• Michal Koutný's avatar
    net/sched: Load modules via their alias · 2c15a5ae
    Michal Koutný authored
    The cls_,sch_,act_ modules may be loaded lazily during network
    configuration but without user's awareness and control.
    
    Switch the lazy loading from canonical module names to a module alias.
    This allows finer control over lazy loading, the precedent from
    commit 7f78e035 ("fs: Limit sys_mount to only request filesystem
    modules.") explains it already:
    
    	Using aliases means user space can control the policy of which
    	filesystem^W net/sched modules are auto-loaded by editing
    	/etc/modprobe.d/*.conf with blacklist and alias directives.
    	Allowing simple, safe, well understood work-arounds to known
    	problematic software.
    
    By default, nothing changes. However, if a specific module is
    blacklisted (its canonical name), it won't be modprobe'd when requested
    under its alias (i.e. kernel auto-loading). It would appear as if the
    given module was unknown.
    
    The module can still be loaded under its canonical name, which is an
    explicit (privileged) user action.
    Signed-off-by: default avatarMichal Koutný <mkoutny@suse.com>
    Acked-by: default avatarJamal Hadi Salim <jhs@mojatatu.com>
    Reviewed-by: default avatarJiri Pirko <jiri@nvidia.com>
    Link: https://lore.kernel.org/r/20240201130943.19536-4-mkoutny@suse.comSigned-off-by: default avatarJakub Kicinski <kuba@kernel.org>
    2c15a5ae
cls_api.c 98.4 KB