Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp992259ybh; Thu, 12 Mar 2020 15:04:52 -0700 (PDT) X-Google-Smtp-Source: ADFU+vveKVzUsxkf3Ie/Z3b4is/TTGXysJBeRR7edvgE+CRmHdT+MM8Mx8Fmghs9gueMVa0VQJWQ X-Received: by 2002:a54:4396:: with SMTP id u22mr4554510oiv.128.1584050692207; Thu, 12 Mar 2020 15:04:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584050692; cv=none; d=google.com; s=arc-20160816; b=lpSlrULKTQkQK9PJEdQjuz6U3ioN51tbjVbLbaTth4k77xEcGSSog/g7j4FnPcpGhH fUo6C+JkcTSZDUvJ19LqZmR3rOmUwUloux+i3O/4E5mx/01H1vWyJpmoW6ogcvGvodav DYcc6Dcno2jpXCyWaQEMBLlncDqxz9EMEuj5n/w4ygUEbVX4WBfDwk/t3CLoHJjyfcjw 0qXpn+1Om2eJsFYSZ79DSoOKKx89yXLcHiUFW+eEjh7D6Qin0TuPxv6MH3sRPYAWyihs DpB+61wwesf7OyOPzO3TPtgJdiz7op0Fxgm5sMvZI2C5bJP3CEYcsG2ZEczYXomWbQof +KaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:message-id:references :in-reply-to:subject:cc:date:to:from; bh=K3pFbI+aDgHmIk9dRdjJBWj2GK4AINY8MtbMkh1lIkg=; b=UMr3IzVXgkx8Ypd1h/Q2vfW6C2F4ECC8jVCnwK9nI3qt3/RJuPbop8lOUP72UiKSp0 ga57VtmTVlUe6z3ZAGq4up6s2Kz39Xv2SGFJY/fehkc1p9ObZ8jnT++KIwKXV6CpKO/q q++R7lwlNjliGzaMSpXWBe6hgyWS49oOX6giO/mF4eLd+p4CLpEp/zedexTcroB8xPoJ 14moPlCd5ZHX+9jdSN74E4hM/0Pa67F9Bq0honDyM1crP3YqooTTpWBgrkpjsiEehZBk 7jlFxpKF31H8R6dMoOHrFbWGV7g9YfKw31SStJ/AlabgA9omna941yXoBovJo6d6ROhD bXlA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l17si3612477otn.221.2020.03.12.15.04.38; Thu, 12 Mar 2020 15:04:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726605AbgCLWEP (ORCPT + 99 others); Thu, 12 Mar 2020 18:04:15 -0400 Received: from mx2.suse.de ([195.135.220.15]:51134 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726514AbgCLWEO (ORCPT ); Thu, 12 Mar 2020 18:04:14 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay2.suse.de (unknown [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 4CFC0AD10; Thu, 12 Mar 2020 22:04:12 +0000 (UTC) From: NeilBrown To: Eric Biggers , linux-kernel@vger.kernel.org Date: Fri, 13 Mar 2020 09:04:01 +1100 Cc: linux-fsdevel@vger.kernel.org, Alexei Starovoitov , Andrew Morton , Greg Kroah-Hartman , Jeff Vander Stoep , Jessica Yu , Kees Cook , Luis Chamberlain , NeilBrown Subject: Re: [PATCH v2 3/4] docs: admin-guide: document the kernel.modprobe sysctl In-Reply-To: <20200312202552.241885-4-ebiggers@kernel.org> References: <20200312202552.241885-1-ebiggers@kernel.org> <20200312202552.241885-4-ebiggers@kernel.org> Message-ID: <87lfo5telq.fsf@notabene.neil.brown.name> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, Mar 12 2020, Eric Biggers wrote: > From: Eric Biggers > > Document the kernel.modprobe sysctl in the same place that all the other > kernel.* sysctls are documented. Make sure to mention how to use this > sysctl to completely disable module autoloading, and how this sysctl > relates to CONFIG_STATIC_USERMODEHELPER. > > Cc: Alexei Starovoitov > Cc: Andrew Morton > Cc: Greg Kroah-Hartman > Cc: Jeff Vander Stoep > Cc: Jessica Yu > Cc: Kees Cook > Cc: Luis Chamberlain > Cc: NeilBrown > Signed-off-by: Eric Biggers > --- > Documentation/admin-guide/sysctl/kernel.rst | 25 ++++++++++++++++++++- > 1 file changed, 24 insertions(+), 1 deletion(-) > > diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/= admin-guide/sysctl/kernel.rst > index def074807cee9..454f3402ed321 100644 > --- a/Documentation/admin-guide/sysctl/kernel.rst > +++ b/Documentation/admin-guide/sysctl/kernel.rst > @@ -49,7 +49,7 @@ show up in /proc/sys/kernel: > - kexec_load_disabled > - kptr_restrict > - l2cr [ PPC only ] > -- modprobe =3D=3D> Documentation/debugging-modules.txt > +- modprobe > - modules_disabled > - msg_next_id [ sysv ipc ] > - msgmax > @@ -444,6 +444,29 @@ l2cr: (PPC only) > This flag controls the L2 cache of G3 processor boards. If > 0, the cache is disabled. Enabled if nonzero. >=20=20 > +modprobe: > +=3D=3D=3D=3D=3D=3D=3D=3D=3D > + > +The path to the usermode helper for autoloading kernel modules, by > +default "/sbin/modprobe". This binary is executed when the kernel > +requests a module. For example, if userspace passes an unknown > +filesystem type "foo" to mount(), then the kernel will automatically > +request the module "fs-foo.ko" by executing this usermode helper. I don't think it is right to add the ".ko" there. The string "fs-foo" is what is passed to the named executable, and it make well end up loading "bar.ko", depending what aliases are set up. I would probably write '... request the module named 'fs-foo" by executing= ..' (The "name" for a module can come from the file that stores it, and alias inside it, or configuration in modprobe.d). Thanks, NeilBrown > +This usermode helper should insert the needed module into the kernel. > + > +This sysctl only affects module autoloading. It has no effect on the > +ability to explicitly insert modules. > + > +If this sysctl is set to the empty string, then module autoloading is > +completely disabled. The kernel will not try to execute a usermode > +helper at all, nor will it call the kernel_module_request LSM hook. > + > +If CONFIG_STATIC_USERMODEHELPER=3Dy is set in the kernel configuration, > +then the configured static usermode helper overrides this sysctl, > +except that the empty string is still accepted to completely disable > +module autoloading as described above. > + > +Also see Documentation/debugging-modules.txt. >=20=20 > modules_disabled: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > --=20 > 2.25.1 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEG8Yp69OQ2HB7X0l6Oeye3VZigbkFAl5qsdIACgkQOeye3VZi gbn66xAAoMNNHX1PULvhsHSbkF3UGaE7PJY1e+MKP/fPDfQivfsYuhR4s89O4Cw7 /DFNbtCBNmGLnb6I1CDP9LDTFT18HxuSojFxnr1DvEImeDL/YNcvPk2EtkPbd6f/ Mcm9zW4yvv1QvKmHnw+ukncp4M1J/KBVMMXJzFXAhWmOi9oFqYLMzKgNlroNqe2P bn4Q1mJ4fRWnkModSNQJcqGXy46rmsc/ef2J6IYTsZGMNI0xig1zgT3FJNjQMCt6 Nga0sI9wPWlT9rsKRNBdmb6TJ6vUMqEpOZ3SHKgqnZPF6k5K7sayWbTnKnnbbblI flRf8QC302BfEkMumI3n3JZrXvU24kE7O+o7cSGFUBiQX759/KETGVJOKqQ0ZOc2 IheqvM4U1+1XOfnLVRX2+hbMN6b3IxPX1+U0kV5KCZxU3526MNIxDqbi8XnjK/QS s2OM60IUR0mAwZRFoKt0ca54eRuFhsG+fA9EWw7FuQy5tOMPJ0c9KY+PRY9P8OmU CfrmU7NzTzXZgkcieVn9oBy27U7n3yttCfrzoIM2jTfNWJHlX3Eg0yzZR1+lDLeU QiR36E8E/UT+S8ELBITSj5kMJ3+hWubsCzWRNwP6ZXqkjMnaPFyx7Sl3H/tehDiq qjhSV7vh9sT5XAuOQgngCh6s2/C5m28g3Mm6YKC1D/zRXnSvl7E= =4QNp -----END PGP SIGNATURE----- --=-=-=--