how to disable loadable kernel moduels?

C. P. Ghost cpghost at cordula.ws
Thu Feb 25 02:22:26 UTC 2010


On Wed, Feb 24, 2010 at 11:47 PM, Robert Bonomi
<bonomi at mail.r-bonomi.com> wrote:
>
> Can somebody point me towrads the source module(s) that contain the
> syscall 'dispatch' code and/or the loadable module implementation.

According to /usr/src/sys/kern/syscalls.master, the kldload() syscall
ID is 304:
  304     AUE_MODLOAD     STD     { int kldload(const char *file); }

You may also want to look at /usr/src/sys/kern/kern_linker.c
which contains kern_kldload(), kldload()  and others. You could
try to short-circuit one of them, by returning immediately some
appropriate E* error code, as in:

int
kern_kldload(struct thread *td, const char *file, int *fileid)
{
#ifdef DISABLE_KLDLOAD_ALWAYS
    return ENOSYS;
#endif
    /* the remaining of kern_kldload() goes here... */
}

Maybe this would be enough to disable KLD loading entirely?

> I'm looking to either disable the kernel function ENTIRELY, *or* (in
> the spirit of 'making life difficult for the bad guys') letting it
> do everything it normally does, *except* actually installing the module
> _functionality_ -- i.e., kldload executes w/o error, kldstat shows that
> the module "is" loaded, etc.; but any attempt to _use_ the functionality
> therein is a no-op.

Regards,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/


More information about the freebsd-questions mailing list