RE: [RFC PATCH] Unexport do_machine_check() and machine_check_poll()

From: Luck, Tony
Date: Mon Mar 14 2016 - 14:24:32 EST

Next message: Jarkko Sakkinen: "[PATCH] tpm, tpm_crb: remove wmb()'s"
Previous message: Andy Lutomirski: "Re: [PATCH v4 2/5] x86/msr: Carry on after a non-"safe" MSR access fails without !panic_on_oops"
In reply to: Borislav Petkov: "Re: [RFC PATCH] Unexport do_machine_check() and machine_check_poll()"
Next in thread: Borislav Petkov: "Re: [RFC PATCH] Unexport do_machine_check() and machine_check_poll()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> But the sentiment is: I want to unexport do_machine_check() and
> machine_check_poll() and not let external modules call into them
> directly. Why, you ask? Because they have no business doing that.

EXPORT is a big hammer ... we either let every module have access to
a function, or none. It sounds like you want a way to just export to a
few trusted friendly areas that have a real need to access, and make this
invisible to everyone else.

I can't imagine a way to absolutely enforce that ... whatever mechanism
you choose could be abused by someone willing to have their module lie
and say "sure, I'm a KVM user that is allowed to use that".

Perhaps there's a way to implement an advisory scheme ... which would
make it blatantly obvious when modules are hooking into things that
they shouldn't. The only similar thing we have now is EXPORT_GPL which doesn't
look scalable to lots of uses.

-Tony

Next message: Jarkko Sakkinen: "[PATCH] tpm, tpm_crb: remove wmb()'s"
Previous message: Andy Lutomirski: "Re: [PATCH v4 2/5] x86/msr: Carry on after a non-"safe" MSR access fails without !panic_on_oops"
In reply to: Borislav Petkov: "Re: [RFC PATCH] Unexport do_machine_check() and machine_check_poll()"
Next in thread: Borislav Petkov: "Re: [RFC PATCH] Unexport do_machine_check() and machine_check_poll()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]