On Wed, Mar 11, 2020 at 06:01:07PM +0000, Luis Chamberlain wrote:
On Wed, Mar 11, 2020 at 10:41:34AM -0700, Eric Biggers wrote:
On Wed, Mar 11, 2020 at 10:28:07AM -0700, Kees Cook wrote:
On Tue, Mar 10, 2020 at 03:37:31PM -0700, Eric Biggers wrote:
From: Eric Biggers ebiggers@google.com
It's long been possible to disable kernel module autoloading completely by setting /proc/sys/kernel/modprobe to the empty string. This can be
Hunh. I've never seen that before. :) I've always used;
echo 1 > /proc/sys/kernel/modules_disabled
Regardless,
Reviewed-by: Kees Cook keescook@chromium.org
modules_disabled is different because it disables *all* module loading, not just autoloading.
Clarifying this on your patch would be useful, otherwise its lost tribal knowledge.
I think it would be more useful to improve the documentation in proc(5) and Documentation/admin-guide/sysctl/kernel.rst. People shouldn't have to read random kernel commit messages to find the documentation.
I'll send out patches for those.
- Eric