[FAQF] KC7: Compiling directly into a kernel vs. modules

[TGL]

I would add that compiling something, for instance a driver, as a module allows to easily tweak it options, which is sometimes indispensable.

[wilburpan]

Thanks for the suggestion. I incorporated it into my FAQ.

[spamspam]

There is something to be said for making a non-modular kernel.

Some of the most effective rootkits are (or include) kernel modules. By compiling all needed features into the kernel, and disabling modules entirely, you can block them.

This technique is usefull on servers where the hardware seldom changes. It is not reccommended for desktops which are likely to need to hotplug USB or FireWire devices, or mount a variety of filesystems from time to time.

[rogerx]

I find building everything statically reduces the errors when trying to load a module/driver or messing with the modules.conf file... as most times, the module is already loaded with the features I need.

So what I do, is patch the kernel-2.6 w/ supermount and an orinoco hack for monitoring -- with the intent to keep the kernel as clean of patches as possible. I have also recently started to build ieee1394/firewire statically since this feature now supports hotplugging... no need to unload & load ieee1394 modules as almost all the bugs are worked out of hotplugging hdd's and cdrom drives.

The only thing I'm loading as a module is the evdev due to my wacom pad or synaptics touch pad ... and I forget why!

As a side note, I find that the o/s loads faster with a monolithic kernel versus modular. But load times for the kernel are slightly increased on the monolithic kernel. ... no biggy.

Prior to kernel-2.6, I was still loading allot of stuff as module (ie pcmcia/ieee1394/ide-scsi/scsi, ...).
_________________
Roger
http://rogerx.freeshell.org/

[Caalvin]

ok, i think compiling some drivers as module only make sense if you often change your hardware... the most desktop-system are "static" in that point..so building a monolith kernel would be the better choice.

On a notebook the situation is an other. I use Gentoo on a notebook, which i sometimes use in a docking, in several different networkenvironments, diverent monitors, printers, scanners and so on.. in this case, it is better to compile a lot drivers as modules, so they will only be loaded if the appropiated hardware is present... the "main"-drivers for the notebook itself surely as "compiled-in" for .

I hope this could help those, who are undecisive, if not, ok shame on me, this another useless post....

cheers
torsten

[rogerx]

Ok. granite. Using kernel-2.6 here on my dell inspiron laptop.

To be honest, I *try* to compile everything statically into the kernel (to avoid loading modules on startup as it does somewhat slow down the boot process & sometimes using modules can conflict (atleast in kernel-2.4 modules did)).

But the clincher on the laptops are that sometimes you need to patch the kernel drivers with either more up-to-date code or because the driver isn't in the kernel yet (ie wacom, nvidia, orinoco monitor patch, ...)

Module Size Used by
ppp_deflate 4992 0
bsd_comp 5632 0
agpgart 27688 0
ipt_TOS 2176 12
ipt_LOG 6016 7
ipt_REJECT 5760 4
ipt_pkttype 1664 4
ipt_state 1792 14
ip_nat_irc 4080 0
ip_nat_tftp 3056 0
ip_nat_ftp 5104 0
ip_conntrack_irc 70832 1 ip_nat_irc
ip_conntrack_tftp 3120 0
ip_conntrack_ftp 71600 1 ip_nat_ftp
ipt_multiport 1920 0
ipt_conntrack 2304 0
iptable_filter 2432 1
iptable_mangle 2432 1
iptable_nat 27436 3 ip_nat_irc,ip_nat_tftp,ip_nat_ftp
ip_conntrack 38928 9 ipt_state,ip_nat_irc,ip_nat_tftp,ip_nat_ftp,ip_conntrack_irc,ip_conntrack_tftp,ip_conntrack_ftp,ipt_conntrack,iptable_nat
ip_tables 19456 10 ipt_TOS,ipt_LOG,ipt_REJECT,ipt_pkttype,ipt_state,ipt_multiport,ipt_conntrack,iptable_filter,iptable_mangle,iptable_nat
e100 29824 0
rivafb 46916 0
vgastate 9600 1 rivafb
joydev 8128 0
ppp_async 9984 1
ppp_generic 21780 7 ppp_deflate,bsd_comp,ppp_async
slhc 6656 1 ppp_generic
evdev 7552 1
nvidia 2074184 14

As you can see, I also have firewall as modules.

I tend to just compile all my usb printer/scanner drivers right in too. Unless you're worried about memory usage, laptops these days can have plenty of memory... granite, 512MB ain't exactly over doing it!

Again, pro's/cons of usb drivers as static/modules -- do you want to have the kernel fiddle with loading these during runtime and hope they load ok? ... or do you just want to plug in h/w and already have the driver up and waiting to run? Allot of pros/cons to consider -- And I still do not believe that there is one single "right way" of doing this (ie. the freedom of doing it your way.)

If I was running low on memory (which I do sometimes), I might use more modules. Another thing one has to consider is "just how much memory" is saved by doing so... sometimes the module "help" text does offer size info, but most times, it's either negligable or not listed.

User pref, no right or wrong way as long as you use some commom sense.
_________________
Roger
http://rogerx.freeshell.org/

[Gherald2]

Pedantic: "In my case, if I have PCMCIA support built into the kernel, then metworking works.
_________________
Unregistered Linux User #17598363

[rogerx]

More then likely sounds like an irq or ioport conflict.

Monitor the following:
/proc/interrupts
/proc/ioports

... and then configure the device stealing the interrupt or ioport address to use a specific address. I'm going to guess you have your network card or other device as a module and having the pcmcia network device get first take at the pool of addresses is fixing the problem. No sweat though, as I do the same thing as you to resolve them as it is easier!

I had to compile something as module and set pcmcia init.d to a default rather then boot. The proper way for me would have been to exclude/include the address within the config file of pcmcia!
_________________
Roger
http://rogerx.freeshell.org/

[cdunham]

There have been a couple of annoyances I've run into running monolithic servers. As someone pointed out, it is part of a set of tactics for making more secure systems, which is great, especially if you have static hardware and don't mind recompling to get new stuff.

The annoyances are:

1) entries in the system log like:

modprobe: FATAL: Could not load /lib/modules/2.6.7-gentoo-r11/modules.dep: No such file or directory

Somewhere, someone is calling modprobe, and I can't figure out who or why. They also show up during boot, and although /etc/init.d/modules is depended on all over the place (and listed in CRITICAL_SERVICES in /sbin/rc), it is smart enough to exit cleanly if it doesn't see /proc/modules, so I'm pretty sure it's not to blame.

2) sensors-detect and other misc programs barf and die if they can't load modules. I *could* try to configure sensors by hand, but I enjoy being somewhat sane, thank you.

Perhaps I just missed the "modules=no" param in /etc/rc.conf ^_^
_________________
This post more meaningful in a scalar context.

[rogerx]

yes. some of the init.d services (ie hotplug may be a culprit also), where if everything is static/monolithic, then you will get false errors posted to the syslog about not being able to load a module. Usually, I tend to ignore these as it's obvious this gets down to providing a proper script to recognize the module is statically compiled. This does not affect run time.
ie: cat /proc/config.gz |gzip -dc

And yes, newer modules or experimental (buggy) modules may have a rougher time being statically linked. All modules seem to go through this phase where they need to be unloaded & reloaded due to bugs.

So, what I do, to try to stay completely monolithic, compile almost everything statically except for the few buggy ones.

Yes. sensors are a pain imo.
_________________
Roger
http://rogerx.freeshell.org/

[cdunham]

[betoe]

Hi guys, hope i will explain this correctly (english isnt my first language). Searching on google i came here coz i have a problem (again...) with my gentoo installation.

I had installed gentoo yesterday, and after the system reboot, i see this message error.

"Modprobe: FATAL: Could not load lib/modules/2.6.12-gentoo-r6/module.dep No such file or directory"

This error appear with:
1) Syncing hardware clock...
2) Settings DNS domain to...
3) Bringing eth0 up via DHCP...

As its fast, i can write only that.

I searched on my HDD and i have lib/modules/2.6.13-gentoo-r3 , not 2.6.13-gentoo-r6.


So what can i do for fix that? Thanks by your help.

[cdunham]

Is your kernel built with module support?
_________________
This post more meaningful in a scalar context.

[betoe]

Hi. I really dont remember that exactly. Maybe i must reinstall the kernel carefully, i will do it this night (here its same time than mountain time in the US).

[cdunham]

If not, you can fix these messages with a small hack:

[betoe]

I cant do that cdunham, coz that path doesnt exist:
/lib/modules/2.6.12-gentoo-r6/module.dep

Damn i want to have gentoo working but i dont have enough time for (try) fix it til next sunday.

[cdunham]

[betoe]

Thanks cdunham, sorry for being so noob and thanks to you for being so nice with me. That error has gone, but i still have a problem with the intenet connection, now i will try on IRC channels and searching on google.

[cdunham]

No worries, pass it forward...
_________________
This post more meaningful in a scalar context.

[HydroDiOxide]

Don't know if this is the right place to post this question, but it struck me when reading the faq.

The TS of the faq says