Unable to load modules to kernel and get module information

orhun · March 22, 2020, 2:03pm

I’ve created this snapcraft config file with strict confinement and kernel-module-control/kernel-module-observe plugs but still I can’t load modules from the terminal interface or get the modinfo command output.
I’ve tried the classic confinement and of course it worked. But it does not look possible to publish the project like this.
So what could be the problem? I need to be able to load modules and get modinfo command output in my project. But all I got is execution errors and permission failures with the current version of the snap.

Here’s the snap that I’m working on: https://dashboard.snapcraft.io/snaps/kmon/revisions/13/
Project page (unreleased): https://github.com/orhun/kmon
My other forum post (about the classic confinement): Classic confinement for the kmon snap

jdstrand · March 31, 2020, 2:13pm

Did you also connect the interfaces after installing the snap?

$ sudo snap connect kmon:kernel-module-control
$ sudo snap connect kmon:kernel-module-observe

orhun · March 31, 2020, 4:59pm

Yes, it didn’t fix the problem.

jdstrand · March 31, 2020, 5:13pm

After you’ve connected the interfaces, and run your application, do you see security policy denials in journalctl? Please paste them here.

orhun · March 31, 2020, 8:20pm

No policy denials at all:

Mar 31 20:19:10 arch sudo[107796]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 31 20:19:11 arch systemd-udevd[107822]: Using default interface naming scheme 'v245'.
Mar 31 20:19:11 arch systemd-udevd[107830]: Using default interface naming scheme 'v245'.
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2
Mar 31 20:19:11 arch systemd-udevd[107833]: regulatory.0: Process '/usr/bin/crda' failed with exit code 234.
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-4
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb3
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-6
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-4/2-4:1.0
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb3/3-0:1.0
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-0:1.0
Mar 31 20:19:11 arch systemd-udevd[107818]: Using default interface naming scheme 'v245'.
Mar 31 20:19:11 arch systemd-udevd[107820]: Using default interface naming scheme 'v245'.
Mar 31 20:19:11 arch systemd-udevd[107831]: Using default interface naming scheme 'v245'.
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-6/2-6:1.0
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:14.0/usb2/2-6/2-6:1.1
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:1d.0/usb1
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:1d.0/usb1/1-0:1.0
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:1d.0/usb1/1-1
Mar 31 20:19:11 arch upowerd[49303]: treating change event as add on /sys/devices/pci0000:00/0000:00:1d.0/usb1/1-1/1-1:1.0
Mar 31 20:19:11 arch sudo[107796]: pam_unix(sudo:session): session closed for user root
Mar 31 20:19:14 arch sudo[107873]:    orhun : TTY=pts/1 ; PWD=/home/orhun ; USER=root ; COMMAND=/usr/bin/snap connect kmon:kernel-module-observe
Mar 31 20:19:14 arch sudo[107873]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 31 20:19:15 arch sudo[107873]: pam_unix(sudo:session): session closed for user root
Mar 31 20:19:21 arch sudo[107894]:    orhun : TTY=pts/1 ; PWD=/home/orhun ; USER=root ; COMMAND=/var/lib/snapd/snap/bin/kmon
Mar 31 20:19:21 arch sudo[107894]: pam_unix(sudo:session): session opened for user root by (uid=0)
Mar 31 20:20:01 arch sudo[107894]: pam_unix(sudo:session): session closed for user root

jdstrand · March 31, 2020, 8:53pm

Where are you loading the modules from?

orhun · April 1, 2020, 8:16am

From /lib/modules/ with modprobe command.

jdstrand · April 1, 2020, 12:43pm

How are you invoking modprobe? It works fine here:

$ snap connections test-kmod
Interface              Plug                             Slot                    Notes
kernel-module-control  test-kmod:kernel-module-control  :kernel-module-control  manual

$ sudo test-kmod  # this is just a script that calls '/bin/bash --norc -i'

bash-4.3# lsmod|grep ftp
bash-4.3# modprobe nf_conntrack_ftp
bash-4.3# lsmod|grep ftp
nf_conntrack_ftp       24576  0
nf_conntrack          139264  4 xt_conntrack,nf_nat,nf_conntrack_ftp,xt_MASQUERADE
bash-4.3# modprobe -r nf_conntrack_ftp
bash-4.3# lsmod|grep ftp
bash-4.3#

orhun · April 1, 2020, 1:16pm

Executing the modprobe [module_name] with this function. Also the same function is used for the other calls like modinfo [module_name] which also fails to retrieve the module information.

ogra · April 1, 2020, 2:18pm

seeing that you execute your snap from /var/lib/snapd/snap looks like you are not using some ubuntu based os over there … what is the output of snap version ?

orhun · April 1, 2020, 3:09pm

$ snap version
snap    2.43.3-1
snapd   2.43.3-1
series  16
arch    -
kernel  5.5.8-arch1-1

jdstrand · April 1, 2020, 4:34pm

This may be an arch-specific issue. Can you reinstall your snap with --devmode then do:

$ sudo snap run --shell kmon
bash$ ls -l /lib/modules

does it contain anything?

orhun · April 1, 2020, 5:08pm

Yes, it contains my current kernel and older kernel files.

$ sudo snap install kmon_v0.3.3+git13.a61efff_amd64.snap --devmode
kmon v0.3.3+git13.a61efff installed
$ sudo snap run --shell kmon
bash: warning: setlocale: LC_ALL: cannot change locale (en_US.utf-8)
[root@arch kmon]# ls -l /lib/modules
total 16
drwxr-xr-x 4 root root 4096 Jan  8 15:05 5.3.12-arch1-1
drwxr-xr-x 4 root root 4096 Nov 24 13:23 5.3.5-arch1-1-ARCH
drwxr-xr-x 3 root root 4096 Mar 11 22:45 5.4.8-arch1-1
drwxr-xr-x 6 root root 4096 Mar 14 12:02 5.5.8-arch1-1

I will try to install the snap on a Ubuntu virtual machine soon.

jdstrand · April 1, 2020, 5:57pm

You might also try sudo snap run --strace kmon ... and see if anything looks suspicious.

orhun · April 1, 2020, 8:07pm

I’ve created another snap for running the trace since it’s a TUI app and the trace logs just flood.
It tries to execute modinfo then exists immediately.
Here’s the full trace logs: https://paste.ubuntu.com/p/VkbcWX8MwF/

Here’s the interesting part:

[pid 132762] execve("/snap/kmon/x1/usr/sbin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/snap/kmon/x1/usr/bin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/snap/kmon/x1/sbin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/snap/kmon/x1/bin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/usr/local/sbin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/usr/local/bin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/usr/sbin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)
[pid 132762] execve("/usr/bin/modinfo", ["modinfo", "tun"], 0x7ffe45c1adb8 /* 36 vars */) = -1 ENOENT (No such file or directory)