[PATCH] gnu: kernel-module-loader does not require file-systems

DoneSubmitted by raid5atemyhomework.
Details
2 participants
  • Danny Milosavljevic
  • raid5atemyhomework
Owner
unassigned
Severity
normal
R
R
raid5atemyhomework wrote on 8 Jan 03:12 +0100
(name . guix-patches@gnu.org)(address . guix-patches@gnu.org)
BRJQ1iDMuVglCqRb1sGZLwYQq_89pM_EAU90i6_Q7mtbu-F8n0JV1bn4g90twbRWnMzS-tCi0C2lBlT53OR6FnG-4hW6j_2Ix3TInBbyNdw=@protonmail.com
In https://issues.guix.gnu.org/45692#5Danny brings up that the `kernel-module-loader-shepherd-service` might not need to depend on `file-systems`.
So:
* `kernel-module-loader-shepherd-service` uses the `/proc` filesystem. * However, this filesystem is mounted in `initrd` before handing over to the real root (in `gnu/build/linux-boot.scm`'s `mount-essential-file-systems`, which is called in `boot-system` very early. * Before handing over to the real root, the mounts are moved in `move-essential-file-systems`, which is called by the `switch-root` procedure that is called by `boot-system` after mounting the root filesystem.* The `/proc/sys/kernel/modprobe` file contains a reference to a `/gnu/store` path to a `modprobe` binary. * Shepherd starts with the root file system already mounted (by the `initrd` `boot-system` procedure), so the full `/gnu/store` should be accessible as soon as Shepherd starts.
I've tested this as follows:
* Created a QEMU VM image that pointlessly loads "btrfs" (which is not loaded by default) by `(simple-service 'load-btrfs kernel-module-loader-service-type '("btrfs"))` and confirmed it boots to desktop and `lsmod` lists `btrfs`.* Ran tests "loadable-kernel-modules-0", "loadable-kernel-modules-1", and "loadable-kernel-module-2" and confirmed they pass.
In theory this could break a system, if an existing kernel module reads from some file (which Linux kernel modules are discouraged from doing) at loadtime *and* the system administrator put that file in a non-root filesystem (which if it's a "proper" module it should be in either `/etc` or `/var`, the former of which is, on Guix System, created by Guix on the root filesystem, and the latter of which should generally be on the root filesystem as well). So I think the risk of this breaking *some* system is fairly low.
Please review.

From d028dac0efaf6ab3d8edafc2e68c0d2ef692bab7 Mon Sep 17 00:00:00 2001From: raid5atemyhomework <raid5atemyhomework@protonmail.com>Date: Fri, 8 Jan 2021 09:41:25 +0800Subject: [PATCH] gnu: kernel-module-loader does not require file-systems
* gnu/services/linux.scm (kernel-module-loader-shepherd-service):Remove requirement of file-systems.--- gnu/services/linux.scm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
Toggle diff (21 lines)diff --git a/gnu/services/linux.scm b/gnu/services/linux.scmindex 1046a7e0c2..340b330030 100644--- a/gnu/services/linux.scm+++ b/gnu/services/linux.scm@@ -2,6 +2,7 @@ ;;; Copyright © 2020 Maxim Cournoyer <maxim.cournoyer@gmail.com> ;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re> ;;; Copyright © 2020 Efraim Flashner <efraim@flashner.co.il>+;;; Copyright © 2021 raid5atemyhomework <raid5atemyhomework@protonmail.com> ;;; ;;; This file is part of GNU Guix. ;;;@@ -150,7 +151,7 @@ representation." (shepherd-service (documentation "Load kernel modules.") (provision '(kernel-module-loader))- (requirement '(file-systems))+ (requirement '()) (one-shot? #t) (modules `((srfi srfi-1) (srfi srfi-34)
--2.30.0
D
D
Danny Milosavljevic wrote on 8 Feb 03:55 +0100
(name . raid5atemyhomework viaGuix-patchesvia)(address . guix-patches@gnu.org)
20210208035522.792d9143@scratchpost.org
Pushed to guix master as commit fe7529d71b8d7b09b48679c86e1155895afd92a4.
Thanks!
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEds7GsXJ0tGXALbPZ5xo1VCwwuqUFAmAgqBoACgkQ5xo1VCwwuqVjmAf+P0upXjtWvQkxbNiw9U+TH/KadZ05qeixLI5LFpFHDQONJqWG6XNsimAsjJJ0DQduNsQPSZiJ05170GT4gOEQ83lGCKDHu/Jda8qbEPrj+SwI9A29zgWd96mfubxEBvygkbyp+Is+7I1Ghop2shwfhIgXRYb7+G14p1pkTJn8cCzVkPP8qjsQs7Q6KN1kXCBxDX9MVqtmOt40fXKHMWPla4Y+ZcUngDUNaGUiF6sP+d8fwa9qD5KdidtrFOJH3Wmu12RK+MBhw7Jdw/wVsGIT5QqQHFY/7RK7iqQSjiOPDnuYjDq/Ws3vFnimNcKilOISnnwztCwE2+JkzufkxZk9QQ===2ltx-----END PGP SIGNATURE-----

?