Kernel Modules deployment on custom hardware


I understand kernel-module-control provides the ability to insert, remove and query kernel modules. This interface gives privileged access to the device.

Which component is responsible for deploying the kernel modules into the UC?

Do we need to ship kernel modules with kernel snap?
Is it possible to deploy kernel modules into the UC if I am not preparing the kernel snap?

Today, the recommended method is to ship kernel modules with your kernel snap.

1 Like

Is there any experimental method available?

technically and theoretically you could indeed use a separate snap for your module and load it with insmod from a oneshot daemon that has access to module loading via the kernel-module-control interface …

practically you need a brand store to even get this interface granted (like snapd-control, kernel-module-control is only granted to device owners in brand stores per store policy) and use validation sets to make sure your module snap only gets updated in lockstep with your kernel snap since your binary will be linked against a certain kernel version … the maintenance effort (and risk) this brings along is likely higher than simply building your own kernel snap with the desired module included … either way you need a brand store (community kernels are also not allowed in the global store) and the use of kernel-module-control with insmod is always a hack …

1 Like

Do we have reference link for kernel module shipment ?

not really a reference, but here is a kernel snap where i add an external wifi driver to a kernel snap:

(note the override-prime: of the xradio-driver part, to update modules.dep)

1 Like

I have included a sample kernel module into kernel snap by referring given link.
.ko file is present in /lib/modules/5.4.85-gab1e81e16530/extra path in the device.

Able to load the kernel module using insmod .
But I am seeing below logs. Is this expected ?

[  874.961516] sample_km: loading out-of-tree module taints kernel.
[  874.961529] sample_km: module license 'unspecified' taints kernel.
[  874.961531] Disabling lock debugging due to kernel taint

Sounds like a kernel problem where you need to set the license for the module appropriately

1 Like

Is there kernel modules autoload option in UC? ( without manual instruction/insmod)

nope, and even the kernel-module-control interface will not save you from getting out-of sync with kernel ABI updates, it will be very tricky to keep everything in sync if you do not just use your own kernel snap with the module simply included …