From b92b04ceae97414ad02ad029f94a73f71130bb81 Mon Sep 17 00:00:00 2001 From: Donald Buczek Date: Sun, 17 May 2026 14:47:48 +0200 Subject: [PATCH] kmod/whitelist: Add configuration file --- etc/kmod/whitelist.conf | 207 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 207 insertions(+) create mode 100644 etc/kmod/whitelist.conf diff --git a/etc/kmod/whitelist.conf b/etc/kmod/whitelist.conf new file mode 100644 index 0000000..6fb4f70 --- /dev/null +++ b/etc/kmod/whitelist.conf @@ -0,0 +1,207 @@ +# The following list has been assembled 2026-05-17 from all modules loaded on all mx64 +# systems. +# +whitelist 3w_9xxx # 3ware 9000 Storage Controller Linux Driver +whitelist 3w_sas # LSI 3ware SAS/SATA-RAID Linux Driver +whitelist 8021q # 802.1Q/802.1ad VLAN Protocol +whitelist aacraid # Dell PERC2, 2/Si, 3/Si, 3/Di, Adaptec Advanced Raid Products, HP NetRAID-4M, IBM ServeRAID & ICP SCSI driver +whitelist acpi_cpufreq # ACPI Processor P-States Driver +whitelist af_packet # Packet socket support (AF_PACKET) +whitelist af_packet_diag # PACKET socket monitoring via SOCK_DIAG +whitelist amdgpu # AMD GPU +whitelist amdxcp # AMD XCP PLATFORM DEVICES +whitelist auth_rpcgss # Sun RPC Kerberos RPCSEC_GSS client authentication +whitelist autofs4 # Kernel automounter support +whitelist bluetooth # Bluetooth Core ver 2.22 +whitelist bnx2 # QLogic BCM5706/5708/5709/5716 Driver +whitelist bnx2x # QLogic BCM57710/57711/57711E/57712/57712_MF/57800/57800_MF/57810/57810_MF/57840/57840_MF Driver +whitelist bnxt_en # Broadcom NetXtreme network driver +whitelist bochs # DRM Support for bochs dispi vga interface (qemu stdvga) +whitelist bridge # Ethernet bridge driver +whitelist btbcm # Bluetooth support for Broadcom devices ver 0.1 +whitelist btintel # Bluetooth support for Intel devices ver 0.1 +whitelist btrtl # Bluetooth support for Realtek devices ver 0.1 +whitelist btusb # Generic Bluetooth USB driver ver 0.8 +whitelist cdc_ether # USB CDC Ethernet devices +whitelist ch341 # Winchiphead CH341 USB Serial driver +whitelist chaoskey # Altus Metrum ChaosKey driver +whitelist cls_u32 # Universal 32bit based TC Classifier +whitelist coreboot_table # Module providing coreboot table access +whitelist coretemp # Intel Core temperature monitor +whitelist crc32c_intel # CRC32c (Castagnoli) optimization using Intel Hardware. +whitelist deflate # Deflate Compression Algorithm for IPCOMP +whitelist dm_mod # device-mapper driver +whitelist dm_zero # device-mapper dummy target returning zeros +whitelist drbg # NIST SP800-90A Deterministic Random Bit Generator (DRBG) using following cores: HMAC +whitelist drm # +whitelist drm_buddy # DRM Buddy Allocator +whitelist drm_display_helper # DRM display adapter helper +whitelist drm_exec # DRM execution context +whitelist drm_gpuvm # DRM GPUVM +whitelist drm_kms_helper # +whitelist drm_suballoc_helper # Range suballocator helper +whitelist drm_ttm_helper # DRM gem ttm helpers +whitelist drm_vram_helper # DRM VRAM memory-management helpers +whitelist e1000e # Intel(R) PRO/1000 Network Driver +whitelist ecc # core elliptic curve module +whitelist ecdh_generic # ECDH generic algorithm +whitelist efi_pstore # EFI variable backend for pstore +whitelist efivarfs # EFI Variable Filesystem +whitelist ext4 # Fourth Extended Filesystem +whitelist failover # Generic failover infrastructure/interface +whitelist fam15h_power # AMD Family 15h CPU processor power monitor +whitelist fat # Core FAT filesystem support +whitelist fb_sys_fops # +whitelist floppy # Normal floppy disk support +whitelist fuse # Filesystem in Userspace +whitelist garp # IEEE 802.1D Generic Attribute Registration Protocol (GARP) +whitelist gpu_sched # DRM GPU scheduler +whitelist grace # NFS client and server infrastructure +whitelist hid_cherry # HID driver for some cherry "special" devices +whitelist hid_generic # HID generic driver +whitelist hid_led # Simple USB RGB LED driver +whitelist hid_logitech_dj # HID driver for Logitech receivers +whitelist hid_logitech_hidpp # Support for Logitech devices relying on the HID++ specification +whitelist hpwdt # hpe watchdog driver +whitelist i2c_algo_bit # I2C-Bus bit-banging algorithm +whitelist i2c_piix4 # PIIX4 SMBus driver +whitelist i40e # Intel(R) Ethernet Connection XL710 Network Driver +whitelist i915 # Intel Graphics +whitelist iTCO_vendor_support # Intel TCO Vendor Specific WatchDog Timer Driver Support +whitelist iTCO_wdt # Intel TCO WatchDog Timer Driver +whitelist ice # Intel(R) Ethernet Connection E800 Series Linux Driver +whitelist igb # Intel(R) Gigabit Ethernet Network Driver +whitelist inet_diag # INET/INET6: socket monitoring via SOCK_DIAG +whitelist input_leds # Input -> LEDs Bridge +whitelist intel_agp # Intel AGPGART routines +whitelist intel_gtt # Intel GTT (Graphics Translation Table) routines +whitelist iommu_v2 # +whitelist iosf_mbi # IOSF Mailbox Interface accessor +whitelist ip_set # ip_set: protocol 7 +whitelist ip_set_hash_ip # hash:ip type of IP sets, revisions 0-6 +whitelist ip_set_hash_net # hash:net type of IP sets, revisions 0-7 +whitelist ip_tables # IPv4 packet filter +whitelist ipmi_devintf # Linux device interface for the IPMI message handler. +whitelist ipmi_si # Interface to the IPMI driver for the KCS, SMIC, and BT system interfaces. +whitelist iptable_filter # iptables filter table +whitelist iptable_mangle # iptables mangle table +whitelist iptable_nat # iptables legacy nat table +whitelist iptable_raw # iptables legacy raw table +whitelist ipv6 # IPv6 protocol stack for Linux +whitelist irqbypass # IRQ bypass manager utility module +whitelist isofs # ISO 9660 CDROM file system support +whitelist ixgbe # Intel(R) 10 Gigabit PCI Express Network Driver +whitelist jbd2 # Generic filesystem journal-writing module +whitelist jitterentropy_rng # Non-physical True Random Number Generator based on CPU Jitter +whitelist k10temp # AMD Family 10h+ CPU core temperature monitor +whitelist kvm # Kernel-based Virtual Machine (KVM) Hypervisor +whitelist kvm_amd # KVM support for SVM (AMD-V) extensions +whitelist kvm_intel # KVM support for VMX (Intel VT-x) extensions +whitelist led_class # LED Class Interface +whitelist ledtrig_audio # +whitelist libaescfb # Generic AES-CFB library +whitelist libie # Intel(R) Ethernet common library +whitelist libphy # PHY library +whitelist llc # LLC IEEE 802.2 core support +whitelist lockd # NFS file locking service version 0.5. +whitelist mbcache # Meta block cache (for extended attributes) +whitelist mdio # Generic support for MDIO-compatible transceivers +whitelist mdio_devres # Network MDIO bus devres helpers +whitelist memconsole # Architecture-independent parts of the memory based BIOS console +whitelist memconsole_coreboot # Memory based BIOS console accessed through coreboot table +whitelist mgag200 # MGA G200 SE +whitelist mrp # IEEE 802.1Q Multiple Registration Protocol (MRP) +whitelist mxm_wmi # MXM WMI Driver +whitelist net_failover # Failover driver for Paravirtual drivers +whitelist netfs # Network fs support +whitelist netlink_diag # Netlink-based socket monitoring/diagnostic interface (sock_diag) +whitelist nf_conntrack # IPv4 and IPv6 connection tracking +whitelist nf_conntrack_netlink # List and change connection tracking table +whitelist nf_defrag_ipv4 # IPv4 defragmentation support +whitelist nf_defrag_ipv6 # IPv6 defragmentation support +whitelist nf_nat # Network address translation core +whitelist nfnetlink # Netfilter messages via netlink socket +whitelist nfnetlink_log # netfilter userspace logging +whitelist nfs # NFS client support +whitelist nfs_acl # NFS ACL support +whitelist nfsd # In-kernel NFS server +whitelist nfsv3 # NFSv3 client support +whitelist nfsv4 # NFSv4 client support +whitelist nls_cp437 # NLS Codepage 437 (United States, Canada) +whitelist nls_iso8859_1 # NLS ISO 8859-1 (Latin 1; Western European Languages) +whitelist nouveau # nVidia Riva/TNT/GeForce/Quadro/Tesla/Tegra K1+ +whitelist nvidia # +whitelist nvidia_drm # +whitelist nvidia_modeset # +whitelist nvidia_uvm # +whitelist oid_registry # OID Registry +whitelist overlay # Overlay filesystem +whitelist pl2303 # Prolific PL2303 USB to serial adaptor driver +whitelist pstore # Persistent Storage - platform driver interface +whitelist r8169 # RealTek RTL-8169 Gigabit Ethernet driver +whitelist realtek # Realtek PHY driver +whitelist rng_core # H/W Random Number Generator (RNG) driver +whitelist rpcsec_gss_krb5 # Sun RPC Kerberos 5 module +whitelist sch_prio # Simple 3-band priority qdisc +whitelist sch_sfq # Stochastic Fairness qdisc +whitelist sha3_generic # SHA-3 Secure Hash Algorithm +whitelist sha512_generic # SHA-512 and SHA-384 Secure Hash Algorithms +whitelist smartpqi # +whitelist snd # Advanced Linux Sound Architecture driver for soundcards. +whitelist snd_ctl_led # ALSA control interface to LED trigger code. +whitelist snd_hda_codec # HDA codec core +whitelist snd_hda_codec_generic # Generic HD-audio codec parser +whitelist snd_hda_codec_hdmi # HDMI HD-audio codec +whitelist snd_hda_codec_realtek # Realtek HD-audio codec +whitelist snd_hda_core # HD-audio bus +whitelist snd_hda_intel # Intel HDA driver +whitelist snd_hda_scodec_component # HD Audio component binding library +whitelist snd_hwdep # Hardware dependent layer +whitelist snd_intel_dspcfg # Intel DSP config driver +whitelist snd_pcm # Midlevel PCM code for ALSA. +whitelist snd_rawmidi # Midlevel RawMidi code for ALSA. +whitelist snd_timer # ALSA timer interface +whitelist snd_usb_audio # USB Audio +whitelist snd_usbmidi_lib # USB Audio/MIDI helper module +whitelist soundcore # Core sound module +whitelist stp # SAP demux for IEEE 802.1D Spanning Tree Protocol (STP) +whitelist sunrpc # Sun RPC core +whitelist syscopyarea # +whitelist sysfillrect # +whitelist sysimgblt # +whitelist tcp_diag # TCP socket monitoring via SOCK_DIAG +whitelist tg3 # Broadcom Tigon3 ethernet driver +whitelist tpm # TPM Driver +whitelist tpm_crb # TPM2 Driver +whitelist tpm_tis # TPM Driver +whitelist tpm_tis_core # TPM Driver +whitelist ttm # TTM memory manager subsystem (for DRM device) +whitelist udp_diag # UDP socket monitoring via SOCK_DIAG +whitelist unix # +whitelist unix_diag # UNIX socket monitoring via SOCK_DIAG +whitelist usbhid # USB HID core driver +whitelist usbnet # USB network driver framework +whitelist uvc # USB Video Class common code +whitelist uvcvideo # USB Video Class driver +whitelist v4l2loopback # +whitelist vfat # VFAT filesystem support +whitelist video # ACPI Video Driver +whitelist videobuf2_common # Media buffer core framework +whitelist videobuf2_memops # common memory handling routines for videobuf2 +whitelist videobuf2_v4l2 # Driver helper framework for Video for Linux 2 +whitelist videobuf2_vmalloc # vmalloc memory handling routines for videobuf2 +whitelist virtio_net # Virtio network driver +whitelist wmi # ACPI-WMI Mapping Driver +whitelist wmi_bmof # WMI embedded Binary MOF driver +whitelist x86_pkg_temp_thermal # X86 PKG TEMP Thermal Driver +whitelist x_tables # {ip,ip6,arp,eb}_tables backend module +whitelist xfrm_algo # XFRM Algorithm interface +whitelist xfrm_user # XFRM User interface +whitelist xt_MASQUERADE # Xtables: automatic-address SNAT +whitelist xt_NFLOG # Xtables: packet logging to netlink using NFLOG +whitelist xt_addrtype # Xtables: address type match +whitelist xt_conntrack # Xtables: connection tracking state match +whitelist xt_iprange # Xtables: arbitrary IPv4 range matching +whitelist xt_nat # SNAT and DNAT targets support +whitelist xt_set # Xtables: IP set match and target module +whitelist xt_tcpudp # Xtables: TCP, UDP and UDP-Lite match