[ovs-dev] [PATCH v3 1/6] ovs-kmod-ctl: introduce a kernel module load script

Ben Pfaff blp at ovn.org
Thu Jun 14 20:32:21 UTC 2018


On Wed, Jun 06, 2018 at 10:07:14AM -0700, Ansis Atteka wrote:
> On Wed, Jun 6, 2018, 7:31 AM Aaron Conole <aconole at redhat.com> wrote:
> 
> > Aaron Conole <aconole at redhat.com> writes:
> >
> > > Currently, Open vSwitch on linux embeds the logic of loading and
> > unloading
> > > kernel modules into the ovs-ctl and ovs-lib script files.  This works,
> > but
> > > it means that there is no way to leverage extended filesystem attributes
> > > to grant fine grain permissions relating to module loading.
> > >
> > > The split out utility 'ovs-kmod-ctl' will be used in an upcoming commit
> > > for RHEL-based distributions to have a separate transition domain that
> > > will allow module loading to be given to a separate selinux domain from
> > > the openvswitch_t domain.
> > >
> > > Acked-By: Timothy Redaelli <tredaelli at redhat.com>
> > > Signed-off-by: Aaron Conole <aconole at redhat.com>
> > > ---
> > >  debian/openvswitch-switch.install  |   1 +
> > >  debian/openvswitch-switch.manpages |   1 +
> > >  rhel/openvswitch-fedora.spec.in    |   2 +
> > >  rhel/openvswitch.spec.in           |   2 +
> > >  utilities/.gitignore               |   1 +
> > >  utilities/automake.mk              |   5 +
> > >  utilities/ovs-ctl.in               |  32 +------
> > >  utilities/ovs-kmod-ctl.8           | 109 ++++++++++++++++++++++
> > >  utilities/ovs-kmod-ctl.in          | 183
> > +++++++++++++++++++++++++++++++++++++
> > >  utilities/ovs-lib.in               |  20 +---
> > >  10 files changed, 311 insertions(+), 45 deletions(-)
> > >  create mode 100644 utilities/ovs-kmod-ctl.8
> > >  create mode 100644 utilities/ovs-kmod-ctl.in
> >
> > ...
> >
> > > +    if test -e /sys/module/ip_gre; then
> > > +        action "Forcing removal of ip_gre module" rmmod ip_gre
> > > +    fi
> > > +
> > > +    if test -e /sys/module/gre; then
> > > +        action "Forcing removal of gre module" rmmod gre
> > > +    fi
> >
> > I think this block will no longer successfully apply since
> > a94f9524dbc11c78c83d1a49959497f5e73bf949.  I got caught in the
> > apply/revert storm :)
> >
> > How should I proceed?  Should I send an incremental, a new spin of this
> > patch, or a new spin of the series?
> >
> 
> Since the conflict was easy to resolve, then I don't think you need to do
> anything this time. Once I will push this patch, you can keep an eye on it
> just to double check that I resolved the conflict correctly.

Does this series need anything?


More information about the dev mailing list