|| ||Ingo Molnar <mingo-AT-elte.hu>|
|| ||"Frank Ch. Eigler" <fche-AT-redhat.com>|
|| ||Re: [patch 4/4] Markers Support for Proprierary Modules|
|| ||Thu, 20 Mar 2008 23:05:40 +0100|
|| ||Mathieu Desnoyers <mathieu.desnoyers-AT-polymtl.ca>,
Jon Masters <jcm-AT-jonmasters.org>, Jon Masters <jcm-AT-redhat.com>,
Rusty Russell <rusty-AT-rustcorp.com.au>,
Christoph Hellwig <hch-AT-infradead.org>,
Linus Torvalds <torvalds-AT-linux-foundation.org>|
* Frank Ch. Eigler <firstname.lastname@example.org> wrote:
> Ingo Molnar <email@example.com> writes:
> >> There seems to be good arguments for markers to support proprierary
> >> modules. So I am throwing this one-liner in and let's see how people
> >> react. [...]
> > ugh, this is unbelievably stupid move technically - so a very strong
> > NACK. Allowing marker use in unfixable modules (today it's placing
> > markers into unfixable modules,
> As the thread suggested, this can benefit us more than it benefits
> them, because it may let us see more into the blobs.
> > tomorrow it's marker use by such modules) has only one clear and
> > predictable effect: it turns marker calls into essential ABIs [...]
> The marker_probe_*register calls are already EXPORT_SYMBOL_GPL'd, so
> that covers your "tomorrow" case. NACK that all you like when/if
> someone proposes changing that.
i very much know that they are exported that way. It's the concept i'm
against - dont we have 9 million lines of proper kernel source code to
worry about? Why are we even arguing about this? Binary modules should
be as isolated as possible - it's a totally untrusted entity and history
has shown it again and again that the less infrastructure coupling we
have to them, the better.
> > [if the proprietary modules attach to kernel markers ...] then all
> > the pressure is on those who _can_ fix their code - meaning the
> > kernel subsystem maintainers that use [you mean: define] markers.
> (In a way, it would be a nice problem to have. At this moment, there
> are still no markers actually committed within -mm nor -linus.)
... which makes it doubly problematic to expose them to binary-only
modules in any way, shape or form. Really, once _any_ kernel facility is
used by such a module, it's pain for us to change it from that point on.
Once markers are a 10 year concept that nobody in their right mind would
want to change, sure, we dont _care_ about whether it's export or not,
and basic courtesy might say that it's OK to do it. But to proactively
export any aspect of a half-done piece of infrastructure is crazy.
to post comments)