On 3/3/26 12:18 PM, Fernando Fernandez Mancera wrote:

On 3/3/26 2:11 AM, Jakub Kicinski wrote:

quoted

On Mon, 2 Mar 2026 06:58:46 +0100 Daniel Borkmann wrote:

quoted

quoted

       } else if (nh->nh_family == AF_INET6) {
+        if (!ipv6_stub->nd_tbl) {
+            rcu_read_unlock();
+            goto out_drop;
+        }

Can we just completely get rid of allowing IPv6 as a module?
So either its built-in or not available at all, and then we
can get rid of the stub completely rather than adding checks
in various places which also brings a small performance benefit
of not having indirect calls in some places.

+1 fwiw, if someone complains we can revert it back in
feels like a complete waste of everyone's time to maintain it
https://lore.kernel.org/all/20260224180544.3c865751@kernel.org/ (local)

Dropping IPv6 as a module sounds good to me. I could prepare a patch for net-next as RFC to start the discussion/feedback loop.

Anyway, I think we still need to fix these crashes on net tree first.

Maybe the "fix" could be to just switch IPV6 from tristate to bool in
the Kconfig, and then once net merges into net-next we could deconstruct
all the helper cruft which makes the late on-demand module loading of
IPv6 work.

If Jakub thinks this is too risky, then sure we can go with the approach
in the patches here (maybe add unlikely to the branches as well), and
the rest would go all via net-next including reverting these ones here
again.

Thanks,
Daniel