From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 25 02:22:26 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 3D3D1106566C
	for <questions@freebsd.org>; Thu, 25 Feb 2010 02:22:26 +0000 (UTC)
	(envelope-from cpghost@cordula.ws)
Received: from mail-bw0-f216.google.com (mail-bw0-f216.google.com
	[209.85.218.216])
	by mx1.freebsd.org (Postfix) with ESMTP id CF7DD8FC0C
	for <questions@freebsd.org>; Thu, 25 Feb 2010 02:22:21 +0000 (UTC)
Received: by bwz8 with SMTP id 8so393071bwz.3
	for <questions@freebsd.org>; Wed, 24 Feb 2010 18:22:18 -0800 (PST)
MIME-Version: 1.0
Received: by 10.204.33.71 with SMTP id g7mr281421bkd.201.1267062952270; Wed, 
	24 Feb 2010 17:55:52 -0800 (PST)
X-Originating-IP: [213.146.115.42]
In-Reply-To: <201002242247.o1OMlPov010540@mail.r-bonomi.com>
References: <201002242247.o1OMlPov010540@mail.r-bonomi.com>
Date: Thu, 25 Feb 2010 02:55:52 +0100
Message-ID: <d74eb87c1002241755q576ed48bwd04fbbedbe290bc9@mail.gmail.com>
From: "C. P. Ghost" <cpghost@cordula.ws>
To: Robert Bonomi <bonomi@mail.r-bonomi.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: questions@freebsd.org
Subject: Re: how to disable loadable kernel moduels?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Feb 2010 02:22:26 -0000

On Wed, Feb 24, 2010 at 11:47 PM, Robert Bonomi
<bonomi@mail.r-bonomi.com> wrote:
>
> Can somebody point me towrads the source module(s) that contain the
> syscall 'dispatch' code and/or the loadable module implementation.

According to /usr/src/sys/kern/syscalls.master, the kldload() syscall
ID is 304:
  304     AUE_MODLOAD     STD     { int kldload(const char *file); }

You may also want to look at /usr/src/sys/kern/kern_linker.c
which contains kern_kldload(), kldload()  and others. You could
try to short-circuit one of them, by returning immediately some
appropriate E* error code, as in:

int
kern_kldload(struct thread *td, const char *file, int *fileid)
{
#ifdef DISABLE_KLDLOAD_ALWAYS
    return ENOSYS;
#endif
    /* the remaining of kern_kldload() goes here... */
}

Maybe this would be enough to disable KLD loading entirely?

> I'm looking to either disable the kernel function ENTIRELY, *or* (in
> the spirit of 'making life difficult for the bad guys') letting it
> do everything it normally does, *except* actually installing the module
> _functionality_ -- i.e., kldload executes w/o error, kldstat shows that
> the module "is" loaded, etc.; but any attempt to _use_ the functionality
> therein is a no-op.

Regards,
-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/