Message ID | 20081211230521.GA2392@ioremap.net |
---|---|
State | RFC, archived |
Delegated to: | David Miller |
Headers | show |
> Btw, does this ugly hack fix the problem? > According to your description it may be the case. > > diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c > index 480184a..2b64eb5 100644 > --- a/net/netlink/af_netlink.c > +++ b/net/netlink/af_netlink.c > @@ -434,6 +434,10 @@ static int netlink_create(struct net *net, struct socket *sock, int protocol) > if (protocol < 0 || protocol >= MAX_LINKS) > return -EPROTONOSUPPORT; > > +#ifndef CONFIG_AUDIT > + if (protocol == NETLINK_AUDIT) > + return -EPROTONOSUPPORT; > +#endif > netlink_lock_table(); > #ifdef CONFIG_MODULES > if (!nl_table[protocol].registered) { > > Yes, that would take care of it. My original workaround was to disable CONFIG_KMOD. I only have a few modules compiled (for servers that require those modules), but most of my servers don't need any modules. This would allow me to manually load modules myself and never have to worry about the kernel forking stuff in userspace. Unfortunately, it appears that CONFIG_KMOD is being deprecated soon and I didn't want to rely on it. What is the core reason for removing CONFIG_KMOD? I personally would rather have the choice as to whether my kernel tries to find its own modules or not. Michael Spiegle mike@nauticaltech.com -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 480184a..2b64eb5 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -434,6 +434,10 @@ static int netlink_create(struct net *net, struct socket *sock, int protocol) if (protocol < 0 || protocol >= MAX_LINKS) return -EPROTONOSUPPORT; +#ifndef CONFIG_AUDIT + if (protocol == NETLINK_AUDIT) + return -EPROTONOSUPPORT; +#endif netlink_lock_table(); #ifdef CONFIG_MODULES if (!nl_table[protocol].registered) {