diff options
author | James Morris <jmorris@namei.org> | 2009-06-10 21:03:14 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-06-10 21:03:14 -0400 |
commit | 73fbad283cfbbcf02939bdbda31fc4a30e729cca (patch) | |
tree | 7c89fe13e1b4a2c7f2d60f4ea6eaf69c14bccab7 /kernel/module.c | |
parent | 769f3e8c384795cc350e2aae27de2a12374d19d4 (diff) | |
parent | 35f2c2f6f6ae13ef23c4f68e6d3073753077ca43 (diff) |
Merge branch 'next' into for-linus
Diffstat (limited to 'kernel/module.c')
-rw-r--r-- | kernel/module.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/kernel/module.c b/kernel/module.c index e797812a4d95..cb3887e770e2 100644 --- a/kernel/module.c +++ b/kernel/module.c | |||
@@ -72,6 +72,9 @@ DEFINE_MUTEX(module_mutex); | |||
72 | EXPORT_SYMBOL_GPL(module_mutex); | 72 | EXPORT_SYMBOL_GPL(module_mutex); |
73 | static LIST_HEAD(modules); | 73 | static LIST_HEAD(modules); |
74 | 74 | ||
75 | /* Block module loading/unloading? */ | ||
76 | int modules_disabled = 0; | ||
77 | |||
75 | /* Waiting for a module to finish initializing? */ | 78 | /* Waiting for a module to finish initializing? */ |
76 | static DECLARE_WAIT_QUEUE_HEAD(module_wq); | 79 | static DECLARE_WAIT_QUEUE_HEAD(module_wq); |
77 | 80 | ||
@@ -777,7 +780,7 @@ SYSCALL_DEFINE2(delete_module, const char __user *, name_user, | |||
777 | char name[MODULE_NAME_LEN]; | 780 | char name[MODULE_NAME_LEN]; |
778 | int ret, forced = 0; | 781 | int ret, forced = 0; |
779 | 782 | ||
780 | if (!capable(CAP_SYS_MODULE)) | 783 | if (!capable(CAP_SYS_MODULE) || modules_disabled) |
781 | return -EPERM; | 784 | return -EPERM; |
782 | 785 | ||
783 | if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0) | 786 | if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0) |
@@ -2336,7 +2339,7 @@ SYSCALL_DEFINE3(init_module, void __user *, umod, | |||
2336 | int ret = 0; | 2339 | int ret = 0; |
2337 | 2340 | ||
2338 | /* Must have permission */ | 2341 | /* Must have permission */ |
2339 | if (!capable(CAP_SYS_MODULE)) | 2342 | if (!capable(CAP_SYS_MODULE) || modules_disabled) |
2340 | return -EPERM; | 2343 | return -EPERM; |
2341 | 2344 | ||
2342 | /* Only one module load at a time, please */ | 2345 | /* Only one module load at a time, please */ |