* [PATCH v5 0/2] module: Extend blacklist parameter to support built-in modules
@ 2026-07-18 5:13 Aaron Tomlin
2026-07-18 5:13 ` [PATCH v5 1/2] module: Extend module_blacklist parameter to " Aaron Tomlin
2026-07-18 5:13 ` [PATCH v5 2/2] module: Rename module_blacklist to module_denylist Aaron Tomlin
0 siblings, 2 replies; 6+ messages in thread
From: Aaron Tomlin @ 2026-07-18 5:13 UTC (permalink / raw)
To: arnd, mcgrof, petr.pavlu, da.gomez, samitolvanen, peterz
Cc: akpm, mhiramat, atomlin, neelx, da.anzani, sean, chjohnst, steve,
mproche, nick.lane, linux-arch, linux-modules, linux-kernel
Currently, the "module_blacklist=" command-line parameter only applies to
loadable modules. If a module is built-in, the parameter is silently
ignored. This patch series extends the blacklisting functionality to
built-in modules by intercepting their initialisation routines during early
boot.
Following review feedback, the implementation has been split into two
separate changes to decouple the introduction of the new feature from the
terminology renaming:
1. The first patch extends the "module_blacklist=" parameter to
built-in modules using the original blacklist terminology. It
introduces the ".initcall.modnames" section to map initcall
function pointers to their associated KBUILD_MODNAME strings
(restricted only to module_init() invocations to save memory and
avoid matching core kernel subsystems). It also implements temporal
boundary checks to prevent use-after-free (UAF) risks when loading
dynamic modules, and a fast-path check to eliminate lookup overhead
during boot when the parameter is not in use
2. The second patch renames the variables and helper functions to
adopt the preferred "module_denylist=" and module_is_denylisted()
terminology in the codebase. To preserve the existing user-space
ABI, "module_blacklist=" is kept as a legacy alias pointing to the
same module_denylist variable
Aaron Tomlin (2):
module: Extend module_blacklist parameter to built-in modules
module: Rename module_blacklist to module_denylist
include/asm-generic/vmlinux.lds.h | 4 ++-
include/linux/init.h | 24 +++++++++++++++-
include/linux/module.h | 5 +++-
init/main.c | 47 +++++++++++++++++++++++++++++++
kernel/module/main.c | 24 ++--------------
5 files changed, 79 insertions(+), 25 deletions(-)
--
2.54.0
^ permalink raw reply [flat|nested] 6+ messages in thread* [PATCH v5 1/2] module: Extend module_blacklist parameter to built-in modules 2026-07-18 5:13 [PATCH v5 0/2] module: Extend blacklist parameter to support built-in modules Aaron Tomlin @ 2026-07-18 5:13 ` Aaron Tomlin 2026-07-18 5:33 ` sashiko-bot 2026-07-18 14:26 ` Aaron Tomlin 2026-07-18 5:13 ` [PATCH v5 2/2] module: Rename module_blacklist to module_denylist Aaron Tomlin 1 sibling, 2 replies; 6+ messages in thread From: Aaron Tomlin @ 2026-07-18 5:13 UTC (permalink / raw) To: arnd, mcgrof, petr.pavlu, da.gomez, samitolvanen, peterz Cc: akpm, mhiramat, atomlin, neelx, da.anzani, sean, chjohnst, steve, mproche, nick.lane, linux-arch, linux-modules, linux-kernel Currently, the "module_blacklist=" command-line parameter only applies to loadable modules. If a module is built-in, the parameter is silently ignored. This patch extends the blacklisting functionality to built-in modules by intercepting their initialisation routines during early boot. To achieve this, we introduce a new ".initcall.modnames" memory section. For each built-in module, we use a standard C structure (i.e., struct initcall_modname) to map its initcall function pointer to its associated KBUILD_MODNAME string. This mapping is restricted only to files implementing built-in modules via module_init() to avoid mapping core kernel subsystems and save memory. During boot, do_one_initcall() cross-references the initcall function pointer against this table. If a match is found and the module is present in the blacklist, the initcall is skipped. To make the blacklist functional on monolithic kernels, the command-line parameter parsing and the module_is_blacklisted() lookup function are decoupled from the loadable module subsystem and moved to init/main.c. This enables "module_blacklist=" to intercept built-in modules even on kernels built with CONFIG_MODULES=n. Design Considerations and Trade-offs: 1. LTO and CFI Compatibility vs. PREL32 Previous iterations of this patch attempted to use top-level inline assembly to generate 32-bit relative offsets (PREL32) to save memory. However, raw inline assembly operates blindly outside of the C compiler's visibility. When compiled with CONFIG_LTO_CLANG or CONFIG_CFI_CLANG, the compiler applies symbol renaming and generates Control Flow Integrity stubs. The raw assembly string-matching fails to track these changes, resulting in undefined references or runtime address mismatches. To resolve this, we strictly use standard C structures to hold the function pointers. This natively allows the compiler to resolve LTO renaming and map CFI stubs correctly. We trade the minor spatial optimisation of PREL32 (using absolute 64-bit pointers instead) to guarantee architectural safety under modern compiler protections. Because this metadata is placed in an ".init" section and freed entirely after boot, the temporary memory overhead is negligible. 2. Prevention of UAF (Use-After-Free) via temporal boundaries and performance optimization via fast-path check: Because do_one_initcall() is a shared path invoked by both the early boot process and runtime module loading (i.e., do_init_module()), we must prevent loadable modules from attempting to scan the ".initcall.modnames" section after it has been reclaimed by free_initmem(). To ensure safety and optimize performance, we employ two checks: - A temporal check using 'system_state < SYSTEM_FREEING_INITMEM' inside do_one_initcall() to only call get_builtin_modname() before init memory is freed. This allows get_builtin_modname() to be safely marked as '__init' without risk of execution from runtime modules. - A fast-path check evaluating whether 'module_blacklist' is populated before performing the table lookup. Since blacklisting is strictly opt-in, this avoids boot-time lookup overhead entirely under typical boot configurations. Signed-off-by: Aaron Tomlin <atomlin@atomlin.com> --- include/asm-generic/vmlinux.lds.h | 4 ++- include/linux/init.h | 24 +++++++++++++++- include/linux/module.h | 5 +++- init/main.c | 46 +++++++++++++++++++++++++++++++ kernel/module/main.c | 22 +-------------- 5 files changed, 77 insertions(+), 24 deletions(-) diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h index 5659f4b5a125..799d912dcbc0 100644 --- a/include/asm-generic/vmlinux.lds.h +++ b/include/asm-generic/vmlinux.lds.h @@ -734,7 +734,9 @@ EARLYCON_TABLE() \ LSM_TABLE() \ EARLY_LSM_TABLE() \ - KUNIT_INIT_TABLE() + KUNIT_INIT_TABLE() \ + STRUCT_ALIGN(); \ + BOUNDED_SECTION_BY(.initcall.modnames, _initcall_modnames) #define INIT_TEXT \ *(.init.text .init.text.*) \ diff --git a/include/linux/init.h b/include/linux/init.h index 40331923b9f4..74d2306497d8 100644 --- a/include/linux/init.h +++ b/include/linux/init.h @@ -271,9 +271,31 @@ extern struct module __this_module; __initcall_name(initcall, __iid, id), \ __initcall_section(__sec, __iid)) -#define ___define_initcall(fn, id, __sec) \ +#ifdef CONFIG_HAVE_ARCH_PREL32_RELOCATIONS +#define __initcall_fn_ptr(fn, __iid, id) __initcall_stub(fn, __iid, id) +#else +#define __initcall_fn_ptr(fn, __iid, id) fn +#endif + +struct initcall_modname { + initcall_t initcall_fn; + const char *modname; +}; + +#define ____define_initcall_modname(fn, id, __sec, __iid) \ + __unique_initcall(fn, id, __sec, __iid) \ + static const char __initstr_##fn[] __used __aligned(1) \ + __section(".init.rodata") = KBUILD_MODNAME; \ + static const struct initcall_modname __modname_##fn __used \ + __section(".initcall.modnames") = { \ + .initcall_fn = __initcall_fn_ptr(fn, __iid, id), \ + .modname = __initstr_##fn \ + }; + +#define ___define_initcall(fn, id, __sec) \ __unique_initcall(fn, id, __sec, __initcall_id(fn)) + #define __define_initcall(fn, id) ___define_initcall(fn, id, .initcall##id) /* diff --git a/include/linux/module.h b/include/linux/module.h index 7566815fabbe..fc1525e8f63c 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -86,7 +86,8 @@ extern void cleanup_module(void); * builtin) or at module insertion time (if a module). There can only * be one per module. */ -#define module_init(x) __initcall(x); +#define module_init(initfn) \ + ____define_initcall_modname(initfn, 6, .initcall6, __initcall_id(initfn)) /** * module_exit() - driver exit entry point @@ -883,6 +884,8 @@ static inline void module_for_each_mod(int(*func)(struct module *mod, void *data } #endif /* CONFIG_MODULES */ +bool module_is_blacklisted(const char *module_name); + #ifdef CONFIG_SYSFS extern struct kset *module_kset; extern const struct kobj_type module_ktype; diff --git a/init/main.c b/init/main.c index e363232b428b..0cf64d19b43f 100644 --- a/init/main.c +++ b/init/main.c @@ -1334,12 +1334,58 @@ static inline void do_trace_initcall_level(const char *level) } #endif /* !TRACEPOINTS_ENABLED */ +extern struct initcall_modname __start_initcall_modnames[]; +extern struct initcall_modname __stop_initcall_modnames[]; + +/* module_blacklist is a comma-separated list of module names */ +static char *module_blacklist; +bool __init_or_module module_is_blacklisted(const char *module_name) +{ + const char *p; + size_t len; + + if (!module_blacklist) + return false; + + for (p = module_blacklist; *p; p += len) { + len = strcspn(p, ","); + if (strlen(module_name) == len && !memcmp(module_name, p, len)) + return true; + if (p[len] == ',') + len++; + } + return false; +} +core_param(module_blacklist, module_blacklist, charp, 0400); + +static const char *__init get_builtin_modname(initcall_t fn) +{ + struct initcall_modname *p; + + for (p = __start_initcall_modnames; p < __stop_initcall_modnames; p++) { + if (dereference_function_descriptor(p->initcall_fn) == + dereference_function_descriptor(fn)) + return p->modname; + } + return NULL; +} + int __init_or_module do_one_initcall(initcall_t fn) { int count = preempt_count(); char msgbuf[64]; + const char *modname = NULL; int ret; + if (system_state < SYSTEM_FREEING_INITMEM && module_blacklist) { + modname = get_builtin_modname(fn); + if (modname && module_is_blacklisted(modname)) { + pr_info("Skipping initcall for blacklisted built-in module %s\n", + modname); + return 0; + } + } + if (initcall_blacklisted(fn)) return -EPERM; diff --git a/kernel/module/main.c b/kernel/module/main.c index 46dd8d25a605..5c90ebedbf68 100644 --- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -2919,26 +2919,6 @@ int __weak module_frob_arch_sections(Elf_Ehdr *hdr, return 0; } -/* module_blacklist is a comma-separated list of module names */ -static char *module_blacklist; -static bool blacklisted(const char *module_name) -{ - const char *p; - size_t len; - - if (!module_blacklist) - return false; - - for (p = module_blacklist; *p; p += len) { - len = strcspn(p, ","); - if (strlen(module_name) == len && !memcmp(module_name, p, len)) - return true; - if (p[len] == ',') - len++; - } - return false; -} -core_param(module_blacklist, module_blacklist, charp, 0400); static struct module *layout_and_allocate(struct load_info *info, int flags) { @@ -3391,7 +3371,7 @@ static int early_mod_check(struct load_info *info, int flags) * Now that we know we have the correct module name, check * if it's blacklisted. */ - if (blacklisted(info->name)) { + if (module_is_blacklisted(info->name)) { pr_err("Module %s is blacklisted\n", info->name); return -EPERM; } -- 2.54.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v5 1/2] module: Extend module_blacklist parameter to built-in modules 2026-07-18 5:13 ` [PATCH v5 1/2] module: Extend module_blacklist parameter to " Aaron Tomlin @ 2026-07-18 5:33 ` sashiko-bot 2026-07-18 14:26 ` Aaron Tomlin 1 sibling, 0 replies; 6+ messages in thread From: sashiko-bot @ 2026-07-18 5:33 UTC (permalink / raw) To: Aaron Tomlin; +Cc: linux-modules Thank you for your contribution! Sashiko AI review found 3 potential issue(s) to consider: - [High] A fatal modpost section mismatch warning occurs when CONFIG_MODULES=y because a non-__init function references an __init function. - [High] An unsynchronized TOCTOU race condition in `do_one_initcall()` allows concurrent loadable module initialization to execute freed `__init` memory and access freed `__initdata`. - [High] The temporal check `system_state < SYSTEM_FREEING_INITMEM` is vulnerable to Spectre v1 branch misprediction, leading to speculative execution of freed `__init` code and speculative reading of freed `__initdata`. -- --- Patch [1]: [PATCH v5 1/2] module: Extend module_blacklist parameter to built-in modules --- commit befcdb365a33b92bbd551da11437b39b818bdea2 Author: Aaron Tomlin <atomlin@atomlin.com> Subject: module: Extend module_blacklist parameter to built-in modules This patch extends the module_blacklist command-line parameter to apply to built-in modules by checking an .initcall.modnames table during early boot. It moves the blacklisting logic to init/main.c and intercepts initcalls in do_one_initcall(). > diff --git a/init/main.c b/init/main.c > --- a/init/main.c > +++ b/init/main.c [ ... ] > @@ -1365,12 +1365,58 @@ static const char *__init get_builtin_modname(initcall_t fn) > { > struct initcall_modname *p; > > for (p = __start_initcall_modnames; p < __stop_initcall_modnames; p++) { > if (dereference_function_descriptor(p->initcall_fn) == > dereference_function_descriptor(fn)) > return p->modname; > } > return NULL; > } > > int __init_or_module do_one_initcall(initcall_t fn) > { > int count = preempt_count(); > char msgbuf[64]; > + const char *modname = NULL; > int ret; > > + if (system_state < SYSTEM_FREEING_INITMEM && module_blacklist) { [Severity: High] Can this unsynchronized system_state check race with concurrent module loading? If a driver or subsystem schedules an asynchronous task that triggers request_module(), a worker thread could evaluate this system_state check as true. Concurrently, another CPU could advance the state and execute free_initmem(), unmapping and freeing all .init.text and .init.data pages. If this happens, the worker thread would then call get_builtin_modname(), executing freed .init.text instructions and scanning the freed .initcall.modnames array. [Severity: High] Is this temporal check vulnerable to Spectre v1 branch misprediction? During early boot, do_one_initcall() is heavily executed for built-in modules, training the CPU branch predictor to predict this condition as true. At runtime (system_state == SYSTEM_RUNNING), an unprivileged user triggering a module load might cause the CPU to speculatively mispredict the branch as true. If the branch is mispredicted, the CPU would speculatively execute a direct call to the freed .init.text section in get_builtin_modname(), potentially creating an arbitrary speculative execution gadget if an attacker has reallocated that memory. > + modname = get_builtin_modname(fn); [Severity: High] Does this introduce a modpost section mismatch warning when CONFIG_MODULES=y? When module support is enabled, __init_or_module evaluates to an empty macro, placing do_one_initcall() in the persistent .text section. Because it directly calls get_builtin_modname(), which is annotated with __init, modpost will statically flag this cross-section reference since it doesn't perform control flow analysis to evaluate the runtime system_state guard. > + if (modname && module_is_blacklisted(modname)) { > + pr_info("Skipping initcall for blacklisted built-in module %s\n", > + modname); > + return 0; > + } > + } > + > if (initcall_blacklisted(fn)) > return -EPERM; -- Sashiko AI review · https://sashiko.dev/#/patchset/20260718051350.344772-1-atomlin@atomlin.com?part=1 ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v5 1/2] module: Extend module_blacklist parameter to built-in modules 2026-07-18 5:13 ` [PATCH v5 1/2] module: Extend module_blacklist parameter to " Aaron Tomlin 2026-07-18 5:33 ` sashiko-bot @ 2026-07-18 14:26 ` Aaron Tomlin 1 sibling, 0 replies; 6+ messages in thread From: Aaron Tomlin @ 2026-07-18 14:26 UTC (permalink / raw) To: arnd, mcgrof, petr.pavlu, da.gomez, samitolvanen, peterz Cc: akpm, mhiramat, neelx, da.anzani, sean, chjohnst, steve, mproche, nick.lane, linux-arch, linux-modules, linux-kernel On Sat, Jul 18, 2026 at 01:13:49AM -0400, Aaron Tomlin wrote: > Currently, the "module_blacklist=" command-line parameter only applies > to loadable modules. If a module is built-in, the parameter is silently > ignored. This patch extends the blacklisting functionality to built-in > modules by intercepting their initialisation routines during early boot. > > To achieve this, we introduce a new ".initcall.modnames" memory section. > For each built-in module, we use a standard C structure (i.e., struct > initcall_modname) to map its initcall function pointer to its associated > KBUILD_MODNAME string. This mapping is restricted only to files implementing > built-in modules via module_init() to avoid mapping core kernel subsystems > and save memory. > > During boot, do_one_initcall() cross-references the initcall function > pointer against this table. If a match is found and the module is > present in the blacklist, the initcall is skipped. > > To make the blacklist functional on monolithic kernels, the command-line > parameter parsing and the module_is_blacklisted() lookup function are > decoupled from the loadable module subsystem and moved to init/main.c. > This enables "module_blacklist=" to intercept built-in modules even on > kernels built with CONFIG_MODULES=n. Hi Arnd, Luis, Petr, Daniel, Sami, Please ignore this iteration. I forgot to update Documentation/admin-guide/kernel-parameters.txt to properly document the new "module_denylist=" parameter while marking "module_blacklist=" as deprecated. Furthermore, I will rename module_blacklist to module_denylist in init/main.c, provide a legacy parameter alias, and update the log message to say "denylisted". Finally, to address the race condition and runtime vulnerability reported by Sashiko [1], I will remove the temporal check entirely and embed the boot-time blacklist check inside the a new do_one_initcall_builtin() __init wrapper function. This should ensure the metadata lookup logic is exclusively invoked during early boot. Consequently, since this wrapper is freed post-boot, it is physically impossible for loadable modules or userspace actors to execute it, completely closing the vulnerability and race conditions. [1]: https://sashiko.dev/#/patchset/20260718051350.344772-1-atomlin%40atomlin.com Kind regards, -- Aaron Tomlin ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v5 2/2] module: Rename module_blacklist to module_denylist 2026-07-18 5:13 [PATCH v5 0/2] module: Extend blacklist parameter to support built-in modules Aaron Tomlin 2026-07-18 5:13 ` [PATCH v5 1/2] module: Extend module_blacklist parameter to " Aaron Tomlin @ 2026-07-18 5:13 ` Aaron Tomlin 2026-07-18 5:25 ` sashiko-bot 1 sibling, 1 reply; 6+ messages in thread From: Aaron Tomlin @ 2026-07-18 5:13 UTC (permalink / raw) To: arnd, mcgrof, petr.pavlu, da.gomez, samitolvanen, peterz Cc: akpm, mhiramat, atomlin, neelx, da.anzani, sean, chjohnst, steve, mproche, nick.lane, linux-arch, linux-modules, linux-kernel To align with the kernel's established coding style guide regarding naming conventions (i.e., Documentation/process/coding-style.rst), migrate the internal module_blacklist variables and helper functions to module_denylist and module_is_denylisted(). To preserve the existing user-space ABI and ensure backward compatibility with existing bootloader and automated provisioning configurations, "module_blacklist=" is retained as a legacy alias tracking the underlying module_denylist infrastructure. Signed-off-by: Aaron Tomlin <atomlin@atomlin.com> --- include/linux/module.h | 2 +- init/main.c | 17 +++++++++-------- kernel/module/main.c | 4 ++-- 3 files changed, 12 insertions(+), 11 deletions(-) diff --git a/include/linux/module.h b/include/linux/module.h index fc1525e8f63c..e83ce13e6db5 100644 --- a/include/linux/module.h +++ b/include/linux/module.h @@ -884,7 +884,7 @@ static inline void module_for_each_mod(int(*func)(struct module *mod, void *data } #endif /* CONFIG_MODULES */ -bool module_is_blacklisted(const char *module_name); +bool module_is_denylisted(const char *module_name); #ifdef CONFIG_SYSFS extern struct kset *module_kset; diff --git a/init/main.c b/init/main.c index 0cf64d19b43f..18291e9bab41 100644 --- a/init/main.c +++ b/init/main.c @@ -1337,17 +1337,17 @@ static inline void do_trace_initcall_level(const char *level) extern struct initcall_modname __start_initcall_modnames[]; extern struct initcall_modname __stop_initcall_modnames[]; -/* module_blacklist is a comma-separated list of module names */ -static char *module_blacklist; -bool __init_or_module module_is_blacklisted(const char *module_name) +/* module_denylist is a comma-separated list of module names */ +static char *module_denylist; +bool __init_or_module module_is_denylisted(const char *module_name) { const char *p; size_t len; - if (!module_blacklist) + if (!module_denylist) return false; - for (p = module_blacklist; *p; p += len) { + for (p = module_denylist; *p; p += len) { len = strcspn(p, ","); if (strlen(module_name) == len && !memcmp(module_name, p, len)) return true; @@ -1356,7 +1356,8 @@ bool __init_or_module module_is_blacklisted(const char *module_name) } return false; } -core_param(module_blacklist, module_blacklist, charp, 0400); +core_param(module_denylist, module_denylist, charp, 0400); +core_param(module_blacklist, module_denylist, charp, 0400); static const char *__init get_builtin_modname(initcall_t fn) { @@ -1377,9 +1378,9 @@ int __init_or_module do_one_initcall(initcall_t fn) const char *modname = NULL; int ret; - if (system_state < SYSTEM_FREEING_INITMEM && module_blacklist) { + if (system_state < SYSTEM_FREEING_INITMEM && module_denylist) { modname = get_builtin_modname(fn); - if (modname && module_is_blacklisted(modname)) { + if (modname && module_is_denylisted(modname)) { pr_info("Skipping initcall for blacklisted built-in module %s\n", modname); return 0; diff --git a/kernel/module/main.c b/kernel/module/main.c index 5c90ebedbf68..e6d9c52b9786 100644 --- a/kernel/module/main.c +++ b/kernel/module/main.c @@ -3369,9 +3369,9 @@ static int early_mod_check(struct load_info *info, int flags) /* * Now that we know we have the correct module name, check - * if it's blacklisted. + * if it's denylisted. */ - if (module_is_blacklisted(info->name)) { + if (module_is_denylisted(info->name)) { pr_err("Module %s is blacklisted\n", info->name); return -EPERM; } -- 2.54.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v5 2/2] module: Rename module_blacklist to module_denylist 2026-07-18 5:13 ` [PATCH v5 2/2] module: Rename module_blacklist to module_denylist Aaron Tomlin @ 2026-07-18 5:25 ` sashiko-bot 0 siblings, 0 replies; 6+ messages in thread From: sashiko-bot @ 2026-07-18 5:25 UTC (permalink / raw) To: Aaron Tomlin; +Cc: linux-modules Thank you for your contribution! Sashiko AI review found 2 potential issue(s) to consider: - [Low] The newly introduced `module_denylist` kernel parameter is not documented in `kernel-parameters.txt`, and the legacy parameter is not marked as deprecated. - [Low] Kernel log messages were not updated to reflect the new inclusive terminology. -- --- Patch [2]: [PATCH v5 2/2] module: Rename module_blacklist to module_denylist --- commit 4cda93857ba5a82c96224a9d0d2d74dde6f4849f Author: Aaron Tomlin <atomlin@atomlin.com> module: Rename module_blacklist to module_denylist This commit renames the internal module_blacklist variables and helper functions to module_denylist to align with the kernel's coding style guide. It retains module_blacklist as a legacy alias for backward compatibility. > To align with the kernel's established coding style guide regarding > naming conventions (i.e., Documentation/process/coding-style.rst), > migrate the internal module_blacklist variables and helper functions to > module_denylist and module_is_denylisted(). [Severity: Low] Since the kernel parameter is being updated to module_denylist=, should Documentation/admin-guide/kernel-parameters.txt also be updated to document the new parameter and mark the old module_blacklist parameter as deprecated? > diff --git a/init/main.c b/init/main.c > index 7899a31d525df..df21df7b7e868 100644 > --- a/init/main.c > +++ b/init/main.c [ ... ] > @@ -1408,9 +1409,9 @@ int __init_or_module do_one_initcall(initcall_t fn) > const char *modname = NULL; > int ret; > > - if (system_state < SYSTEM_FREEING_INITMEM && module_blacklist) { > + if (system_state < SYSTEM_FREEING_INITMEM && module_denylist) { > modname = get_builtin_modname(fn); > - if (modname && module_is_blacklisted(modname)) { > + if (modname && module_is_denylisted(modname)) { > pr_info("Skipping initcall for blacklisted built-in module %s\n", > modname); [Severity: Low] This isn't a bug, but should the pr_info() log message also be updated to say "denylisted" instead of "blacklisted" to match the new terminology? > return 0; [ ... ] > diff --git a/kernel/module/main.c b/kernel/module/main.c > index d397b57f57b65..0f05497c0fc3e 100644 > --- a/kernel/module/main.c > +++ b/kernel/module/main.c [ ... ] > @@ -3298,9 +3298,9 @@ static int early_mod_check(struct load_info *info, int flags) > > /* > * Now that we know we have the correct module name, check > - * if it's blacklisted. > + * if it's denylisted. > */ > - if (module_is_blacklisted(info->name)) { > + if (module_is_denylisted(info->name)) { > pr_err("Module %s is blacklisted\n", info->name); [Severity: Low] This isn't a bug, but should this pr_err() message also be updated to use "denylisted" to fully align with the naming convention update? > return -EPERM; > } -- Sashiko AI review · https://sashiko.dev/#/patchset/20260718051350.344772-1-atomlin@atomlin.com?part=2 ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2026-07-18 14:26 UTC | newest] Thread overview: 6+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2026-07-18 5:13 [PATCH v5 0/2] module: Extend blacklist parameter to support built-in modules Aaron Tomlin 2026-07-18 5:13 ` [PATCH v5 1/2] module: Extend module_blacklist parameter to " Aaron Tomlin 2026-07-18 5:33 ` sashiko-bot 2026-07-18 14:26 ` Aaron Tomlin 2026-07-18 5:13 ` [PATCH v5 2/2] module: Rename module_blacklist to module_denylist Aaron Tomlin 2026-07-18 5:25 ` sashiko-bot
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.