What's wrong with it?

strcmp (and many other string routines like strlen, strcpy) relies on strings being null terminated. Safe versions (strncmp, strnlen, strncpy) have a parameter for maximum string length.

I am pretty sure that in this particular case it is not passed any user input, so it's kinda safe.

In this case it should be fine because the second argument is a string literal (guaranteed to be null-terminated) and the function doesn't continue past the end of the first null-terminated string.

Would be a pretty neat exploit to buffer overflow someone's actual kernel via a carefully constructed module name, though.

A neat hack, yes...but probably not worthwhile from the perspective of an actual attacker (if you've got permissions to load a kernel module, you could just load one of your own crafting to do whatever nefarious things you wanted directly).

If you haven't validated or ensured that your string is a string you've already lost.

Good as any for their use. Follow that the thread on lkml (there is a gmane link in the comments here somewhere) for more discussion on identifying taint-introducing modules.

Seems reasonable to use strcmp to compare two strings.