how to disable loadable kernel moduels?
C. P. Ghost
cpghost at cordula.ws
Thu Feb 25 02:22:26 UTC 2010
On Wed, Feb 24, 2010 at 11:47 PM, Robert Bonomi
<bonomi at mail.r-bonomi.com> wrote:
>
> Can somebody point me towrads the source module(s) that contain the
> syscall 'dispatch' code and/or the loadable module implementation.
According to /usr/src/sys/kern/syscalls.master, the kldload() syscall
ID is 304:
304 AUE_MODLOAD STD { int kldload(const char *file); }
You may also want to look at /usr/src/sys/kern/kern_linker.c
which contains kern_kldload(), kldload() and others. You could
try to short-circuit one of them, by returning immediately some
appropriate E* error code, as in:
int
kern_kldload(struct thread *td, const char *file, int *fileid)
{
#ifdef DISABLE_KLDLOAD_ALWAYS
return ENOSYS;
#endif
/* the remaining of kern_kldload() goes here... */
}
Maybe this would be enough to disable KLD loading entirely?
> I'm looking to either disable the kernel function ENTIRELY, *or* (in
> the spirit of 'making life difficult for the bad guys') letting it
> do everything it normally does, *except* actually installing the module
> _functionality_ -- i.e., kldload executes w/o error, kldstat shows that
> the module "is" loaded, etc.; but any attempt to _use_ the functionality
> therein is a no-op.
Regards,
-cpghost.
--
Cordula's Web. http://www.cordula.ws/
More information about the freebsd-questions
mailing list