• Xin Long's avatar
    sock_diag: request _diag module only when the family or proto has been registered · bf2ae2e4
    Xin Long authored
    Now when using 'ss' in iproute, kernel would try to load all _diag
    modules, which also causes corresponding family and proto modules
    to be loaded as well due to module dependencies.
    
    Like after running 'ss', sctp, dccp, af_packet (if it works as a module)
    would be loaded.
    
    For example:
    
      $ lsmod|grep sctp
      $ ss
      $ lsmod|grep sctp
      sctp_diag              16384  0
      sctp                  323584  5 sctp_diag
      inet_diag              24576  4 raw_diag,tcp_diag,sctp_diag,udp_diag
      libcrc32c              16384  3 nf_conntrack,nf_nat,sctp
    
    As these family and proto modules are loaded unintentionally, it
    could cause some problems, like:
    
    - Some debug tools use 'ss' to collect the socket info, which loads all
      those diag and family and protocol modules. It's noisy for identifying
      issues.
    
    - Users usually expect to drop sctp init packet silently when they
      have no sense of sctp protocol instead of sending abort back.
    
    - It wastes resources (especially with multiple netns), and SCTP module
      can't be unloaded once it's loaded.
    
    ...
    
    In short, it's really inappropriate to have these family and proto
    modules loaded unexpectedly when just doing debugging with inet_diag.
    
    This patch is to introduce sock_load_diag_module() where it loads
    the _diag module only when it's corresponding family or proto has
    been already registered.
    
    Note that we can't just load _diag module without the family or
    proto loaded, as some symbols used in _diag module are from the
    family or proto module.
    
    v1->v2:
      - move inet proto check to inet_diag to avoid a compiling err.
    v2->v3:
      - define sock_load_diag_module in sock.c and export one symbol
        only.
      - improve the changelog.
    Reported-by: default avatarSabrina Dubroca <sd@queasysnail.net>
    Acked-by: default avatarMarcelo Ricardo Leitner <marcelo.leitner@gmail.com>
    Acked-by: default avatarPhil Sutter <phil@nwl.cc>
    Acked-by: default avatarSabrina Dubroca <sd@queasysnail.net>
    Signed-off-by: default avatarXin Long <lucien.xin@gmail.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    bf2ae2e4
inet_diag.c 31.2 KB