ba564c
#!/bin/bash
ba564c
ba564c
buildroot="$1"
ba564c
kernel_base="$2"
ba564c
ba564c
blacklist()
ba564c
{
ba564c
	cat > "$buildroot/etc/modprobe.d/$1-blacklist.conf" <<-__EOF__
ba564c
	# This kernel module can be automatically loaded by non-root users. To
ba564c
	# enhance system security, the module is blacklisted by default to ensure
ba564c
	# system administrators make the module available for use as needed.
ba564c
	# See https://access.redhat.com/articles/3760101 for more details.
ba564c
	#
ba564c
	# Remove the blacklist by adding a comment # at the start of the line.
ba564c
	blacklist $1
ba564c
__EOF__
ba564c
}
ba564c
ba564c
check_blacklist()
ba564c
{
ba564c
	if modinfo "$1" | grep -q '^alias:\s\+net-'; then
ba564c
		mod="${1##*/}"
ba564c
		mod="${mod%.ko*}"
ba564c
		echo "$mod has an alias that allows auto-loading. Blacklisting."
ba564c
		blacklist "$mod"
ba564c
	fi
ba564c
}
ba564c
ba564c
foreachp()
ba564c
{
ba564c
	P=$(nproc)
ba564c
	bgcount=0
ba564c
	while read mod; do
ba564c
		$1 "$mod" &
ba564c
ba564c
		bgcount=$((bgcount + 1))
ba564c
		if [ $bgcount -eq $P ]; then
ba564c
			wait -n
ba564c
			bgcount=$((bgcount - 1))
ba564c
		fi
ba564c
	done
ba564c
ba564c
	wait
ba564c
}
ba564c
ba564c
[ -d "$buildroot/etc/modprobe.d/" ] || mkdir -p "$buildroot/etc/modprobe.d/"
ba564c
find "$buildroot/$kernel_base/extra" -name "*.ko*" | \
ba564c
	foreachp check_blacklist