| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | .\" $NetBSD: module.7,v 1.3 2011/06/30 20:09:15 wiz Exp $ | | 1 | .\" $NetBSD: module.7,v 1.4 2015/09/22 00:10:12 pgoyette Exp $ |
2 | .\" | | 2 | .\" |
3 | .\" Copyright (c) 2010 The NetBSD Foundation, Inc. | | 3 | .\" Copyright (c) 2010 The NetBSD Foundation, Inc. |
4 | .\" All rights reserved. | | 4 | .\" All rights reserved. |
5 | .\" | | 5 | .\" |
6 | .\" Redistribution and use in source and binary forms, with or without | | 6 | .\" Redistribution and use in source and binary forms, with or without |
7 | .\" modification, are permitted provided that the following conditions | | 7 | .\" modification, are permitted provided that the following conditions |
8 | .\" are met: | | 8 | .\" are met: |
9 | .\" 1. Redistributions of source code must retain the above copyright | | 9 | .\" 1. Redistributions of source code must retain the above copyright |
10 | .\" notice, this list of conditions and the following disclaimer. | | 10 | .\" notice, this list of conditions and the following disclaimer. |
11 | .\" 2. Redistributions in binary form must reproduce the above copyright | | 11 | .\" 2. Redistributions in binary form must reproduce the above copyright |
12 | .\" notice, this list of conditions and the following disclaimer in the | | 12 | .\" notice, this list of conditions and the following disclaimer in the |
13 | .\" documentation and/or other materials provided with the distribution. | | 13 | .\" documentation and/or other materials provided with the distribution. |
14 | .\" | | 14 | .\" |
| @@ -25,31 +25,31 @@ | | | @@ -25,31 +25,31 @@ |
25 | .\" POSSIBILITY OF SUCH DAMAGE. | | 25 | .\" POSSIBILITY OF SUCH DAMAGE. |
26 | .\" | | 26 | .\" |
27 | .Dd December 14, 2010 | | 27 | .Dd December 14, 2010 |
28 | .Dt MODULE 7 | | 28 | .Dt MODULE 7 |
29 | .Os | | 29 | .Os |
30 | .Sh NAME | | 30 | .Sh NAME |
31 | .Nm module | | 31 | .Nm module |
32 | .Nd Kernel Modules interface | | 32 | .Nd Kernel Modules interface |
33 | .Sh SYNOPSIS | | 33 | .Sh SYNOPSIS |
34 | .Cd "options MODULAR" | | 34 | .Cd "options MODULAR" |
35 | .Sh DESCRIPTION | | 35 | .Sh DESCRIPTION |
36 | Kernel modules allow the system administrator to | | 36 | Kernel modules allow the system administrator to |
37 | dynamically add and remove functionality from a running system. | | 37 | dynamically add and remove functionality from a running system. |
38 | This ability also helps software developers to develop | | 38 | This also helps software developers add |
39 | new parts of the kernel without constantly rebooting to | | 39 | new parts of the kernel without constantly rebooting to |
40 | test their changes. | | 40 | test their changes. |
41 | .Pp | | 41 | .Pp |
42 | Additionally, the kernel may automatically load software modules as | | 42 | The kernel may automatically load software modules as |
43 | needed to perform requested operations. | | 43 | needed to perform requested operations. |
44 | For example, an | | 44 | For example, an |
45 | .Dq xyzfs | | 45 | .Dq xyzfs |
46 | module can be loaded automatically when an | | 46 | module can be loaded automatically when an |
47 | attempt is made to mount an | | 47 | attempt is made to mount an |
48 | .Dq xyzfs | | 48 | .Dq xyzfs |
49 | file system. | | 49 | file system. |
50 | Modules can also depend on other modules, and dependent modules are | | 50 | Modules can also depend on other modules, and dependent modules are |
51 | automatically loaded. | | 51 | automatically loaded. |
52 | When a module is no longer needed, it can be automatically unloaded. | | 52 | When a module is no longer needed, it can be automatically unloaded. |
53 | .Pp | | 53 | .Pp |
54 | An in-kernel linker resolves symbol references between the module | | 54 | An in-kernel linker resolves symbol references between the module |
55 | and the rest of the kernel. | | 55 | and the rest of the kernel. |
| @@ -70,55 +70,54 @@ Users should never have to interact with | | | @@ -70,55 +70,54 @@ Users should never have to interact with |
70 | .Xr modctl 2 | | 70 | .Xr modctl 2 |
71 | directly. | | 71 | directly. |
72 | .Sh MODULE CLASSES | | 72 | .Sh MODULE CLASSES |
73 | .Ss Virtual File System modules | | 73 | .Ss Virtual File System modules |
74 | Virtual file systems may be added via the | | 74 | Virtual file systems may be added via the |
75 | .Nm | | 75 | .Nm |
76 | interface. | | 76 | interface. |
77 | .Ss Device Driver modules | | 77 | .Ss Device Driver modules |
78 | Many device drivers can be loaded as a kernel module. | | 78 | Many device drivers can be loaded as a kernel module. |
79 | One potential problem specific to block and character device drivers | | 79 | One potential problem specific to block and character device drivers |
80 | is that the device nodes must exist for the devices to be accessed. | | 80 | is that the device nodes must exist for the devices to be accessed. |
81 | These need to be created manually, after the driver module has been | | 81 | These need to be created manually, after the driver module has been |
82 | successfully loaded. | | 82 | successfully loaded. |
83 | The majority of the device driver modules however does not | | 83 | Most device driver modules do not |
84 | need any manual intervention to function properly. | | 84 | need any manual intervention to function properly. |
85 | .Ss Execution Interpreters | | 85 | .Ss Execution Interpreters |
86 | Execution Interpreters can be loaded to provide support for executing | | 86 | Execution Interpreters can be loaded to provide support for executing |
87 | binaries not normally supported by kernel. | | 87 | binaries not normally supported by the kernel. |
88 | This also allows loading | | 88 | This also allows loading |
89 | support for executing foreign system binaries. | | 89 | support for executing foreign system binaries. |
90 | Execution Interpreters may require that an appropriate | | 90 | Execution Interpreters may require that an appropriate |
91 | emulation module also be loaded. | | 91 | emulation module also be loaded. |
92 | .Ss Miscellaneous modules | | 92 | .Ss Miscellaneous modules |
93 | Miscellaneous modules are modules for which there are not currently | | 93 | Miscellaneous modules are modules for which there are not currently |
94 | well-defined or well-used interfaces for extension. | | 94 | well-defined or well-used interfaces for extension. |
95 | They are provided for extension, and the user-provided module | | 95 | They are provided for extension, and the user-provided module |
96 | initialization routine is expected to install the necessary "hooks" | | 96 | initialization routine is expected to install the necessary "hooks" |
97 | into the rest of the operating system. | | 97 | into the rest of the operating system. |
98 | An example of a "miscellaneous module" might be a loader for | | 98 | An example of a "miscellaneous module" might be a loader for |
99 | card-specific VGA drivers or alternate terminal emulations in | | 99 | card-specific VGA drivers or alternate terminal emulations in |
100 | an appropriately layered console driver. | | 100 | an appropriately layered console driver. |
101 | .Ss Security-Model modules | | 101 | .Ss Security-Model modules |
102 | Alternate system security models may loaded using the | | 102 | Alternate system security models also may be loaded using |
103 | .Nm | | 103 | .Nm . |
104 | facility. | | | |
105 | .Sh EXAMPLES | | 104 | .Sh EXAMPLES |
106 | The common build tool of | | 105 | The common build tool of |
107 | .Nx , | | 106 | .Nx , |
108 | .Dq build.sh , | | 107 | .Dq build.sh , |
109 | automatically compiles and installs all | | 108 | automatically compiles and installs all |
110 | modules during a full system build and install. | | 109 | modules during a full system build and install. |
111 | Sometimes it is however useful to update only modules. | | 110 | However, sometimes it is useful to update only modules. |
112 | The following example demonstrates one way to do this. | | 111 | The following example demonstrates one way to do this. |
113 | It is assumed that the source code is under | | 112 | It is assumed that the source code is under |
114 | .Pa /usr/src , | | 113 | .Pa /usr/src , |
115 | while the object and toolchain directories are under | | 114 | while the object and toolchain directories are under |
116 | .Pa /usr/obj | | 115 | .Pa /usr/obj |
117 | and | | 116 | and |
118 | .Pa /usr/tools , | | 117 | .Pa /usr/tools , |
119 | respectively. | | 118 | respectively. |
120 | .Bd -literal -offset indent | | 119 | .Bd -literal -offset indent |
121 | cd /usr/src/sys/modules | | 120 | cd /usr/src/sys/modules |
122 | | | 121 | |
123 | export OBJDIR=/usr/obj | | 122 | export OBJDIR=/usr/obj |
124 | export TOOLDIR=/usr/tools | | 123 | export TOOLDIR=/usr/tools |
| @@ -177,28 +176,29 @@ recover from this error by using the | | | @@ -177,28 +176,29 @@ recover from this error by using the |
177 | .Dq "load xxxfs" | | 176 | .Dq "load xxxfs" |
178 | command before trying to boot. | | 177 | command before trying to boot. |
179 | This command is only available on newer bootloaders. | | 178 | This command is only available on newer bootloaders. |
180 | .El | | 179 | .El |
181 | .Pp | | 180 | .Pp |
182 | The absence of required modules or the inability of the bootloader | | 181 | The absence of required modules or the inability of the bootloader |
183 | to load the modules are common reasons for failures to boot a | | 182 | to load the modules are common reasons for failures to boot a |
184 | .Cd MODULAR | | 183 | .Cd MODULAR |
185 | kernel. | | 184 | kernel. |
186 | It may be a good practice to maintain a non-MODULAR kernel | | 185 | It may be a good practice to maintain a non-MODULAR kernel |
187 | in the root file system for recovery purposes. | | 186 | in the root file system for recovery purposes. |
188 | .Sh SECURITY CONSIDERATIONS | | 187 | .Sh SECURITY CONSIDERATIONS |
189 | A module becomes part of the kernel once loaded. | | 188 | A module becomes part of the kernel once loaded. |
190 | Compared to userland programs, all errors in the code can be fatal. | | 189 | Unlike in userland programs, fatal errors in kernel modules |
| | | 190 | may crash the operating system. |
191 | There is no memory protection between modules and the rest of the kernel. | | 191 | There is no memory protection between modules and the rest of the kernel. |
192 | Hence, a potential attacker with access to the | | 192 | Hence, a potential attacker with access to the |
193 | .Xr modctl 2 | | 193 | .Xr modctl 2 |
194 | system call can acquire complete and total control over the system. | | 194 | system call can acquire total control over the system. |
195 | .Pp | | 195 | .Pp |
196 | To avoid associated security risks, new modules can only be loaded when | | 196 | To avoid such security risks, new modules can only be loaded when |
197 | .Pa securelevel | | 197 | .Pa securelevel |
198 | is less than or equal to zero, or if the kernel was built with | | 198 | is less than or equal to zero, or if the kernel was built with |
199 | .Cd options INSECURE . | | 199 | .Cd options INSECURE . |
200 | Refer to | | 200 | Refer to |
201 | .Xr secmodel_securelevel 9 | | 201 | .Xr secmodel_securelevel 9 |
202 | for additional details on the | | 202 | for additional details on the |
203 | .Pa securelevel . | | 203 | .Pa securelevel . |
204 | Only use modules from trusted sources. | | 204 | Only use modules from trusted sources. |