From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932142AbcFNRPy (ORCPT ); Tue, 14 Jun 2016 13:15:54 -0400 Received: from mx1.redhat.com ([209.132.183.28]:52281 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751401AbcFNRPs (ORCPT ); Tue, 14 Jun 2016 13:15:48 -0400 From: Prarit Bhargava To: linux-kernel@vger.kernel.org Cc: Prarit Bhargava , Jonathan Corbet , Rusty Russell , linux-doc@vger.kernel.org Subject: [PATCH v2] Add kernel parameter to blacklist modules Date: Tue, 14 Jun 2016 13:15:45 -0400 Message-Id: <1465924545-10090-1-git-send-email-prarit@redhat.com> In-Reply-To: <87h9cw7pg2.fsf@rustcorp.com.au> References: <87h9cw7pg2.fsf@rustcorp.com.au> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Tue, 14 Jun 2016 17:15:48 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Blacklisting a module in linux has long been a problem. The current procedure is to use rd.blacklist=module_name, however, that doesn't cover the case after the initramfs and before a boot prompt (where one is supposed to use /etc/modprobe.d/blacklist.conf to blacklist runtime loading). Using rd.shell to get an early prompt is hit-or-miss, and doesn't cover all situations AFAICT. This patch adds this functionality of permanently blacklisting a module by its name via the kernel parameter module_blacklist=module_name. [v2]: Rusty, use core_param() instead of __setup(), and drop struct which simplifies things. Signed-off-by: Prarit Bhargava Cc: Jonathan Corbet Cc: Rusty Russell Cc: linux-doc@vger.kernel.org --- Documentation/kernel-parameters.txt | 3 +++ kernel/module.c | 25 +++++++++++++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt index 82b42c958d1c..c720b96f2efc 100644 --- a/Documentation/kernel-parameters.txt +++ b/Documentation/kernel-parameters.txt @@ -2295,6 +2295,9 @@ bytes respectively. Such letter suffixes can also be entirely omitted. Note that if CONFIG_MODULE_SIG_FORCE is set, that is always true, so this option does nothing. + module_blacklist= [KNL] Do not load a comma-separated list of + modules. Useful for debugging problem modules. + mousedev.tap_time= [MOUSE] Maximum time between finger touching and leaving touchpad surface for touch to be considered diff --git a/kernel/module.c b/kernel/module.c index 5f71aa63ed2a..5ff5287b19a8 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -3155,6 +3155,28 @@ int __weak module_frob_arch_sections(Elf_Ehdr *hdr, return 0; } +/* module_blacklist is a comma-separated list of module names */ +static char *module_blacklist; +static bool blacklisted(char *module_name) +{ + char *str, *entry; + + if (!module_blacklist) + return false; + + str = module_blacklist; + do { + entry = strsep(&str, ","); + if (!strcmp(module_name, entry)) { + pr_info("module %s is blacklisted\n", module_name); + return true; + } + } while (str); + + return false; +} +core_param(module_blacklist, module_blacklist, charp, 0400); + static struct module *layout_and_allocate(struct load_info *info, int flags) { /* Module within temporary copy. */ @@ -3165,6 +3187,9 @@ static struct module *layout_and_allocate(struct load_info *info, int flags) if (IS_ERR(mod)) return mod; + if (blacklisted(mod->name)) + return ERR_PTR(-EPERM); + err = check_modinfo(mod, info, flags); if (err) return ERR_PTR(err); -- 1.7.9.3