[Asterisk-Dev] Re: digium drivers compiled into kernel (no module)

Adam Goryachev mailinglists at websitemanagers.com.au
Wed Jan 5 06:56:14 MST 2005


On Wed, 2005-01-05 at 08:33 -0500, Aaron S. Joyner wrote:
> Steven Critchfield wrote:
> 
> >On Tue, 2005-01-04 at 20:50 -0500, Giovanni Powell wrote:
> >  
> >
> >>>u got some beef against modprobe?
> >>>      
> >>>
> >>Not really, it just make more sense to me. Plus when the server
> >>restarts it would be loaded with the rest of modules.(usb, firewire,
> >>net, etc...)
> >>
> >>I just need to know if anyone knows how to do this. I wanna compile
> >>all the modules I need including zaptel, with the kernel.
> >>    
> >>
> >
> >Covered on -users recently. It is a distribution specific problem.
> >Rummage around in /etc and you will probably find a file that includes
> >the autoloaded modules you already have. You should just have to add the
> >modules to the list and all will be fine.
> >  
> >
> In all fairness to the original poster, adding it to the appropriate 
> distro-specific startup scripts (which presumably is what you're 
> referencing for auto loaded modules from a file in /etc) doesn't answer 
> his question, it just loads them with out him having to type in the 
> command "modprobe <module>" in something like rc.local.  If he really 
> for some reason wants to build it into the kernel, some hand-hacking 
> will be required.
> 
>  From a more pragmatic stance though, this is highly unnecessary except 
> for some very unusual environments.  The only reason I can think of that 
> you'd want to add the associated modules directly into the kernel would 
> be very-small embedded systems, where you don't have the storage space 
> to have modprobe and all it's associated dependencies.  You may not even 
> have the kernel compiled to use loadable modules if you're really trying 
> to trim space.

Well I still (where possible) custom compile a kernel without all the
cruft I don't need, and with all the drivers I do need compiled in. Then
I disable the module loading from the kernel level. Originally I had a
couple of main 'incentives' for doing this (in no specific order):

1) Speed - It is more efficient to have it compiled in, and therefore
may be faster (in all practical purposes this advantage is
non-existant/negligable.

2) Reliability - If the modules are compiled in, I don't need to worry
about whether I made the initrd properly, did a make modules && make
modules_install, etc... Everything needed is there already.

3) Security - At one stage, it seemed (and maybe still is) all the rage
for 'hackers' to use kernel modules as part of their r00t kit. This
kernel module was designed to do various things including hiding their
processes, the fact the system had been hacked, various netstat type
details, etc... By not compiling support for modules, the idea was that
any 'hacker' wouldn't be able to conceal their tracks quite so easily.
(At the least they would need to reboot to a kernel which included
module loading ability, which in itself would trigger alarms). It is
probably possible to directly edit the running in-memory kernel, and
therefore achieve the same thing, but I assume this is 'harder' than
insmod my_module.

These days, there are more and more *annoying* out-of-kernel modules
that are needed which just serves to frustrate my attempts... (vmware,
nvidia ethernet drivers and digium drivers are the main 3 culprits for
me).

Just my 0.02c worth.

Regards,
Adam
-- 
 -- 
Adam Goryachev
Website Managers
Ph:  +61 2 9345 4395                        adam at websitemanagers.com.au
Fax: +61 2 9345 4396                        www.websitemanagers.com.au




More information about the asterisk-dev mailing list