Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Linda Walsh]

I had this config'ed out in 2.6.15 for machine that didn't have
any hotpluggable devices.  It is also configured with all the
modules it needs and has kernel-module loading disabled.

What has changed in 2.6.16 that my "static" machine now
needs hotplugging?  As I understand it, hotplugging requires 
application-level support code (in /etc/) and a special
application level "demon" to run in order to support these
requests.

I'd prefer my kernel not to be dependent on a run-time demon
to load "arbitrary" (user defined) segments of code that could
come from any source -- usually outside the vanilla kernel tree.

If I don't want a specific kernel or machine to be dynamically
reconfigurable after boot, why do I need to build in a mechanism for
runtime loading of modules?

Linda

Re: Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Jan Engelhardt]

>
> I had this config'ed out in 2.6.15 for machine that didn't have
> any hotpluggable devices.  It is also configured with all the
> modules it needs and has kernel-module loading disabled.
>

Do you use swsusp?


Jan Engelhardt
-- 

Re: Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Adrian Bunk]

On Thu, Mar 23, 2006 at 09:03:03PM -0800, Linda Walsh wrote:
> I had this config'ed out in 2.6.15 for machine that didn't have
> any hotpluggable devices.  It is also configured with all the
> modules it needs and has kernel-module loading disabled.
> 
> What has changed in 2.6.16 that my "static" machine now
> needs hotplugging?  As I understand it, hotplugging requires 
> application-level support code (in /etc/) and a special
> application level "demon" to run in order to support these
> requests.
> 
> I'd prefer my kernel not to be dependent on a run-time demon
> to load "arbitrary" (user defined) segments of code that could
> come from any source -- usually outside the vanilla kernel tree.
> 
> If I don't want a specific kernel or machine to be dynamically
> reconfigurable after boot, why do I need to build in a mechanism for
> runtime loading of modules?

- hotplugging devices != module loading
- CONFIG_HOTPLUG does not load any code into the kernel.
- hotplugging devices can work without any userspace support

As an example, hotplugging an USB hard disk works fine with 
CONFIG_MODULES=n and without any userspace support (assuming
a static /dev).

> Linda

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

Re: Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Linda Walsh]

Adrian Bunk wrote:
> - hotplugging devices != module loading
> - CONFIG_HOTPLUG does not load any code into the kernel.
> - hotplugging devices can work without any userspace support
>
> As an example, hotplugging an USB hard disk works fine with 
> CONFIG_MODULES=n and without any userspace support (assuming
> a static /dev).
>   
---
    Ah, I see.   But if I have no USB hard disk to plug in?
Should I still be compiling in HOTPLUG?  Seems a waste.
Thanks for the example though...

-linda

Re: Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Linda Walsh]

Jan Engelhardt wrote:
> Do you use swsusp?
>
---
    Nep.  It's acting as a server :-).  It's also SMP, does
that work with SWSUSP?  Guess it has to now that laptops
have dual CPU's.  In fact that that makes me wonder: how well
do the SMP laptops do power management under linux?  Back
when I had a dual boot laptop, I seem to remember linux getting
about 25-33% more uptime. 

-l

Re: Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Jim Crilly]

On 03/26/06 01:42:36AM -0800, Linda Walsh wrote:
> Adrian Bunk wrote:
> >- hotplugging devices != module loading
> >- CONFIG_HOTPLUG does not load any code into the kernel.
> >- hotplugging devices can work without any userspace support
> >
> >As an example, hotplugging an USB hard disk works fine with 
> >CONFIG_MODULES=n and without any userspace support (assuming
> >a static /dev).
> >  
> ---
>    Ah, I see.   But if I have no USB hard disk to plug in?
> Should I still be compiling in HOTPLUG?  Seems a waste.
> Thanks for the example though...
> 
> -linda

But what about USB keyboards and mice? IIRC at least some of the newer
servers where I work don't come with PS/2 ports anymore.

Jim.

Re: Security downgrade? CONFIG_HOTPLUG required in 2.6.16?

[Linda Walsh]

Jim Crilly wrote:
> But what about USB keyboards and mice? IIRC at least some of the newer
> servers where I work don't come with PS/2 ports anymore.
>   
---
    I have basic USB serial-I/O support built-in to my kernel:
it needs to monitor a USB-based UPS.  Would a keyboard/mouse
require more support than to simply be compiled in?

    I had a laptop that only had a 10Mb-ethernet built-in. 
When it became a few years old, I switched to using a PCMCIA
card for 100Mb-ethernet.  I never used the laptop's internal
port anymore but always used the pluggable card.  PCMCIA was
still outside the kernel then, so my quick & easy solution was
to not compile in the 10BT device and use the in-kernel driver
for the 3com based 100BT card.  I didn't need the "hot plugging"
capabilities of PCMCIA -- the kernel just called the new device
"eth0", and used it as a "permanent device".

    If a computer uses USB I/O for basic console operations,
can't those drivers be statically built-in?

-linda