[ovs-dev] [PATCH v3 1/6] ovs-kmod-ctl: introduce a kernel module load script

Ansis Atteka ansisatteka at gmail.com
Wed Jun 6 17:07:14 UTC 2018


On Wed, Jun 6, 2018, 7:31 AM Aaron Conole <aconole at redhat.com> wrote:

> Aaron Conole <aconole at redhat.com> writes:
>
> > Currently, Open vSwitch on linux embeds the logic of loading and
> unloading
> > kernel modules into the ovs-ctl and ovs-lib script files.  This works,
> but
> > it means that there is no way to leverage extended filesystem attributes
> > to grant fine grain permissions relating to module loading.
> >
> > The split out utility 'ovs-kmod-ctl' will be used in an upcoming commit
> > for RHEL-based distributions to have a separate transition domain that
> > will allow module loading to be given to a separate selinux domain from
> > the openvswitch_t domain.
> >
> > Acked-By: Timothy Redaelli <tredaelli at redhat.com>
> > Signed-off-by: Aaron Conole <aconole at redhat.com>
> > ---
> >  debian/openvswitch-switch.install  |   1 +
> >  debian/openvswitch-switch.manpages |   1 +
> >  rhel/openvswitch-fedora.spec.in    |   2 +
> >  rhel/openvswitch.spec.in           |   2 +
> >  utilities/.gitignore               |   1 +
> >  utilities/automake.mk              |   5 +
> >  utilities/ovs-ctl.in               |  32 +------
> >  utilities/ovs-kmod-ctl.8           | 109 ++++++++++++++++++++++
> >  utilities/ovs-kmod-ctl.in          | 183
> +++++++++++++++++++++++++++++++++++++
> >  utilities/ovs-lib.in               |  20 +---
> >  10 files changed, 311 insertions(+), 45 deletions(-)
> >  create mode 100644 utilities/ovs-kmod-ctl.8
> >  create mode 100644 utilities/ovs-kmod-ctl.in
>
> ...
>
> > +    if test -e /sys/module/ip_gre; then
> > +        action "Forcing removal of ip_gre module" rmmod ip_gre
> > +    fi
> > +
> > +    if test -e /sys/module/gre; then
> > +        action "Forcing removal of gre module" rmmod gre
> > +    fi
>
> I think this block will no longer successfully apply since
> a94f9524dbc11c78c83d1a49959497f5e73bf949.  I got caught in the
> apply/revert storm :)
>
> How should I proceed?  Should I send an incremental, a new spin of this
> patch, or a new spin of the series?
>

Since the conflict was easy to resolve, then I don't think you need to do
anything this time. Once I will push this patch, you can keep an eye on it
just to double check that I resolved the conflict correctly.


More information about the dev mailing list