Hacking modversions
Mike Hearn
mike at navi.cx
Tue Mar 1 18:43:58 UTC 2005
Hello,
I'd like to propose that kernel updates release via fedora-updates use the
same modversions.h as the last one if there were no interface
changes. I know that may be a controversial proposal, but read on.
For security fixes, it's rare (but not impossible) that a kernel interface
changes. In this case it would be possible to use the same symbol mangling
and therefore not prevent user-compiled modules from loading, and it would
be safe.
For the other updates released, more care would have to be taken
to notice if there were changes or not - if there was any doubt about
binary compatibility, then modversions would still change, but if there
was simply eg, a driver bugfix then it would not be changed.
This solves the following problem:
Bill sets up a Linux system for Sally. She does a "yum upgrade" because
she knows it's important to stay up to date to be secure. The kernel is
changed, and as a result various things break even though the update was
fixing a race condition in a syscall implementation. She does not
know how to fix it.
This is not a "please can the kernel have a stable ABI" email.
It doesn't, and that's the end of the story. This is a "please do not
prevent self-compiled modules from loading unless there is a real need"
email, which I haven't seen brought up before (you have my apologies if it
was) and should not have much impact outside a bit more work for Dave
Jones I guess ;)
Is this possible to do? It would require a careful analysis of the changes
being made to the kernel in online updates, but hopefully this already
happens anyway :) The actual build system modifications should not be too
tricky, I hope ...
thanks -mike
More information about the fedora-devel-list
mailing list