[Bug 1767172] Re: Regression: /etc/modules checked against blacklist or it's really hard to load blacklisted watchdog modules when one really wants one

Kees Cook kees at ubuntu.com
Mon May 20 17:35:42 UTC 2019 

I think it's fine. It sounds like there will just be no way to override
package-installed blacklists any more. That's unfortunate, but it's a
very rare situation.

** Changed in: systemd (Ubuntu)
       Status: Incomplete => Won't Fix

** Changed in: linux (Ubuntu)
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1767172

Title:
  Regression: /etc/modules checked against blacklist or it's really hard
  to load blacklisted watchdog modules when one really wants one

Status in linux package in Ubuntu:
  Invalid
Status in systemd package in Ubuntu:
  Won't Fix

Bug description:
  Impossible / hard to force the system to load a watchdog module
  because it is blacklisted by the kernel auto-generated list of
  "watchdog" modules.

  /etc/modules used to "just work" before.

  e.g. bcm2835_wdt module on arm64

  ===

  Before systemd-modules-load, /etc/init.d/kmod would load modules
  directly with "modprobe" (and _not_ "modprobe -b"):

  load_module() {
    local module args
    module="$1"
    args="$2"

    if [ "$VERBOSE" != no ]; then
      log_action_msg "Loading kernel module $module"
      modprobe $module $args || true
    else
      modprobe $module $args > /dev/null 2>&1 || true
    fi
  }

  However, under 18.04, systemd-modules-load will _ignore_ modules that
  are manually listed in /etc/modules and process them with the
  blacklist (the same as "modprobe -b" would). This means that it is not
  possible to manually load modules that are blacklisted (like watchdog
  modules):

  systemd-238/src/modules-load/modules-load.c:

  static int load_module(struct kmod_ctx *ctx, const char *m) {
          const int probe_flags = KMOD_PROBE_APPLY_BLACKLIST;
  ...
                  default:
                          err = kmod_module_probe_insert_module(mod, probe_flags,
                                                                NULL, NULL, NULL, NULL);

                          if (err == 0)
                                  log_info("Inserted module '%s'", kmod_module_get_name(mod));
                          else if (err == KMOD_PROBE_APPLY_BLACKLIST)
                                  log_info("Module '%s' is blacklisted", kmod_module_get_name(mod));

  Blacklists should _not_ be applied by systemd-modules-load.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1767172/+subscriptions

More information about the foundations-bugs mailing list