lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20110429.014445.39196872.davem@davemloft.net>
Date:	Fri, 29 Apr 2011 01:44:45 -0700 (PDT)
From:	David Miller <davem@...emloft.net>
To:	JBeulich@...ell.com
Cc:	shemminger@...ux-foundation.org, bridge@...ts.linux-foundation.org,
	jeffm@...e.com, netdev@...r.kernel.org
Subject: Re: [PATCH] bridge: Module use count must be updated as bridges
 are created/destroyed

From: "Jan Beulich" <JBeulich@...ell.com>
Date: Fri, 29 Apr 2011 09:31:27 +0100

>>>> On 29.04.11 at 10:10, David Miller <davem@...emloft.net> wrote:
>> From: "Jan Beulich" <JBeulich@...ell.com>
>> Date: Fri, 29 Apr 2011 08:41:10 +0100
>> 
>>> You talk of rmmod on the very module, but the issue is about
>>> modprobe -r on a dependent module. I cannot believe you consider
>>> it correct that *implicit* unloading of bridge.ko should happen when
>>> bridges are configured.
>> 
>> Which module in particular depends upon bridge and causes the
>> problem?
> 
> The problem was observed (a long time ago) with ebtable_broute,
> and I cannot see how this would have changed meanwhile.

Well your change makes it so that someone who actually _wants_ to
unload the bridge module, regardless of configuration, cannot do so.

I think that's a worse problem than this ebtables thing.

Nothing on the system should be hitting modules with unload requests
unless the user explicitly asked for that specific module to be
unloaded.  At least not by default.

So the me the problem is perhaps that "modprobe -r" does this auto
dependency unloading thing by default.

When we first fixed network device drivers so that they now properly
always run with no module refcount at all, people complained because
there were some distributions that ran some daemon that periodically
looked for "unreferenced" modules and "helped" the user by
automatically unloaded them.

We killed that foolish daemon, and we can fix "modprobe -r" too.

Does "rmmod" have this behavior too?  If not, and it does the right
thing by only unloaded what the user asked for, then people should
use that.

I really don't in any way want to block people from being able to
cleanly unload the bridge module, regardless of configuration, if
that's what they want so your patch as written is not going to be
considered for inclusion.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ