On Sun, 10 Sep 2017, Maxime Villard wrote:
Re-thinking about this again, it seems to me we could simply add a flags field in modinfo_t, with a bit that says "if this module is builtin, then don't load it". To use compat_xyz, you'll have to type modload, and the kernel will load the module from the builtin list. Something like [1] (from memory, not tested at all). Obviously this patch is not complete, since we need to update each MODULE(). While it is clear that it does not solve the cross-dependency issue we're having, it does reduce the attack surface almost as much as if the module was not builtin, with very little effort. Cheap, but relevant. [1] http://m00nbsd.net/garbage/module/noload.diff
Well, probably not quite what you wanted, but if a module is built-in you can disable it by using modunload(8). Any built-in module which has been disabled in this manner needs to be explicitly reload manually, and you'll need to additionally specify the -f option to modload(8).
Perhaps /etc/rc.d/modules can be updated to have both a load and an unload phase, with appropriate syntax for the associated config file.
This would be a lot cleaner IMHO than updating individual modules. +------------------+--------------------------+----------------------------+ | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | | (Retired) | FA29 0E3B 35AF E8AE 6651 | paul at whooppee dot com | | Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd dot org | +------------------+--------------------------+----------------------------+