X-Git-Url: http://nv-tegra.nvidia.com/gitweb/?p=linux-3.10.git;a=blobdiff_plain;f=kernel%2Fmodule.c;h=278e9b6762bb703c1f2c82809e1ad311db900c76;hp=2383e60fcf3fcb8363d378902169f264454f2914;hb=3296ca27f50ecbd71db1d808c7a72d311027f919;hpb=e893123c7378192c094747dadec326b7c000c190

diff --git a/kernel/module.c b/kernel/module.c
index 2383e60..278e9b6 100644
--- a/kernel/module.c
+++ b/kernel/module.c
@@ -73,6 +73,9 @@ DEFINE_MUTEX(module_mutex);
 EXPORT_SYMBOL_GPL(module_mutex);
 static LIST_HEAD(modules);
 
+/* Block module loading/unloading? */
+int modules_disabled = 0;
+
 /* Waiting for a module to finish initializing? */
 static DECLARE_WAIT_QUEUE_HEAD(module_wq);
 
@@ -778,7 +781,7 @@ SYSCALL_DEFINE2(delete_module, const char __user *, name_user,
 	char name[MODULE_NAME_LEN];
 	int ret, forced = 0;
 
-	if (!capable(CAP_SYS_MODULE))
+	if (!capable(CAP_SYS_MODULE) || modules_disabled)
 		return -EPERM;
 
 	if (strncpy_from_user(name, name_user, MODULE_NAME_LEN-1) < 0)
@@ -2338,7 +2341,7 @@ SYSCALL_DEFINE3(init_module, void __user *, umod,
 	int ret = 0;
 
 	/* Must have permission */
-	if (!capable(CAP_SYS_MODULE))
+	if (!capable(CAP_SYS_MODULE) || modules_disabled)
 		return -EPERM;
 
 	/* Only one module load at a time, please */