From: David Miller <davem@davemloft.net>
To: lucien.xin@gmail.com
Cc: netdev@vger.kernel.org, edumazet@google.com,
marcelo.leitner@gmail.com, phil@nwl.cc, sd@queasysnail.net
Subject: Re: [PATCHv3 net] sock_diag: request _diag module only when the family or proto has been registered
Date: Mon, 12 Mar 2018 11:04:08 -0400 (EDT) [thread overview]
Message-ID: <20180312.110408.668395939190101205.davem@davemloft.net> (raw)
In-Reply-To: <4e399f4124bdf8ac004235e685aa7677494d48e8.1520679470.git.lucien.xin@gmail.com>
From: Xin Long <lucien.xin@gmail.com>
Date: Sat, 10 Mar 2018 18:57:50 +0800
> Now when using 'ss' in iproute, kernel would try to load all _diag
> modules, which also causes corresponding family and proto modules
> to be loaded as well due to module dependencies.
>
> Like after running 'ss', sctp, dccp, af_packet (if it works as a module)
> would be loaded.
>
> For example:
>
> $ lsmod|grep sctp
> $ ss
> $ lsmod|grep sctp
> sctp_diag 16384 0
> sctp 323584 5 sctp_diag
> inet_diag 24576 4 raw_diag,tcp_diag,sctp_diag,udp_diag
> libcrc32c 16384 3 nf_conntrack,nf_nat,sctp
>
> As these family and proto modules are loaded unintentionally, it
> could cause some problems, like:
>
> - Some debug tools use 'ss' to collect the socket info, which loads all
> those diag and family and protocol modules. It's noisy for identifying
> issues.
>
> - Users usually expect to drop sctp init packet silently when they
> have no sense of sctp protocol instead of sending abort back.
>
> - It wastes resources (especially with multiple netns), and SCTP module
> can't be unloaded once it's loaded.
>
> ...
>
> In short, it's really inappropriate to have these family and proto
> modules loaded unexpectedly when just doing debugging with inet_diag.
>
> This patch is to introduce sock_load_diag_module() where it loads
> the _diag module only when it's corresponding family or proto has
> been already registered.
>
> Note that we can't just load _diag module without the family or
> proto loaded, as some symbols used in _diag module are from the
> family or proto module.
>
> v1->v2:
> - move inet proto check to inet_diag to avoid a compiling err.
> v2->v3:
> - define sock_load_diag_module in sock.c and export one symbol
> only.
> - improve the changelog.
>
> Reported-by: Sabrina Dubroca <sd@queasysnail.net>
> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
> Acked-by: Phil Sutter <phil@nwl.cc>
> Acked-by: Sabrina Dubroca <sd@queasysnail.net>
> Signed-off-by: Xin Long <lucien.xin@gmail.com>
Ok, applied and queued up for -stable, thanks.
prev parent reply other threads:[~2018-03-12 15:04 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-10 10:57 [PATCHv3 net] sock_diag: request _diag module only when the family or proto has been registered Xin Long
2018-03-12 15:04 ` David Miller [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180312.110408.668395939190101205.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=lucien.xin@gmail.com \
--cc=marcelo.leitner@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=phil@nwl.cc \
--cc=sd@queasysnail.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox