LoadPin old-api-denied
Martin Townsend
mtownsend1973 at gmail.com
Fri Mar 29 17:26:57 UTC 2019
Hi,
I'm seeing the following message when trying to load some backported
kernel modules:
Mar 29 16:24:09 mach-cw-rnet-ppm-1840 kernel: LoadPin: kernel-module
old-api-denied obj=<unknown> pid=340 cmdline="modprobe compat"
I have other kernel modules that were built out of tree and these load
fine, the only difference I can see is that they are loaded via
/etc/modules-load.d
I've read through the loadpin docs and it states that it will only
allow modules that are from the main root filesystem and that
filesystem is read-only. I've checked and both of these are true for
the failing module. I've read through the source code and there's a
comment above the code path that loadpin is taking where the file
pointer is NULL.
/* This handles the older init_module API that has a NULL file. */
if (!file) {
I'm not 100% sure what this means, but could it be that
modprobe/insmod are using this older init_module API? if so how can I
get around this, I need to manually insert these modules at an
appropriate time during boot?
Any help greatly appreciated,
Martin.
More information about the Linux-security-module-archive
mailing list