Received: by 10.223.185.111 with SMTP id b44csp687210wrg; Fri, 9 Mar 2018 11:46:44 -0800 (PST) X-Google-Smtp-Source: AG47ELsNv+32VMc6oBMcpwJJ+CJP9EU+xmkjk3Q2afOriNEI2qwPsig7Sese0l4JhRSNL8aemYLV X-Received: by 2002:a17:902:52c1:: with SMTP id a59-v6mr28832350pli.37.1520624804303; Fri, 09 Mar 2018 11:46:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520624804; cv=none; d=google.com; s=arc-20160816; b=EhpNXxcgZtifRWKxktroihwU3YJl4h1pz3belJlTYSQIhIs/mNc54opWBUtchsAAxg s6u/of+AIkyxWP6VmTMn7/g6EOLlZwllJY3QgSfc/Ft3sOkvQOlu+Quyd57TSeJpEnMv KIkvXCYL1r87ZnAc4kB+HoEMOovaNNIyCAYV8/wBrfAYUNjkCBcQoU37NZKpnz6iBDiQ ULDk6VlObQxYX6CIN++KAHD+2i1PM4CXHAzA5U+Nv8qXa7ikY04F5gGFLePqa1+9MNxu SdO5kyRYq0Z1WAgqSGtvjVB8t5R12fVLDDutTqQDs0VTIzn7uFSnCzELZmXYMOGlk7OE Phgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=xox8WYytT01LeRXrtcy104hFTxqAChSR0brmB4kbGj8=; b=ec6jPoiZ1ZMjB4xhT/Jhgto+vBeh6G0auiBnUlBPDaI4sA6CEgEQ2bU81zuEpjg00e 1lia9jN6e/OQGvk++XJdG7qAszdyoBClrZllOKVQqst2EzwZ+49OuqWEwpX48yCnOxE8 nn5YItU3OLmvAITOS3qyUa4xKENOmL5e9kqHTRKIy/9GU1Qcxl1ueSZNo8gO6LJMeHn4 flg57SzngxARxe2t0lk9QXIWRTshr0oZqiSqPy7RII7KQQn30ug+q4VqBOexkfwBac5Y eB+uiw2pZJ4JMtwE0tBVTU8VlftnfVxhlzrP8kDHbLjqALAZebW2bSJkzcq/HesFrhA0 ZIkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=PrS2bg04; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1-v6si1332025plk.52.2018.03.09.11.46.29; Fri, 09 Mar 2018 11:46:44 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=PrS2bg04; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932473AbeCITpe (ORCPT + 99 others); Fri, 9 Mar 2018 14:45:34 -0500 Received: from mail-io0-f193.google.com ([209.85.223.193]:33676 "EHLO mail-io0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932069AbeCITpc (ORCPT ); Fri, 9 Mar 2018 14:45:32 -0500 Received: by mail-io0-f193.google.com with SMTP id f1so4772856iob.0 for ; Fri, 09 Mar 2018 11:45:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xox8WYytT01LeRXrtcy104hFTxqAChSR0brmB4kbGj8=; b=PrS2bg04qhhACKSoPDB2duzmUb1VQXJ3Sd1bL7rtPTsPja6dmR7mdJOObKVgeGby8o 4Tr/mL2US6XLck2X07k2aiabZ4W1JIqJXz7bP1Bmn88NCDSIIRlCSMXzPgE30tNXmv8E xXGzoaRTxbiAzeAay4eyMZ47/FZHRxnWr+mkSlvsX+wMNOOnE8FRbuooyPwWcDEPMPWV 2KPHbgICOjda43jTdbY43ooQV1iF7K2X9H5JVBUEC0TjL9eWNs3c7+LkZ/ZcYon7PTCd Gj03yWacH09A1jX6Ul2b29Ou++SsrTpAiRqgN1QrIQvtp9ToEeWr4V83jLvRooKrfWLS LGhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xox8WYytT01LeRXrtcy104hFTxqAChSR0brmB4kbGj8=; b=LGpa46zXRGOYFqCrRxuxlurNDevU/JDOuBzZuhCcjkWVb460Vcyf9MOnvEEhgTIUUe IRa5+XLO0iUN252rZvXo3d/AqzusYQbtWQIjarN0G1orVhKCDzEmlRVTN5N4EP0S6Sp8 LlS0Sd+HXHRB7/Qc2Xno5wdOAyuQ5hCFBQVTmi46Ihc50mlmF1psWCdtZBsTbDYJxhcs 5UK59zN2ty5eH6ODQtR3swV4Nt9YY2a1IV5rWOI7ZL4CRNya96Ja8tJy217XqIXChmPV ospNH/CfcEMYragMt8uU/D5e/jK91kmT4kagza2SzaLDB36exxgN2cUE5ulGGote0G+P txUA== X-Gm-Message-State: AElRT7EVTe4tI5UPaMwmj0p8Ddv2b3lZywwsRcykO0nqioXgqTXFs4Ey s+Rhw0fUO38UtJ1ufi+cDDm0LGkPbGNdMbrf8Iuzew== X-Received: by 10.107.151.209 with SMTP id z200mr29323498iod.150.1520624731385; Fri, 09 Mar 2018 11:45:31 -0800 (PST) MIME-Version: 1.0 Received: by 10.2.137.101 with HTTP; Fri, 9 Mar 2018 11:45:10 -0800 (PST) In-Reply-To: References: <20180309.135724.452219538059491199.davem@davemloft.net> From: Andy Lutomirski Date: Fri, 9 Mar 2018 19:45:11 +0000 Message-ID: Subject: Re: [PATCH net-next] modules: allow modprobe load regular elf binaries To: Linus Torvalds Cc: David Miller , Alexei Starovoitov , Kees Cook , Alexei Starovoitov , Djalal Harouni , Al Viro , Daniel Borkmann , Greg Kroah-Hartman , "Luis R. Rodriguez" , Network Development , Linux Kernel Mailing List , kernel-team , Linux API Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 9, 2018 at 7:38 PM, Linus Torvalds wrote: > On Fri, Mar 9, 2018 at 11:12 AM, Linus Torvalds > wrote: >> >> How are you going to handle five processes doing the same setup concurrently? > > Side note: it's not just serialization. It's also "is it actually up > and running". > I think the right way to solve this would be to take a hint from systemd's socket activation model. The current patch had the module load process kick off an ELF binary that goes an registers itself to handle something. We can turn that around. Make the module init function create the socket (or pipe or whatever) receives request and pass it to the user program as stdin. Then the kernel can start queueing requests into the socket immediately, and the user program will get to them whenever it finishes initializing. Or it can write some message to the socket saying "hey, I'm ready". This also completely avoids the issue where some clever user manually loads the "module" with exec() ("hey, I'm so clever, I can just run the damn thing instead if using init_module()!" or writes an out-of-tree program that uses whatever supposedly secret API the in-kernel binary is supposed to use to register itself (and I know people who would do exactly that!) and the kernel does request_module() at roughly the same time.