A huge advantage of Linux over the Windows operating system is the ability to insert and/or remove kernel modules on the fly. When applying Windows updates, most of the time you have to reboot your system, in some cases several times. In Linux, you can insert or remove kernel device drivers (modules) for your USB system at will. This flexibility also carries over to development, you can create a kernel module and insert it into your running kernel to check its functionality (although I would not recommend this as you could halt your system if your module contained a flaw). Last article Netfilter Hook: Basic Packet Filtering in Kernel outlined how to create a kernel module that did basic firewalling. Using the command insmod you can insert the module, lsmod can display current modules and tools like rmmod may remove them. This article will outline those features in more detail.
Insert A Module With ‘insmod’
If you have a pre-compiled kernel module (a *.ko) file, you can insert this module into your running kernel by executing the insmod command, running with sudo or as root. For example:
# insmod skb_test.ko
If no errors occurred the module should be loaded into the kernel. To detect the presence of the module we can use the lsmod utility, aka list modules.
# lsmod | grep sk_test sk_test 1748 0
The three columns are:
- The name of kernel module.
- The amount of memory being used by this module
- The number of other modules that reference functions within the module.
View Module Information with ‘modinfo’
When developing a kernel module, the programmer can specify information regarding the module. There are a set of pre-defined fields that can be filled out during the development of the module. modinfo can display that information. For example, lets look at a aes_generic kernel modules used for cryptography:
1 2 3 4 5 6 7 8 9
$ modinfo aes-x86_64 filename: /lib/modules/2.6.38-8-generic/kernel/arch/x86/crypto/aes-x86_64.ko alias: aes-asm alias: aes license: GPL description: Rijndael (AES) Cipher Algorithm, asm optimized srcversion: 03EEE2E935DDCE8962CA5CC depends: aes_generic vermagic: 2.6.38-8-generic SMP mod_unload modversions
Display All Kernel Modules With ‘lsmod’
As displayed earlier, the lsmod command will display all kernel modules currently running on the system. This is not to say it displays all running modules, it simply displays any modules inserted after run time. During kernel compilation you may specify if a module should be built-in to the kernel or loaded at run time or later. Here is a more thorough output of lsmod:
1 2 3 4 5 6 7 8 9 10 11 12 13
# lsmod | grep snd snd_hda_codec_realtek 336693 1 snd_hda_intel 33211 2 snd_hda_codec 103804 2 snd_hda_codec_realtek,snd_hda_intel snd_hwdep 13604 1 snd_hda_codec snd_pcm 96625 2 snd_hda_intel,snd_hda_codec snd_seq_midi 13324 0 snd_rawmidi 30486 1 snd_seq_midi snd_seq_midi_event 14899 1 snd_seq_midi snd_seq 61621 2 snd_seq_midi,snd_seq_midi_event snd_timer 29602 2 snd_pcm,snd_seq snd_seq_device 14462 3 snd_seq_midi,snd_rawmidi,snd_seq snd 67382 13 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
As you can see here, this lists the amount of other modules depending on snd for example…but in this case it also lists those modules by name. This way if you were to remove the kernel module you would know which modules need to be removed prior due to dependencies.
Remove A Kernel Module With ‘rmmod’
Removing a kernel module is almost as easy as inserting one. The main difference when using rmmod over insmod is that you have to take into account those dependencies I mentioned earlier. For example:
1 2 3 4 5 6 7 8
# lsmod | grep crypto crypto_blkcipher 9540 2 ecb,cbc crypto_hash 2400 1 hmac cryptomgr 1280 0 crypto_algapi 6816 9 sha1_generic,md5,hmac,des_generic,deflate,ecb,cbc,crypto_blkcipher,cryptomgr root@00:00:10:73:77:64 tmp# rmmod crypto_algapi rmmod: crypto_algapi: Resource temporarily unavailable
As you can see above, the crypto_algapi has 9 dependencies, so when I attempted to remove that module, there was the resource unavailable message. On a successful removal of a kernel module the output is as innocuous as the initial insert. No error means success.