off-by: Michal Koutný <mkoutny@suse.com>
---
net/sched/act_api.c | 2 +-
net/sched/cls_api.c | 2 +-
net/sched/sch_api.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/net/sched/act_api.c b/net/sched/act_api.c
index c39252d61ebb..463bc1109c45 100644
--- a/net/sched/act_api.c
+++ b/net/sched/act_api.c
@@ -1331,7 +1331,7 @@ struct tc_action_ops *tc_action_load_ops(struct nlattr *nla, bool police,
#ifdef CONFIG_MODULES
if (rtnl_held)
rtnl_unlock();
- request_module("act_%s", act_name);
+ request_module("net-act-%s", act_name);
if (rtnl_held)
rtnl_lock();
diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c
index 1976bd163986..14e20948273a 100644
--- a/net/sched/cls_api.c
+++ b/net/sched/cls_api.c
@@ -257,7 +257,7 @@ tcf_proto_lookup_ops(const char *kind, bool rtnl_held,
#ifdef CONFIG_MODULES
if (rtnl_held)
rtnl_unlock();
- request_module("cls_%s", kind);
+ request_module("net-cls-%s", kind);
if (rtnl_held)
rtnl_lock();
ops = __tcf_proto_lookup_ops(kind);
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c
index e9eaf637220e..9bc03d22f155 100644
--- a/net/sched/sch_api.c
+++ b/net/sched/sch_api.c
@@ -1246,7 +1246,7 @@ static struct Qdisc *qdisc_create(struct net_device *dev,
* go away in the mean time.
*/
rtnl_unlock();
- request_module("sch_%s", name);
+ request_module("net-sch-%s", name);
rtnl_lock();
ops = qdisc_lookup_ops(kind);
if (ops != NULL) {
--
2.43.0
next prev parent reply other threads:[~2024-01-12 18:06 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-12 18:06 [PATCH v3 0/4] net/sched: Load modules via alias Michal Koutný
2024-01-12 18:06 ` [PATCH v3 1/4] net/sched: Add helper macros with module names Michal Koutný
2024-01-12 18:38 ` Pedro Tammela
2024-01-15 12:16 ` Michal Koutný
2024-01-12 18:06 ` [PATCH v3 2/4] net/sched: Add module aliases for cls_,sch_,act_ modules Michal Koutný
2024-01-12 18:06 ` Michal Koutný [this message]
2024-01-12 18:06 ` [PATCH v3 4/4] net/sched: Remove aliases of act_xt and sch_clsact Michal Koutný
2024-01-13 1:33 ` [PATCH v3 0/4] net/sched: Load modules via alias Jakub Kicinski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240112180646.13232-4-mkoutny@suse.com \
--to=mkoutny@suse.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=cake@lists.bufferbloat.net \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=haoluo@google.com \
--cc=jhs@mojatatu.com \
--cc=jiri@resnulli.us \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mkubecek@suse.cz \
--cc=mwilck@suse.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=ppavlu@suse.cz \
--cc=sdf@google.com \
--cc=song@kernel.org \
--cc=stephen@networkplumber.org \
--cc=toke@toke.dk \
--cc=vinicius.gomes@intel.com \
--cc=xiyou.wangcong@gmail.com \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.