Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 124a9c97 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

init/builtins.cpp: Switch to finit_module 

Switch insmod from using init_module to finit_module. From
"man finit_module":

  The finit_module() system call is like init_module(), but reads the
  module to be loaded from the file descriptor fd. It is useful when the
  authenticity of a kernel module can be determined from its location in
  the file system; in cases where that is possible, the overhead of
  using cryptographically signed modules to determine the authenticity
  of a module can be avoided.

finit_module is preferred over init_module because it allows LSMs, such
as SELinux, to perform a permission check on kernel module loads based on
the file from which the module is loaded. This functionality is not yet
implemented in the Linux kernel, but is on the SEAndroid TODO list.
See https://bitbucket.org/seandroid/wiki/wiki/ToDo

Bug: 27824855
Change-Id: Id0ea88cd1930393c8c73ce38e63d5b2eeadf946a
parent fbdbf100
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment