lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 1 Apr 2019 14:37:25 -0700
From:   Florian Fainelli <f.fainelli@...il.com>
To:     Maciej Żenczykowski <zenczykowski@...il.com>,
        Maciej Żenczykowski <maze@...gle.com>,
        "David S . Miller" <davem@...emloft.net>
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH 1/2] net: enable IPv6 iff IPv4

On 4/1/19 12:44 PM, Maciej Żenczykowski wrote:
> From: Maciej Żenczykowski <maze@...gle.com>
> 
> IPv6 is 20 years old and IPv4 has run out of IP addresses
> and is deprecated.
> 
> It is time to make IPv6 a first class citizen.
> 
> As such we remove the ability to compile IPv6 as a module,
> and IPv4 support now implies IPv6 support.>
> This has the nice benefit of allowing upcoming code simplification:
> all IPv6 module support can be removed, and we'll be able to merge
> IPv6 socket state into the base IPv4 socket state...

If you exclude size increase for the built-in part of the kernel, yes,
it's all beneficial.

There are tons of systems where IPv6 will likely never be used, let's
face it, so why kill the ability to insmod the IPv6 stack since it
really does not come at the cost of trying to fix the unloading part
already?

I am not convinced this is solving any problems TBH...

> 
> At some point we should be able to reverse things and make IPv4
> the optional protocol and possibly even make an ipv4.ko.
> 
> Signed-off-by: Maciej Żenczykowski <maze@...gle.com>
> ---
>  net/Kconfig      | 1 +
>  net/ipv6/Kconfig | 7 +------
>  2 files changed, 2 insertions(+), 6 deletions(-)
> 
> diff --git a/net/Kconfig b/net/Kconfig
> index 3e8fdd688329..0f2ca2137f9e 100644
> --- a/net/Kconfig
> +++ b/net/Kconfig
> @@ -68,6 +68,7 @@ config INET
>  	bool "TCP/IP networking"
>  	select CRYPTO
>  	select CRYPTO_AES
> +	select IPV6
>  	---help---
>  	  These are the protocols used on the Internet and on most local
>  	  Ethernets. It is highly recommended to say Y here (this will enlarge
> diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig
> index 613282c65a10..9197f496a112 100644
> --- a/net/ipv6/Kconfig
> +++ b/net/ipv6/Kconfig
> @@ -2,10 +2,8 @@
>  # IPv6 configuration
>  #
>  
> -#   IPv6 as module will cause a CRASH if you try to unload it
>  menuconfig IPV6
> -	tristate "The IPv6 protocol"
> -	default y
> +	bool "The IPv6 protocol"

Huh, no, please? If you need IPv6 make it built-in to your kernel, but
don't bother people taht

>  	---help---
>  	  Support for IP version 6 (IPv6).
>  
> @@ -15,9 +13,6 @@ menuconfig IPV6
>  	  Documentation/networking/ipv6.txt and read the HOWTO at
>  	  <http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/>
>  
> -	  To compile this protocol support as a module, choose M here: the
> -	  module will be called ipv6.
> -
>  if IPV6
>  
>  config IPV6_ROUTER_PREF
> 


-- 
Florian

Powered by blists - more mailing lists