[PATCH 1/2] module: add CONFIG_MODULE_RESTRICT_AUTOLOAD
From: Michal Gorlas
Date: Fri May 15 2026 - 14:12:46 EST
Add CONFIG_MODULE_RESTRICT_AUTOLOAD and modrestrict parameter
documentation.
Signed-off-by: Michal Gorlas <michal.gorlas@xxxxxxxxxxxxx>
---
Documentation/admin-guide/kernel-parameters.txt | 5 +++++
kernel/module/Kconfig | 15 +++++++++++++++
2 files changed, 20 insertions(+)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 03a550630644..1013104f0943 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -4185,6 +4185,11 @@ Kernel parameters
For details see:
Documentation/admin-guide/hw-vuln/processor_mmio_stale_data.rst
+ modrestrict=<bool>
+ Control the restriction of module auto-loading to
+ CAP_SYS_ADMIN. If no <bool> value is specified, this
+ is set to the value of CONFIG_MODULE_RESTRICT_AUTOLOAD.
+
<module>.async_probe[=<bool>] [KNL]
If no <bool> value is specified or if the value
specified is not a valid <bool>, enable asynchronous
diff --git a/kernel/module/Kconfig b/kernel/module/Kconfig
index 43b1bb01fd27..c9e01bb848c0 100644
--- a/kernel/module/Kconfig
+++ b/kernel/module/Kconfig
@@ -337,6 +337,21 @@ config MODULE_SIG_HASH
endif # MODULE_SIG || IMA_APPRAISE_MODSIG
+config MODULE_RESTRICT_AUTOLOAD
+ bool "Restrict module auto-loading to privileged users"
+ default n
+ help
+ Restrict module auto-loading in response to use of some feature
+ implemented by an unloaded module to CAP_SYS_ADMIN. Enabling this
+ option helps reducing the attack surface where unprivileged users
+ can abuse auto-loading to cause a vulnerable module to load that is
+ then exploited.
+
+ Note that this option also prevents a benign use of auto-loading for
+ a non-root users. Thus if enabled, the root user should execute
+ modprobe manually if needed, or add the module to the list of modules
+ loaded at the boot by modifying init scripts.
+
config MODULE_COMPRESS
bool "Module compression"
help
--
2.54.0