[PATCH] KEYS: replace -EEXIST with -EBUSY
David Howells
dhowells at redhat.com
Mon Jan 5 09:57:15 UTC 2026
Daniel Gomez <da.gomez at kernel.org> wrote:
> From: Daniel Gomez <da.gomez at samsung.com>
>
> The -EEXIST error code is reserved by the module loading infrastructure
> to indicate that a module is already loaded.
EEXIST means a file exists when you're trying to create it. Granted we abuse
that somewhat rather than add ever more error codes, but you cannot reserve it
for indicating that a module exists.
> When a module's init
> function returns -EEXIST, userspace tools like kmod interpret this as
> "module already loaded" and treat the operation as successful, returning
> 0 to the user even though the module initialization actually failed.
>
> This follows the precedent set by commit 54416fd76770 ("netfilter:
> conntrack: helper: Replace -EEXIST by -EBUSY") which fixed the same
> issue in nf_conntrack_helper_register().
>
> Affected modules:
> * pkcs8_key_parser x509_key_parser asymmetric_keys dns_resolver
> * nvme_keyring pkcs7_test_key rxrpc turris_signing_key
>
> Signed-off-by: Daniel Gomez <da.gomez at samsung.com>
Please don't. Userspace can always check /proc/modules (assuming procfs is
enabled, I suppose).
David
More information about the Linux-security-module-archive
mailing list