| @@ -1,204 +1,204 @@ | | | @@ -1,204 +1,204 @@ |
1 | .\" $NetBSD: module.7,v 1.3 2011/06/30 20:09:15 wiz Exp $ | | 1 | .\" $NetBSD: module.7,v 1.4 2015/09/22 00:10:12 pgoyette Exp $ |
2 | .\" | | 2 | .\" |
3 | .\" Copyright (c) 2010 The NetBSD Foundation, Inc. | | 3 | .\" Copyright (c) 2010 The NetBSD Foundation, Inc. |
4 | .\" All rights reserved. | | 4 | .\" All rights reserved. |
5 | .\" | | 5 | .\" |
6 | .\" Redistribution and use in source and binary forms, with or without | | 6 | .\" Redistribution and use in source and binary forms, with or without |
7 | .\" modification, are permitted provided that the following conditions | | 7 | .\" modification, are permitted provided that the following conditions |
8 | .\" are met: | | 8 | .\" are met: |
9 | .\" 1. Redistributions of source code must retain the above copyright | | 9 | .\" 1. Redistributions of source code must retain the above copyright |
10 | .\" notice, this list of conditions and the following disclaimer. | | 10 | .\" notice, this list of conditions and the following disclaimer. |
11 | .\" 2. Redistributions in binary form must reproduce the above copyright | | 11 | .\" 2. Redistributions in binary form must reproduce the above copyright |
12 | .\" notice, this list of conditions and the following disclaimer in the | | 12 | .\" notice, this list of conditions and the following disclaimer in the |
13 | .\" documentation and/or other materials provided with the distribution. | | 13 | .\" documentation and/or other materials provided with the distribution. |
14 | .\" | | 14 | .\" |
15 | .\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS | | 15 | .\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
16 | .\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED | | 16 | .\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
17 | .\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | | 17 | .\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
18 | .\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS | | 18 | .\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS |
19 | .\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | | 19 | .\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
20 | .\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | | 20 | .\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
21 | .\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | | 21 | .\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
22 | .\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | | 22 | .\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
23 | .\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | | 23 | .\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
24 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | | 24 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
25 | .\" POSSIBILITY OF SUCH DAMAGE. | | 25 | .\" POSSIBILITY OF SUCH DAMAGE. |
26 | .\" | | 26 | .\" |
27 | .Dd December 14, 2010 | | 27 | .Dd December 14, 2010 |
28 | .Dt MODULE 7 | | 28 | .Dt MODULE 7 |
29 | .Os | | 29 | .Os |
30 | .Sh NAME | | 30 | .Sh NAME |
31 | .Nm module | | 31 | .Nm module |
32 | .Nd Kernel Modules interface | | 32 | .Nd Kernel Modules interface |
33 | .Sh SYNOPSIS | | 33 | .Sh SYNOPSIS |
34 | .Cd "options MODULAR" | | 34 | .Cd "options MODULAR" |
35 | .Sh DESCRIPTION | | 35 | .Sh DESCRIPTION |
36 | Kernel modules allow the system administrator to | | 36 | Kernel modules allow the system administrator to |
37 | dynamically add and remove functionality from a running system. | | 37 | dynamically add and remove functionality from a running system. |
38 | This ability also helps software developers to develop | | 38 | This also helps software developers add |
39 | new parts of the kernel without constantly rebooting to | | 39 | new parts of the kernel without constantly rebooting to |
40 | test their changes. | | 40 | test their changes. |
41 | .Pp | | 41 | .Pp |
42 | Additionally, the kernel may automatically load software modules as | | 42 | The kernel may automatically load software modules as |
43 | needed to perform requested operations. | | 43 | needed to perform requested operations. |
44 | For example, an | | 44 | For example, an |
45 | .Dq xyzfs | | 45 | .Dq xyzfs |
46 | module can be loaded automatically when an | | 46 | module can be loaded automatically when an |
47 | attempt is made to mount an | | 47 | attempt is made to mount an |
48 | .Dq xyzfs | | 48 | .Dq xyzfs |
49 | file system. | | 49 | file system. |
50 | Modules can also depend on other modules, and dependent modules are | | 50 | Modules can also depend on other modules, and dependent modules are |
51 | automatically loaded. | | 51 | automatically loaded. |
52 | When a module is no longer needed, it can be automatically unloaded. | | 52 | When a module is no longer needed, it can be automatically unloaded. |
53 | .Pp | | 53 | .Pp |
54 | An in-kernel linker resolves symbol references between the module | | 54 | An in-kernel linker resolves symbol references between the module |
55 | and the rest of the kernel. | | 55 | and the rest of the kernel. |
56 | .Pp | | 56 | .Pp |
57 | The | | 57 | The |
58 | .Nm | | 58 | .Nm |
59 | interface is accessed with the | | 59 | interface is accessed with the |
60 | .Xr modctl 2 | | 60 | .Xr modctl 2 |
61 | system call. | | 61 | system call. |
62 | All common operations involving | | 62 | All common operations involving |
63 | kernel modules are handled by the | | 63 | kernel modules are handled by the |
64 | .Xr modload 8 , | | 64 | .Xr modload 8 , |
65 | .Xr modunload 8 , | | 65 | .Xr modunload 8 , |
66 | and | | 66 | and |
67 | .Xr modstat 8 | | 67 | .Xr modstat 8 |
68 | programs. | | 68 | programs. |
69 | Users should never have to interact with | | 69 | Users should never have to interact with |
70 | .Xr modctl 2 | | 70 | .Xr modctl 2 |
71 | directly. | | 71 | directly. |
72 | .Sh MODULE CLASSES | | 72 | .Sh MODULE CLASSES |
73 | .Ss Virtual File System modules | | 73 | .Ss Virtual File System modules |
74 | Virtual file systems may be added via the | | 74 | Virtual file systems may be added via the |
75 | .Nm | | 75 | .Nm |
76 | interface. | | 76 | interface. |
77 | .Ss Device Driver modules | | 77 | .Ss Device Driver modules |
78 | Many device drivers can be loaded as a kernel module. | | 78 | Many device drivers can be loaded as a kernel module. |
79 | One potential problem specific to block and character device drivers | | 79 | One potential problem specific to block and character device drivers |
80 | is that the device nodes must exist for the devices to be accessed. | | 80 | is that the device nodes must exist for the devices to be accessed. |
81 | These need to be created manually, after the driver module has been | | 81 | These need to be created manually, after the driver module has been |
82 | successfully loaded. | | 82 | successfully loaded. |
83 | The majority of the device driver modules however does not | | 83 | Most device driver modules do not |
84 | need any manual intervention to function properly. | | 84 | need any manual intervention to function properly. |
85 | .Ss Execution Interpreters | | 85 | .Ss Execution Interpreters |
86 | Execution Interpreters can be loaded to provide support for executing | | 86 | Execution Interpreters can be loaded to provide support for executing |
87 | binaries not normally supported by kernel. | | 87 | binaries not normally supported by the kernel. |
88 | This also allows loading | | 88 | This also allows loading |
89 | support for executing foreign system binaries. | | 89 | support for executing foreign system binaries. |
90 | Execution Interpreters may require that an appropriate | | 90 | Execution Interpreters may require that an appropriate |
91 | emulation module also be loaded. | | 91 | emulation module also be loaded. |
92 | .Ss Miscellaneous modules | | 92 | .Ss Miscellaneous modules |
93 | Miscellaneous modules are modules for which there are not currently | | 93 | Miscellaneous modules are modules for which there are not currently |
94 | well-defined or well-used interfaces for extension. | | 94 | well-defined or well-used interfaces for extension. |
95 | They are provided for extension, and the user-provided module | | 95 | They are provided for extension, and the user-provided module |
96 | initialization routine is expected to install the necessary "hooks" | | 96 | initialization routine is expected to install the necessary "hooks" |
97 | into the rest of the operating system. | | 97 | into the rest of the operating system. |
98 | An example of a "miscellaneous module" might be a loader for | | 98 | An example of a "miscellaneous module" might be a loader for |
99 | card-specific VGA drivers or alternate terminal emulations in | | 99 | card-specific VGA drivers or alternate terminal emulations in |
100 | an appropriately layered console driver. | | 100 | an appropriately layered console driver. |
101 | .Ss Security-Model modules | | 101 | .Ss Security-Model modules |
102 | Alternate system security models may loaded using the | | 102 | Alternate system security models also may be loaded using |
103 | .Nm | | 103 | .Nm . |
104 | facility. | | | |
105 | .Sh EXAMPLES | | 104 | .Sh EXAMPLES |
106 | The common build tool of | | 105 | The common build tool of |
107 | .Nx , | | 106 | .Nx , |
108 | .Dq build.sh , | | 107 | .Dq build.sh , |
109 | automatically compiles and installs all | | 108 | automatically compiles and installs all |
110 | modules during a full system build and install. | | 109 | modules during a full system build and install. |
111 | Sometimes it is however useful to update only modules. | | 110 | However, sometimes it is useful to update only modules. |
112 | The following example demonstrates one way to do this. | | 111 | The following example demonstrates one way to do this. |
113 | It is assumed that the source code is under | | 112 | It is assumed that the source code is under |
114 | .Pa /usr/src , | | 113 | .Pa /usr/src , |
115 | while the object and toolchain directories are under | | 114 | while the object and toolchain directories are under |
116 | .Pa /usr/obj | | 115 | .Pa /usr/obj |
117 | and | | 116 | and |
118 | .Pa /usr/tools , | | 117 | .Pa /usr/tools , |
119 | respectively. | | 118 | respectively. |
120 | .Bd -literal -offset indent | | 119 | .Bd -literal -offset indent |
121 | cd /usr/src/sys/modules | | 120 | cd /usr/src/sys/modules |
122 | | | 121 | |
123 | export OBJDIR=/usr/obj | | 122 | export OBJDIR=/usr/obj |
124 | export TOOLDIR=/usr/tools | | 123 | export TOOLDIR=/usr/tools |
125 | | | 124 | |
126 | make clean | | 125 | make clean |
127 | make | | 126 | make |
128 | make install | | 127 | make install |
129 | .Ed | | 128 | .Ed |
130 | .Sh SEE ALSO | | 129 | .Sh SEE ALSO |
131 | .Xr modctl 2 , | | 130 | .Xr modctl 2 , |
132 | .Xr modload 8 , | | 131 | .Xr modload 8 , |
133 | .Xr modstat 8 , | | 132 | .Xr modstat 8 , |
134 | .Xr modunload 8 , | | 133 | .Xr modunload 8 , |
135 | .Xr module 9 | | 134 | .Xr module 9 |
136 | .Sh HISTORY | | 135 | .Sh HISTORY |
137 | The | | 136 | The |
138 | .Nm | | 137 | .Nm |
139 | facility was designed to be similar in functionality | | 138 | facility was designed to be similar in functionality |
140 | to the loadable kernel modules facility provided by | | 139 | to the loadable kernel modules facility provided by |
141 | .Tn "SunOS 4.1.3" . | | 140 | .Tn "SunOS 4.1.3" . |
142 | The old | | 141 | The old |
143 | .Dv LKM | | 142 | .Dv LKM |
144 | interface was replaced by | | 143 | interface was replaced by |
145 | .Nm | | 144 | .Nm |
146 | in | | 145 | in |
147 | .Nx 5.0 . | | 146 | .Nx 5.0 . |
148 | .Sh AUTHORS | | 147 | .Sh AUTHORS |
149 | The | | 148 | The |
150 | .Nm | | 149 | .Nm |
151 | subsystem was implemented by | | 150 | subsystem was implemented by |
152 | .An Andrew Doran | | 151 | .An Andrew Doran |
153 | .Aq ad@netbsd.org . | | 152 | .Aq ad@netbsd.org . |
154 | .Sh CAVEATS | | 153 | .Sh CAVEATS |
155 | The | | 154 | The |
156 | .Nm | | 155 | .Nm |
157 | framework is still under active development. | | 156 | framework is still under active development. |
158 | At least two potential caveats can be mentioned. | | 157 | At least two potential caveats can be mentioned. |
159 | .Bl -enum -offset 2n | | 158 | .Bl -enum -offset 2n |
160 | .It | | 159 | .It |
161 | Kernel modules are built to operate only with a specific version of the | | 160 | Kernel modules are built to operate only with a specific version of the |
162 | .Nx | | 161 | .Nx |
163 | kernel. | | 162 | kernel. |
164 | When the kernel is updated to a new version, the contents of the | | 163 | When the kernel is updated to a new version, the contents of the |
165 | .Pa /stand/${ARCH}/${VERSION}/modules/ | | 164 | .Pa /stand/${ARCH}/${VERSION}/modules/ |
166 | directory should be updated as well. | | 165 | directory should be updated as well. |
167 | (This location has been the subject of much discussion, and may change | | 166 | (This location has been the subject of much discussion, and may change |
168 | in future versions of | | 167 | in future versions of |
169 | .Nx . ) | | 168 | .Nx . ) |
170 | .It | | 169 | .It |
171 | If an attempt is made to boot the operating system from a file system for | | 170 | If an attempt is made to boot the operating system from a file system for |
172 | which the module is not built into the kernel, the boot may fail | | 171 | which the module is not built into the kernel, the boot may fail |
173 | with the message | | 172 | with the message |
174 | .Dq "Cannot mount root, error 79" . | | 173 | .Dq "Cannot mount root, error 79" . |
175 | On certain architectures (currently, i386 and amd64), one may be able to | | 174 | On certain architectures (currently, i386 and amd64), one may be able to |
176 | recover from this error by using the | | 175 | recover from this error by using the |
177 | .Dq "load xxxfs" | | 176 | .Dq "load xxxfs" |
178 | command before trying to boot. | | 177 | command before trying to boot. |
179 | This command is only available on newer bootloaders. | | 178 | This command is only available on newer bootloaders. |
180 | .El | | 179 | .El |
181 | .Pp | | 180 | .Pp |
182 | The absence of required modules or the inability of the bootloader | | 181 | The absence of required modules or the inability of the bootloader |
183 | to load the modules are common reasons for failures to boot a | | 182 | to load the modules are common reasons for failures to boot a |
184 | .Cd MODULAR | | 183 | .Cd MODULAR |
185 | kernel. | | 184 | kernel. |
186 | It may be a good practice to maintain a non-MODULAR kernel | | 185 | It may be a good practice to maintain a non-MODULAR kernel |
187 | in the root file system for recovery purposes. | | 186 | in the root file system for recovery purposes. |
188 | .Sh SECURITY CONSIDERATIONS | | 187 | .Sh SECURITY CONSIDERATIONS |
189 | A module becomes part of the kernel once loaded. | | 188 | A module becomes part of the kernel once loaded. |
190 | Compared to userland programs, all errors in the code can be fatal. | | 189 | Unlike in userland programs, fatal errors in kernel modules |
| | | 190 | may crash the operating system. |
191 | There is no memory protection between modules and the rest of the kernel. | | 191 | There is no memory protection between modules and the rest of the kernel. |
192 | Hence, a potential attacker with access to the | | 192 | Hence, a potential attacker with access to the |
193 | .Xr modctl 2 | | 193 | .Xr modctl 2 |
194 | system call can acquire complete and total control over the system. | | 194 | system call can acquire total control over the system. |
195 | .Pp | | 195 | .Pp |
196 | To avoid associated security risks, new modules can only be loaded when | | 196 | To avoid such security risks, new modules can only be loaded when |
197 | .Pa securelevel | | 197 | .Pa securelevel |
198 | is less than or equal to zero, or if the kernel was built with | | 198 | is less than or equal to zero, or if the kernel was built with |
199 | .Cd options INSECURE . | | 199 | .Cd options INSECURE . |
200 | Refer to | | 200 | Refer to |
201 | .Xr secmodel_securelevel 9 | | 201 | .Xr secmodel_securelevel 9 |
202 | for additional details on the | | 202 | for additional details on the |
203 | .Pa securelevel . | | 203 | .Pa securelevel . |
204 | Only use modules from trusted sources. | | 204 | Only use modules from trusted sources. |