From 28b25bda3f51c7d5a6ee6d28446cb5f731f452d0 Mon Sep 17 00:00:00 2001
From: Raja Grewal <rg_public@proton.me>
Date: Thu, 25 Jul 2024 15:51:32 +1000
Subject: [PATCH] Partial inclusion of GrapheneOS infrastructure blacklist

---
 .../30_security-misc_blacklist.conf           | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/etc/modprobe.d/30_security-misc_blacklist.conf b/etc/modprobe.d/30_security-misc_blacklist.conf
index 2ef0d1a..34e1124 100644
--- a/etc/modprobe.d/30_security-misc_blacklist.conf
+++ b/etc/modprobe.d/30_security-misc_blacklist.conf
@@ -23,6 +23,26 @@ blacklist sr_mod
 
 ## Miscellaneous:
 ##
+## GrapheneOS:
+## Partial selection of their infrastructure blacklist.
+## Duplicate and already disabled modules have been omitted.
+##
+## https://github.com/GrapheneOS/infrastructure/blob/main/modprobe.d/local.conf
+##
+#blacklist cfg80211
+#blacklist intel_agp
+#blacklist ip_tables
+blacklist joydev
+#blacklist mousedev
+#blacklist psmouse
+blacklist snd_intel8x0
+#blacklist tls
+#blacklist virtio_balloon
+#blacklist virtio_console
+##
+## Ubuntu:
+## Already disabled modules have been omitted.
+##
 ## https://git.launchpad.net/ubuntu/+source/kmod/tree/debian/modprobe.d/blacklist.conf?h=ubuntu/disco
 ## https://git.launchpad.net/ubuntu/+source/kmod/tree/debian/modprobe.d/blacklist-ath_pci.conf?h=ubuntu/disco
 ##