From: Greg KH <gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>
To: Peter Zijlstra <peterz-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>
Cc: kstewart-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org,
oneukum-IBi9RG/b67k@public.gmane.org,
linux-aspeed-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org,
usb-storage-ijkIwGHArpdIPJnuZ7Njw4oP9KaGy4wf@public.gmane.org,
Toru Komatsu <k0ma-h7Lmzv2voGl4Eiagz67IpQ@public.gmane.org>,
Mauro Carvalho Chehab
<mchehab+samsung-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Nicolas Ferre
<nicolas.ferre-UWL1GkI3JZL3oGB3hsPCZA@public.gmane.org>,
David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
yamada.masahiro-uWyLwvC0a2jby3iVrkZq2A@public.gmane.org,
Will Deacon <will-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
patches-yzvPICuk2AA4QjBA90+/kJqQE7yCjDx5@public.gmane.org,
Michael Ellerman <mpe-Gsx/Oe8HsFggBc27wqDAHg@public.gmane.org>,
hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org,
joel-QYYGw3jwrUn5owFQY34kdNi2O/JbrIOy@public.gmane.org,
bcm-kernel-feedback-list-dY08KVG/lbpWk0Htik3J/w@public.gmane.org,
sam-uyr5N9Q2VtJg9hUCZPvPmw@public.gmane.org,
cocci-/FJkirnvOdkvYVN+rsErww@public.gmane.org,
linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-samsung-soc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Benjamin Fair
<benjaminfair-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
linux-scsi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Fabio Estevam <festevam-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
openbmc-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org,
x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
lucas.de.marchi-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org,
Nancy Yuen <yuenn-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
geert-Td1EMuHUCqxL1ZNQvxDV9g@public.gmane.org,
NXP Linux Team <linux-imx-3arQi8VN3Tc@public.gmane.org>,
Johan
Subject: Re: [PATCH v3 00/11] Symbol Namespaces
Date: Wed, 21 Aug 2019 06:38:46 -0700 [thread overview]
Message-ID: <20190821133846.GC4890@kroah.com> (raw)
In-Reply-To: <20190821131140.GC2349-Nxj+rRp3nVydTX5a5knrm8zTDFooKrT+cvkQGrU6aU0@public.gmane.org>
On Wed, Aug 21, 2019 at 03:11:40PM +0200, Peter Zijlstra wrote:
> On Wed, Aug 21, 2019 at 12:49:15PM +0100, Matthias Maennich wrote:
> > As of Linux 5.3-rc5, there are 31205 [1] exported symbols in the kernel.
> > That is a growth of roughly 1000 symbols since 4.17 (30206 [2]). There
> > seems to be some consensus amongst kernel devs that the export surface
> > is too large, and hard to reason about.
> >
> > Generally, these symbols fall in one of these categories:
> > 1) Symbols actually meant for drivers
> > 2) Symbols that are only exported because functionality is split over
> > multiple modules, yet they really shouldn't be used by modules outside
> > of their own subsystem
> > 3) Symbols really only meant for in-tree use
> >
> > When module developers try to upstream their code, it regularly turns
> > out that they are using exported symbols that they really shouldn't be
> > using. This problem is even bigger for drivers that are currently
> > out-of-tree, which may be using many symbols that they shouldn't be
> > using, and that break when those symbols are removed or modified.
> >
> > This patch allows subsystem maintainers to partition their exported
> > symbols into separate namespaces, and module authors to import such
> > namespaces only when needed.
> >
> > This allows subsystem maintainers to more easily limit availability of
> > these namespaced symbols to other parts of the kernel. It can also be
> > used to partition the set of exported symbols for documentation
> > purposes; for example, a set of symbols that is really only used for
> > debugging could be in a "SUBSYSTEM_DEBUG" namespace.
>
> I'm missing how one can prohibit these random out of tree modules from
> doing MODULE_IMPORT_NS().
Nothing, but then they are explicitly being "bad" :)
> That is; suppose I stick all the preempt_notifier symbols in a KVM
> namespace, how do I enforce no out-of-tree modules ever do
> MODULE_IMPORT_NS(KVM) and gain access?
>
> (the above would basically break virtualbox, which I knows uses preempt
> notifiers too, but I don't give a rats arse about that)
It's a huge red flag for anyone reviewing the code that this module is
doing something it probably really should not be doing at all. It will
make reviewing code easier, this isn't there to try to "prevent bad
actors" at all, sorry.
thanks,
greg k-h
next prev parent reply other threads:[~2019-08-21 13:38 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20190813121733.52480-1-maennich@google.com>
[not found] ` <20190813121733.52480-1-maennich-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2019-08-21 11:49 ` [PATCH v3 00/11] Symbol Namespaces Matthias Maennich
[not found] ` <20190821114955.12788-1-maennich-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2019-08-21 11:49 ` [PATCH v3 11/11] RFC: watchdog: export core symbols in WATCHDOG_CORE namespace Matthias Maennich
[not found] ` <20190821114955.12788-12-maennich-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
2019-08-21 12:39 ` Greg KH
2019-08-21 14:59 ` Guenter Roeck
[not found] ` <20190821145911.GA6521-0h96xk9xTtrk1uMJSBkQmQ@public.gmane.org>
2019-08-21 16:28 ` Matthias Maennich
2019-08-21 12:46 ` [PATCH v3 00/11] Symbol Namespaces Nicolas Pitre
[not found] ` <nycvar.YSQ.7.76.1908210840490.19480-fMhRO7WWcppj+hNMo8g0rg@public.gmane.org>
2019-08-21 13:37 ` Greg KH
[not found] ` <20190821133737.GB4890-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2019-08-21 20:48 ` Nicolas Pitre
2019-08-21 13:11 ` Peter Zijlstra
[not found] ` <20190821131140.GC2349-Nxj+rRp3nVydTX5a5knrm8zTDFooKrT+cvkQGrU6aU0@public.gmane.org>
2019-08-21 13:38 ` Greg KH [this message]
[not found] ` <20190821133846.GC4890-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2019-08-21 14:03 ` Matthias Maennich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190821133846.GC4890@kroah.com \
--to=gregkh-hqyy1w1ycw8ekmwlsbkhg0b+6bgklq7r@public.gmane.org \
--cc=bcm-kernel-feedback-list-dY08KVG/lbpWk0Htik3J/w@public.gmane.org \
--cc=benjaminfair-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
--cc=cocci-/FJkirnvOdkvYVN+rsErww@public.gmane.org \
--cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=festevam-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=geert-Td1EMuHUCqxL1ZNQvxDV9g@public.gmane.org \
--cc=hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org \
--cc=joel-QYYGw3jwrUn5owFQY34kdNi2O/JbrIOy@public.gmane.org \
--cc=k0ma-h7Lmzv2voGl4Eiagz67IpQ@public.gmane.org \
--cc=kstewart-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org \
--cc=linux-arch-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-aspeed-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org \
--cc=linux-imx-3arQi8VN3Tc@public.gmane.org \
--cc=linux-samsung-soc-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-scsi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=lucas.de.marchi-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=mchehab+samsung-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=mpe-Gsx/Oe8HsFggBc27wqDAHg@public.gmane.org \
--cc=nicolas.ferre-UWL1GkI3JZL3oGB3hsPCZA@public.gmane.org \
--cc=oneukum-IBi9RG/b67k@public.gmane.org \
--cc=openbmc-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org \
--cc=patches-yzvPICuk2AA4QjBA90+/kJqQE7yCjDx5@public.gmane.org \
--cc=peterz-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=sam-uyr5N9Q2VtJg9hUCZPvPmw@public.gmane.org \
--cc=usb-storage-ijkIwGHArpdIPJnuZ7Njw4oP9KaGy4wf@public.gmane.org \
--cc=will-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=yamada.masahiro-uWyLwvC0a2jby3iVrkZq2A@public.gmane.org \
--cc=yuenn-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).