[ovs-dev] [PATCH v3 1/6] ovs-kmod-ctl: introduce a kernel module load script

Ansis Atteka ansisatteka at gmail.com
Mon Jun 18 02:37:08 UTC 2018


On Wed, 6 Jun 2018 at 07:31, Aaron Conole <aconole at redhat.com> wrote:
>
> Aaron Conole <aconole at redhat.com> writes:
>
> > Currently, Open vSwitch on linux embeds the logic of loading and unloading
> > kernel modules into the ovs-ctl and ovs-lib script files.  This works, but
> > it means that there is no way to leverage extended filesystem attributes
> > to grant fine grain permissions relating to module loading.
> >
> > The split out utility 'ovs-kmod-ctl' will be used in an upcoming commit
> > for RHEL-based distributions to have a separate transition domain that
> > will allow module loading to be given to a separate selinux domain from
> > the openvswitch_t domain.
> >
> > Acked-By: Timothy Redaelli <tredaelli at redhat.com>
> > Signed-off-by: Aaron Conole <aconole at redhat.com>
Acked-by: Ansis Atteka <aatteka at ovn.org>
> > ---
> >  debian/openvswitch-switch.install  |   1 +
> >  debian/openvswitch-switch.manpages |   1 +
> >  rhel/openvswitch-fedora.spec.in    |   2 +
> >  rhel/openvswitch.spec.in           |   2 +
> >  utilities/.gitignore               |   1 +
> >  utilities/automake.mk              |   5 +
> >  utilities/ovs-ctl.in               |  32 +------
> >  utilities/ovs-kmod-ctl.8           | 109 ++++++++++++++++++++++
> >  utilities/ovs-kmod-ctl.in          | 183 +++++++++++++++++++++++++++++++++++++
> >  utilities/ovs-lib.in               |  20 +---
> >  10 files changed, 311 insertions(+), 45 deletions(-)
> >  create mode 100644 utilities/ovs-kmod-ctl.8
> >  create mode 100644 utilities/ovs-kmod-ctl.in
>
> ...
>
> > +    if test -e /sys/module/ip_gre; then
> > +        action "Forcing removal of ip_gre module" rmmod ip_gre
> > +    fi
> > +
> > +    if test -e /sys/module/gre; then
> > +        action "Forcing removal of gre module" rmmod gre
> > +    fi
>
> I think this block will no longer successfully apply since
> a94f9524dbc11c78c83d1a49959497f5e73bf949.  I got caught in the
> apply/revert storm :)

Since conflict seemed trivial, then I resolved it for you. You are
welcome to double check it in master branch.
>
> How should I proceed?  Should I send an incremental, a new spin of this
> patch, or a new spin of the series?


More information about the dev mailing list