Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1140984ybh; Thu, 12 Mar 2020 18:08:45 -0700 (PDT) X-Google-Smtp-Source: ADFU+vsA41MhA7vDMcd5Fy0uxay73l9VzLKRei4k4pFU/tuTqr/NQhdu1u+6lill5JMvk4dvZ3Ja X-Received: by 2002:aca:d503:: with SMTP id m3mr4130846oig.165.1584061725250; Thu, 12 Mar 2020 18:08:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584061725; cv=none; d=google.com; s=arc-20160816; b=pmsLFCDikhuqo/TnkC7nc0rrEJN0mA4G7dZ/b2zMCR6zrg3nhV++e0Yk7oftJlcjoM qAV5sOkBejyOnqy2+N/JXPjXuh1C7Bdc3yi2FWE7f8YRqmFqt2/aoMK72ZsDVWvNC5CU OvHJEeA5nQeiRLDu43Ln23VbAmCV3ADkPmqWoaCjYVzTh5m+gU+LrW2RdjKPlvLgtJJn 0YUTrZqAjHuLno9nd02VFvxkS282z7unViCUc1kg5G8SuQsehRE/p1yiwaQHsd0daNGv QhiUNJfwc6iXdvOjYwPc9CyVMdt04zWM5gACaOHYVXiNKHAyPnY5ynd+265PzDwW+m5m M5tw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=p1y55cnlFR5XIWnQzxqAJ77CuRfysEOntt316s397dE=; b=1FaqYcpZDPGSS0ZT1p28NRoi15iF92RcFsU6v95EgGGB4y+/OwAticoIQGUbyCJ8H9 +9yFJWgp1v8DNn16hHlu1NEgWY8K97Jyyab/c/UYvDFKJc57Mq3A282lpseMcqvugsZF 4ApKkITheYgBj0LadYeZnQ3oZrSqiQFDsImJ+1cSAvBuILEd/kdVV7TEcZQV4bzvXPmm ofCHISwVoxzzzAhEgEVYcoW/dMpVnpd1fMIQ9MXzlwNZ1YfC68suydrQRhJefkteNsBB YTqvJ7O5OI74wW0RCh9oHlrxWoTZWyLclmJoNOW7arHnLVvCZ2H0aKA0AGQFjjvb91iD 5m7A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c24si3526137otf.248.2020.03.12.18.08.32; Thu, 12 Mar 2020 18:08:45 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727085AbgCMBHa (ORCPT + 99 others); Thu, 12 Mar 2020 21:07:30 -0400 Received: from mail-pf1-f196.google.com ([209.85.210.196]:41680 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726647AbgCMBHa (ORCPT ); Thu, 12 Mar 2020 21:07:30 -0400 Received: by mail-pf1-f196.google.com with SMTP id z65so4161942pfz.8; Thu, 12 Mar 2020 18:07:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=p1y55cnlFR5XIWnQzxqAJ77CuRfysEOntt316s397dE=; b=tYPjoAxWpUvTByRIrpV3+ZBaSj85zKl6daSyvjUdTpth+1b76YQDPF7yONc6kXab3Q oHoW1kqGQ/rYv0YacjJsHsS1ORNLiiNqvGW036ICnNjaabIN6mpOOo3iWKcb34P8oOoD 2tGG6f8MJkXfhZfVF3idh0poGismbfjUUuZp/B+2BFaloClGViDLrBhmY+jlQ/fakCWC DmmIu3gxOul7mfDf9Uofx5nOK63/mpm0Pr1V9pJHq1cF/GQuVOj/xVm0bIb74Dhn0TVv ZWC+OLDom9sEB8XS0aW725ZG2y2LHhlhwOsffGUe/rvWTySJawenZLVT8x5LvRMvKxTl KCiA== X-Gm-Message-State: ANhLgQ05iBA7luvBTCN9IzvzuU502NmvcFe/QufT/Yg8H23VVyp1r5z/ NQ/PkjSDMhzLatGbdbGttY8= X-Received: by 2002:a63:b21b:: with SMTP id x27mr10599525pge.310.1584061649053; Thu, 12 Mar 2020 18:07:29 -0700 (PDT) Received: from 42.do-not-panic.com (42.do-not-panic.com. [157.230.128.187]) by smtp.gmail.com with ESMTPSA id v133sm45358821pfc.68.2020.03.12.18.07.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Mar 2020 18:07:27 -0700 (PDT) Received: by 42.do-not-panic.com (Postfix, from userid 1000) id 240364028E; Fri, 13 Mar 2020 01:07:27 +0000 (UTC) Date: Fri, 13 Mar 2020 01:07:27 +0000 From: Luis Chamberlain To: NeilBrown Cc: Eric Biggers , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Alexei Starovoitov , Andrew Morton , Greg Kroah-Hartman , Jeff Vander Stoep , Jessica Yu , Kees Cook , NeilBrown Subject: Re: [PATCH v2 3/4] docs: admin-guide: document the kernel.modprobe sysctl Message-ID: <20200313010727.GT11244@42.do-not-panic.com> References: <20200312202552.241885-1-ebiggers@kernel.org> <20200312202552.241885-4-ebiggers@kernel.org> <87lfo5telq.fsf@notabene.neil.brown.name> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="YD3LsXFS42OYHhNZ" Content-Disposition: inline In-Reply-To: <87lfo5telq.fsf@notabene.neil.brown.name> User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --YD3LsXFS42OYHhNZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Mar 13, 2020 at 09:04:01AM +1100, NeilBrown wrote: > On Thu, Mar 12 2020, Eric Biggers wrote: >=20 > > From: Eric Biggers > > > > Document the kernel.modprobe sysctl in the same place that all the other > > kernel.* sysctls are documented. Make sure to mention how to use this > > sysctl to completely disable module autoloading, and how this sysctl > > relates to CONFIG_STATIC_USERMODEHELPER. > > > > Cc: Alexei Starovoitov > > Cc: Andrew Morton > > Cc: Greg Kroah-Hartman > > Cc: Jeff Vander Stoep > > Cc: Jessica Yu > > Cc: Kees Cook > > Cc: Luis Chamberlain > > Cc: NeilBrown > > Signed-off-by: Eric Biggers > > --- > > Documentation/admin-guide/sysctl/kernel.rst | 25 ++++++++++++++++++++- > > 1 file changed, 24 insertions(+), 1 deletion(-) > > > > diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentatio= n/admin-guide/sysctl/kernel.rst > > index def074807cee9..454f3402ed321 100644 > > --- a/Documentation/admin-guide/sysctl/kernel.rst > > +++ b/Documentation/admin-guide/sysctl/kernel.rst > > @@ -49,7 +49,7 @@ show up in /proc/sys/kernel: > > - kexec_load_disabled > > - kptr_restrict > > - l2cr [ PPC only ] > > -- modprobe =3D=3D> Documentation/debugging-modules.= txt > > +- modprobe > > - modules_disabled > > - msg_next_id [ sysv ipc ] > > - msgmax > > @@ -444,6 +444,29 @@ l2cr: (PPC only) > > This flag controls the L2 cache of G3 processor boards. If > > 0, the cache is disabled. Enabled if nonzero. > > =20 > > +modprobe: > > +=3D=3D=3D=3D=3D=3D=3D=3D=3D > > + > > +The path to the usermode helper for autoloading kernel modules, by > > +default "/sbin/modprobe". This binary is executed when the kernel > > +requests a module. For example, if userspace passes an unknown > > +filesystem type "foo" to mount(), then the kernel will automatically > > +request the module "fs-foo.ko" by executing this usermode helper. >=20 > I don't think it is right to add the ".ko" there. The string "fs-foo" > is what is passed to the named executable, and it make well end up > loading "bar.ko", depending what aliases are set up. > I would probably write '... request the module named 'fs-foo" by executi= ng..' And that is just because filesystems, in this case a mount call, will use the fs- prefix for aliases. This is tribal knowledge in the context above, and so someone not familiar with this won't easily grasp this. Is there an easier autoloading example other than filesystems we can use th= at doesn't require you to explain the aliasing thing? What is module autoloading? Where is this documented ? If that can be slightly clarified this would be even easier to understand as well. Luis > (The "name" for a module can come from the file that stores it, and > alias inside it, or configuration in modprobe.d). >=20 > Thanks, > NeilBrown >=20 >=20 > > +This usermode helper should insert the needed module into the kernel. > > + > > +This sysctl only affects module autoloading. It has no effect on the > > +ability to explicitly insert modules. > > + > > +If this sysctl is set to the empty string, then module autoloading is > > +completely disabled. The kernel will not try to execute a usermode > > +helper at all, nor will it call the kernel_module_request LSM hook. > > + > > +If CONFIG_STATIC_USERMODEHELPER=3Dy is set in the kernel configuration, > > +then the configured static usermode helper overrides this sysctl, > > +except that the empty string is still accepted to completely disable > > +module autoloading as described above. > > + > > +Also see Documentation/debugging-modules.txt. > > =20 > > modules_disabled: > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > --=20 > > 2.25.1 --YD3LsXFS42OYHhNZ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEENnNq2KuOejlQLZofziMdCjCSiKcFAl5q3M4ACgkQziMdCjCS iKdvtA//fmhoJkZ3Et5nHDbpWXGMr6uHdxlQqkt7Ai7fvX/IDYHHqDhdKadWyftD jXEgyOIxfuicMFFY3cjRQL4wqpG7fTnY8ZLLLSZHd26fFqLMQxgQRPVJsW4WLeR/ G2yhcnzcnlLsRVczxUP7vZRwTpTCZHxH2W/SiyXIb8LRp1obEwYUlklc8L9+IX68 h7z/0f8KEJJTO8DEWCD2wKOBi9LkSmI1m4pMLalJ9AOTvyWDSxQWFQpj+kvcC6yG WjTdkTiIlGIrFUcg9fNN5HumbFo8LU4+121p3jA3BtdBRG+sS0s6sZTN0BpHZdGe tjhuq44cq6xgMsxZb5mfwSnmHptGgmCqda1wzmgNTdc9WUDNNHHlehjdXhyqVIYZ wl1NgMDggZ2iqq1p+B2iw5eON9h4e1Nkx46ZGB0D9maqMXby7vV3SduZick8M5pK IQYYNeILufSCqz2d8HMFE+PCUk0jwGObzxxcwLE6seK4G+5+syptX4NDVbw/KTtf HxYw+F2B1CRjZrUxnqtTOqxyd0eRTArWeoWI6VWiYupMvwsTw1m88GPR6Tv/j9fz cAgvzZ7xv5dlOchWH8XXhfpz2ON8DZT/9puhoNMcoWXMdT+R7VSXl6c8OG6HMJ7k qpH4P9khGasEjyi7XWJe/B6RVJRTE9y8jcB6cmMvWHIGLOOKM+k= =Kxfs -----END PGP SIGNATURE----- --YD3LsXFS42OYHhNZ--