Re: git: 2c24ad3377a6 - main - ifconfig: abort if loading a module fails other than for ENOENT

> On 20 Jan 2023, at 16:49, Gleb Smirnoff <glebius@FreeBSD.org> wrote:
> 
> On Fri, Jan 20, 2023 at 11:04:33AM +0000, Alexander Chernikov wrote:
> A> I think another question is that if if should be done by ifconfig(8) at all. Kernel can take care of trying to load the required modules, checking the privileges.
> A> I’m considering adding such code for the netlink-based interface creation.
> 
> This is already done in netgraph, but I won't call this solution a
> pretty one. You ask kernel to do some network related ioctl(2), but
> it actually does kldload(2).
Partially I agree.
Let me try to rephrase it. The intent is to create a network interface and it is implemented using SIOCIFCREATE[2] and, potentially, kldload(2).
As the idea behind many ioctl’s is to do a single thing at a time, coupling it with kldload may indeed not look pretty.
For Netlink, it’s different - it’s meant to be a broker and provide a higher-level interfaces. You can ask it to create an interface, set its flags, description, fib, mtu and so on via a single request.

> 
> At what stage of the syscall we understand that kldload(2) needs to
> be done? Are we free of network locks at this stage? Cause kldload
For example, if one decide to enhance `SIOCIFCREATE`, it can be done somewhere around `if_clone_create()`. No locks are held in `ifioctl()` that handles it. Also, we’re in the sys call and can sleep.
For Netlink, - probably in the netlink sys/netlink/route/iface.c:create_link before using the generic cloner. Netlink handlers run in dedicated taskques and can sleep as well.

> will take a very different set of locks, possibly creating a LOR,
> and in an edge case will go into NFS taking network locks.
> 
> -- 
> Gleb Smirnoff