Re: [LTP] [PATCH 4/4] can_bcm01: Move vcan to .modprobe

[Petr Vorel <pvorel@suse.cz>]

Hi Richie,

> Hello,

> Petr Vorel <pvorel@suse.cz> writes:

...
> >  testcases/network/can/cve/can_bcm01.c | 19 ++++++++++---------
> >  	addr.can_ifindex = NETDEV_INDEX_BY_NAME(LTP_DEVICE);
> > @@ -143,10 +135,19 @@ static struct tst_test test = {
> >  	.skip_in_compat = 1,
> >  	.max_runtime = 30,
> >  	.needs_drivers = (const char *const[]) {
> > -		"vcan",
> >  		"can-bcm",
> >  		NULL
> >  	},
> > +	/*
> > +	 * Older kernels require explicit modprobe of vcan. Newer kernels
> > +	 * will load the modules automatically and support CAN in network
> > +	 * namespace which would eliminate the need for running the test
> > +	 * with root privileges.
> > +	 */

> This comment is wrong and can be removed. It also (or only?) depends on
> kernel config whether modules are loaded automatically. It is a security
> feature to remove automatic modprobe. IDK if older kernels lacked auto
> module loading.

Yes, "blacklist foo" in /etc/modprobe.d/*.conf. Actually loading kernel modules
with modprobe will detect problems which checking with .needs_drivers or
.needs_kconfigs does not detect. e.g. the problems with missing modules on
openSUSE JeOS.

But as I wrote elsewhere [1], with explicit loading we don't test module
auto-loading. The approach we have now, that load modules only when needed is
IMHO better. But maybe I'm wrong.

Kind regards,
Petr

[1] https://lore.kernel.org/ltp/20231103121201.GA1005170@pevik/

> > +	.modprobe = (const char *const[]) {
> > +		"vcan",
> > +		NULL
> > +	},
> >  	.tags = (const struct tst_tag[]) {
> >  		{"linux-git", "d5f9023fa61e"},
> >  		{"CVE", "2021-3609"},

-- 
Mailing list info: https://lists.linux.it/listinfo/ltp