jingni / rpms / kernel

Forked from rpms/kernel 5 years ago
Clone
6d8bbf
#!/bin/bash
6d8bbf
6d8bbf
buildroot="$1"
6d8bbf
kernel_base="$2"
6d8bbf
6d8bbf
blacklist()
6d8bbf
{
6d8bbf
	cat > "$buildroot/etc/modprobe.d/$1-blacklist.conf" <<-__EOF__
6d8bbf
	# This kernel module can be automatically loaded by non-root users. To
6d8bbf
	# enhance system security, the module is blacklisted by default to ensure
6d8bbf
	# system administrators make the module available for use as needed.
6d8bbf
	# See https://access.redhat.com/articles/3760101 for more details.
6d8bbf
	#
6d8bbf
	# Remove the blacklist by adding a comment # at the start of the line.
6d8bbf
	blacklist $1
6d8bbf
__EOF__
6d8bbf
}
6d8bbf
6d8bbf
check_blacklist()
6d8bbf
{
6d8bbf
	if modinfo "$1" | grep -q '^alias:\s\+net-'; then
6d8bbf
		mod="${1##*/}"
6d8bbf
		mod="${mod%.ko*}"
6d8bbf
		echo "$mod has an alias that allows auto-loading. Blacklisting."
6d8bbf
		blacklist "$mod"
6d8bbf
	fi
6d8bbf
}
6d8bbf
6d8bbf
foreachp()
6d8bbf
{
6d8bbf
	P=$(nproc)
6d8bbf
	bgcount=0
6d8bbf
	while read mod; do
6d8bbf
		$1 "$mod" &
6d8bbf
6d8bbf
		bgcount=$((bgcount + 1))
6d8bbf
		if [ $bgcount -eq $P ]; then
6d8bbf
			wait -n
6d8bbf
			bgcount=$((bgcount - 1))
6d8bbf
		fi
6d8bbf
	done
6d8bbf
6d8bbf
	wait
6d8bbf
}
6d8bbf
6d8bbf
[ -d "$buildroot/etc/modprobe.d/" ] || mkdir -p "$buildroot/etc/modprobe.d/"
6d8bbf
find "$buildroot/$kernel_base/extra" -name "*.ko*" | \
6d8bbf
	foreachp check_blacklist