Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Kernel modules disabled in gentoo-sources on iBook G4.
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo on PPC
View previous topic :: View next topic  
Author Message
lekto
Apprentice
Apprentice


Joined: 20 Sep 2014
Posts: 207
Location: Ancient Rome
PostPosted: Mon May 23, 2022 4:10 pm    Post subject: Kernel modules disabled in gentoo-sources on iBook G4. Reply with quote
Hi, I'm trying to configure new kernel (5.15.41) from scratch and modules are disabled. I tried few devices and there is no option to build them as modules. When I searched for modules I got this:
Code:
Symbol: MODULES [=n]
Type  : bool
Defined at init/Kconfig:2063
  Prompt: Enable loadable module support

There is not any "Depends on" or "Selected by". What am I missing?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54577
Location: 56N 3W
PostPosted: Mon May 23, 2022 4:27 pm    Post subject: Reply with quote
lekto,

Code:
[*] Enable loadable module support  --->

Can you turn that on?

Its not an error to make a kernel that does not support loadable modules. From a security perspective, its a good thing but it prevents the use of out of tree modules.
In tree 'modules' must be built in or omitted. There is only <*> or < >.

The downside to not using modules is getting firmware right. That has to be built into the kernel binary too.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
lekto
Apprentice
Apprentice


Joined: 20 Sep 2014
Posts: 207
Location: Ancient Rome
PostPosted: Mon May 23, 2022 4:58 pm    Post subject: Reply with quote
Thanks, I don't know how I missed that, searching for modules in plural form didn't helped.

NeddySeagoon wrote:
[…]From a security perspective, its a good thing […]

I've never understood this argument - to load any malicious module you need to have the root access, so it's game over anyway.
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22634
PostPosted: Mon May 23, 2022 6:19 pm    Post subject: Reply with quote
Loading modules requires a specific subset of root access. You should not assume that an attacker who acquires that one specific type of root access has all root privileges. History is filled with examples of partial compromises, where an attacker can do some particular subset of operations as root, but does not have an unrestricted root shell from which to run arbitrary commands. By denying module loading, the administrator can prevent an attacker who has module load permission from using that to gain other permissions. If module load permission is the only thing the attacker has managed to compromise, then a no-modules system is immune.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo on PPC All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy