[ovs-dev] [PATCH v3 1/6] ovs-kmod-ctl: introduce a kernel module load script
Ansis Atteka
ansisatteka at gmail.com
Wed Jun 6 17:07:14 UTC 2018
On Wed, Jun 6, 2018, 7:31 AM Aaron Conole <aconole at redhat.com> wrote:
> Aaron Conole <aconole at redhat.com> writes:
>
> > Currently, Open vSwitch on linux embeds the logic of loading and
> unloading
> > kernel modules into the ovs-ctl and ovs-lib script files. This works,
> but
> > it means that there is no way to leverage extended filesystem attributes
> > to grant fine grain permissions relating to module loading.
> >
> > The split out utility 'ovs-kmod-ctl' will be used in an upcoming commit
> > for RHEL-based distributions to have a separate transition domain that
> > will allow module loading to be given to a separate selinux domain from
> > the openvswitch_t domain.
> >
> > Acked-By: Timothy Redaelli <tredaelli at redhat.com>
> > Signed-off-by: Aaron Conole <aconole at redhat.com>
> > ---
> > debian/openvswitch-switch.install | 1 +
> > debian/openvswitch-switch.manpages | 1 +
> > rhel/openvswitch-fedora.spec.in | 2 +
> > rhel/openvswitch.spec.in | 2 +
> > utilities/.gitignore | 1 +
> > utilities/automake.mk | 5 +
> > utilities/ovs-ctl.in | 32 +------
> > utilities/ovs-kmod-ctl.8 | 109 ++++++++++++++++++++++
> > utilities/ovs-kmod-ctl.in | 183
> +++++++++++++++++++++++++++++++++++++
> > utilities/ovs-lib.in | 20 +---
> > 10 files changed, 311 insertions(+), 45 deletions(-)
> > create mode 100644 utilities/ovs-kmod-ctl.8
> > create mode 100644 utilities/ovs-kmod-ctl.in
>
> ...
>
> > + if test -e /sys/module/ip_gre; then
> > + action "Forcing removal of ip_gre module" rmmod ip_gre
> > + fi
> > +
> > + if test -e /sys/module/gre; then
> > + action "Forcing removal of gre module" rmmod gre
> > + fi
>
> I think this block will no longer successfully apply since
> a94f9524dbc11c78c83d1a49959497f5e73bf949. I got caught in the
> apply/revert storm :)
>
> How should I proceed? Should I send an incremental, a new spin of this
> patch, or a new spin of the series?
>
Since the conflict was easy to resolve, then I don't think you need to do
anything this time. Once I will push this patch, you can keep an eye on it
just to double check that I resolved the conflict correctly.
More information about the dev
mailing list