Re: [PATCH] kmod: Pass usermodehelper "-b" to use blacklist commands

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rusty Russell <rusty@rustcorp.com.au>
To: Andrew Morton <akpm@linux-foundation.org>,
	Oleg Nesterov <oleg@redhat.com>
Cc: Kirill Tkhai <ktkhai@parallels.com>,
	linux-kernel@vger.kernel.org, Ingo Molnar <mingo@kernel.org>,
	tkhai@yandex.ru
Subject: Re: [PATCH] kmod: Pass usermodehelper "-b" to use blacklist commands
Date: Wed, 07 May 2014 10:53:37 +0930	[thread overview]
Message-ID: <877g5ybcva.fsf@rustcorp.com.au> (raw)
In-Reply-To: <20140506155428.6f8602726560c21ff099e28c@linux-foundation.org>

Andrew Morton <akpm@linux-foundation.org> writes:
> On Tue, 6 May 2014 19:31:36 +0200 Oleg Nesterov <oleg@redhat.com> wrote:
>
>> On 05/06, Kirill Tkhai wrote:
>> >
>> > User may want to prohibit autoloading of some modules,
>> > which happens when someone in kernel calls request_module().
>> >
>> > For comparison, udev considers blacklist even if corresponding
>> > hardware presents in the system. In-kernel request_module()
>> > functionality is rather similar to udev's, so user may want
>> > to disallow it too.
>> 
>> Personally, I am always nervous (perhaps too much) when it comes to the
>> user-visible changes like this.
>> 
>> And if a user/distro wants "-b" it can create a simple script which just
>> execs /sbin/modprobe with "-b" and overwrite /proc/sys/kernel/modprobe.
>> 
>> OTOH. What if /proc/sys/kernel/modprobe points to a binary which is not
>> /sbin/modprobe and doesn't expect "-b" ? This can break things.
>> 
>
> Yup.  Perhaps the kernel should provide modprobe with a reliable way of
> knowing "you were called by the kernel" (if there isn't presently a
> way) and let modprobe work out what to do.

Indeed, this is a non-starter.

Cheers,
Rusty.

     prev parent reply	other threads:[~2014-05-07  5:58 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-05-06  8:03 [PATCH] kmod: Pass usermodehelper "-b" to use blacklist commands Kirill Tkhai
2014-05-06 17:31 ` Oleg Nesterov
2014-05-06 22:54   ` Andrew Morton
2014-05-07  1:23     ` Rusty Russell [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=877g5ybcva.fsf@rustcorp.com.au \
    --to=rusty@rustcorp.com.au \
    --cc=akpm@linux-foundation.org \
    --cc=ktkhai@parallels.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=oleg@redhat.com \
    --cc=tkhai@yandex.ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.