From be6ae210b666a17442c69f0c248a0bd113abb63b Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Mon, 3 Jun 2024 17:50:29 -0700
Subject: [PATCH] Whitelist extra kernel modules

Signed-off-by: Tommy <contact@tommytran.io>
---
 etc/modprobe.d/server-blacklist.conf      |  9 ---------
 etc/modprobe.d/vps-blacklist.conf         |  7 -------
 etc/modprobe.d/workstation-blacklist.conf | 14 --------------
 kmod-whitelist-start                      |  3 +++
 kmod-whitelist-workstation-all            |  1 +
 5 files changed, 4 insertions(+), 30 deletions(-)

diff --git a/etc/modprobe.d/server-blacklist.conf b/etc/modprobe.d/server-blacklist.conf
index 8303a45..50c5244 100644
--- a/etc/modprobe.d/server-blacklist.conf
+++ b/etc/modprobe.d/server-blacklist.conf
@@ -2175,7 +2175,6 @@ install lnbh25 /bin/false
 install lnbp21 /bin/false
 install lnbp22 /bin/false
 install lockd /bin/false
-install loop /bin/false
 install lp /bin/false
 install lp3943 /bin/false
 install lp3971 /bin/false
@@ -2749,13 +2748,6 @@ install nfcmrvl_spi /bin/false
 install nfcmrvl_uart /bin/false
 install nfcmrvl_usb /bin/false
 install nfcsim /bin/false
-install nfnetlink_acct /bin/false
-install nfnetlink_cthelper /bin/false
-install nfnetlink_cttimeout /bin/false
-install nfnetlink_hook /bin/false
-install nfnetlink_log /bin/false
-install nfnetlink_osf /bin/false
-install nfnetlink_queue /bin/false
 install nfp /bin/false
 install nfs /bin/false
 install nfs_acl /bin/false
@@ -3080,7 +3072,6 @@ install pinephone-keyboard /bin/false
 install ping /bin/false
 install pistachio-internal-dac /bin/false
 install pixcir_i2c_ts /bin/false
-install pktcdvd /bin/false
 install pktgen /bin/false
 install pl2303 /bin/false
 install platform_lcd /bin/false
diff --git a/etc/modprobe.d/vps-blacklist.conf b/etc/modprobe.d/vps-blacklist.conf
index 4afd96a..59b7abb 100644
--- a/etc/modprobe.d/vps-blacklist.conf
+++ b/etc/modprobe.d/vps-blacklist.conf
@@ -2140,7 +2140,6 @@ install lockd /bin/false
 install lontium-lt8912b /bin/false
 install lontium-lt9611 /bin/false
 install lontium-lt9611uxc /bin/false
-install loop /bin/false
 install lp /bin/false
 install lp855x_bl /bin/false
 install lpassaudiocc-sc7280 /bin/false
@@ -2561,11 +2560,6 @@ install nfc_digital /bin/false
 install nfcmrvl /bin/false
 install nfcmrvl_usb /bin/false
 install nfcsim /bin/false
-install nfnetlink_acct /bin/false
-install nfnetlink_hook /bin/false
-install nfnetlink_log /bin/false
-install nfnetlink_osf /bin/false
-install nfnetlink_queue /bin/false
 install nfp /bin/false
 install nfs /bin/false
 install nfs_acl /bin/false
@@ -2991,7 +2985,6 @@ install pinctrl-tps6594 /bin/false
 install pinctrl-x1e80100 /bin/false
 install pinephone-keyboard /bin/false
 install pixcir_i2c_ts /bin/false
-install pktcdvd /bin/false
 install pl111_drm /bin/false
 install pl172 /bin/false
 install pl2303 /bin/false
diff --git a/etc/modprobe.d/workstation-blacklist.conf b/etc/modprobe.d/workstation-blacklist.conf
index 9c4e68f..7a054d9 100644
--- a/etc/modprobe.d/workstation-blacklist.conf
+++ b/etc/modprobe.d/workstation-blacklist.conf
@@ -3179,7 +3179,6 @@ install lontium-lt8912b /bin/false
 install lontium-lt9211 /bin/false
 install lontium-lt9611 /bin/false
 install lontium-lt9611uxc /bin/false
-install loop /bin/false
 install lp /bin/false
 install lp3943 /bin/false
 install lp3971 /bin/false
@@ -3932,13 +3931,6 @@ install nfcmrvl_spi /bin/false
 install nfcmrvl_uart /bin/false
 install nfcmrvl_usb /bin/false
 install nfcsim /bin/false
-install nfnetlink_acct /bin/false
-install nfnetlink_cthelper /bin/false
-install nfnetlink_cttimeout /bin/false
-install nfnetlink_hook /bin/false
-install nfnetlink_log /bin/false
-install nfnetlink_osf /bin/false
-install nfnetlink_queue /bin/false
 install nfp /bin/false
 install nfs /bin/false
 install nfs_acl /bin/false
@@ -4524,7 +4516,6 @@ install pinephone-keyboard /bin/false
 install ping /bin/false
 install pistachio-internal-dac /bin/false
 install pixcir_i2c_ts /bin/false
-install pktcdvd /bin/false
 install pktgen /bin/false
 install pl111_drm /bin/false
 install pl172 /bin/false
@@ -7080,7 +7071,6 @@ install vhost_iotlb /bin/false
 install vhost_net /bin/false
 install vhost_scsi /bin/false
 install vhost_vdpa /bin/false
-install vhost_vsock /bin/false
 install via686a /bin/false
 install via-agp /bin/false
 install via-cputemp /bin/false
@@ -7147,10 +7137,6 @@ install vpx3220 /bin/false
 install vqmmc-ipq4019-regulator /bin/false
 install vrf /bin/false
 install vringh /bin/false
-install vsock /bin/false
-install vsock_diag /bin/false
-install vsock_loopback /bin/false
-install vsockmon /bin/false
 install vsp1 /bin/false
 install vsxxxaa /bin/false
 install vt1211 /bin/false
diff --git a/kmod-whitelist-start b/kmod-whitelist-start
index acc532d..816a0df 100644
--- a/kmod-whitelist-start
+++ b/kmod-whitelist-start
@@ -12,11 +12,14 @@ iptable_
 ipt_
 ip6table_
 ip6t_
+loop
+nfnetlink
 nfsv4
 nft_
 nf_
 ntfs3
 nvme
+pktcdvd
 pvpanic
 hv_
 sata_
diff --git a/kmod-whitelist-workstation-all b/kmod-whitelist-workstation-all
index 2c12e91..b99e8e2 100644
--- a/kmod-whitelist-workstation-all
+++ b/kmod-whitelist-workstation-all
@@ -3,4 +3,5 @@ bluetooth
 nvidia
 samsung
 sony
+vsock
 wmi