1# SPDX-License-Identifier: GPL-2.0-only 2menuconfig MODULES 3 bool "Enable loadable module support" 4 modules 5 select EXECMEM 6 help 7 Kernel modules are small pieces of compiled code which can 8 be inserted in the running kernel, rather than being 9 permanently built into the kernel. You use the "modprobe" 10 tool to add (and sometimes remove) them. If you say Y here, 11 many parts of the kernel can be built as modules (by 12 answering M instead of Y where indicated): this is most 13 useful for infrequently used options which are not required 14 for booting. For more information, see the man pages for 15 modprobe, lsmod, modinfo, insmod and rmmod. 16 17 If you say Y here, you will need to run "make 18 modules_install" to put the modules under /lib/modules/ 19 where modprobe can find them (you may need to be root to do 20 this). 21 22 If unsure, say Y. 23 24if MODULES 25 26config MODULE_DEBUGFS 27 bool 28 29config MODULE_DEBUG 30 bool "Module debugging" 31 depends on DEBUG_FS 32 help 33 Allows you to enable / disable features which can help you debug 34 modules. You don't need these options on production systems. 35 36if MODULE_DEBUG 37 38config MODULE_STATS 39 bool "Module statistics" 40 depends on DEBUG_FS 41 select MODULE_DEBUGFS 42 help 43 This option allows you to maintain a record of module statistics. 44 For example, size of all modules, average size, text size, a list 45 of failed modules and the size for each of those. For failed 46 modules we keep track of modules which failed due to either the 47 existing module taking too long to load or that module was already 48 loaded. 49 50 You should enable this if you are debugging production loads 51 and want to see if userspace or the kernel is doing stupid things 52 with loading modules when it shouldn't or if you want to help 53 optimize userspace / kernel space module autoloading schemes. 54 You might want to do this because failed modules tend to use 55 up significant amount of memory, and so you'd be doing everyone a 56 favor in avoiding these failures proactively. 57 58 This functionality is also useful for those experimenting with 59 module .text ELF section optimization. 60 61 If unsure, say N. 62 63config MODULE_DEBUG_AUTOLOAD_DUPS 64 bool "Debug duplicate modules with auto-loading" 65 help 66 Module autoloading allows in-kernel code to request modules through 67 the *request_module*() API calls. This in turn just calls userspace 68 modprobe. Although modprobe checks to see if a module is already 69 loaded before trying to load a module there is a small time window in 70 which multiple duplicate requests can end up in userspace and multiple 71 modprobe calls race calling finit_module() around the same time for 72 duplicate modules. The finit_module() system call can consume in the 73 worst case more than twice the respective module size in virtual 74 memory for each duplicate module requests. Although duplicate module 75 requests are non-fatal virtual memory is a limited resource and each 76 duplicate module request ends up just unnecessarily straining virtual 77 memory. 78 79 This debugging facility will create pr_warn() splats for duplicate 80 module requests to help identify if module auto-loading may be the 81 culprit to your early boot virtual memory pressure. Since virtual 82 memory abuse caused by duplicate module requests could render a 83 system unusable this functionality will also converge races in 84 requests for the same module to a single request. You can boot with 85 the module.enable_dups_trace=1 kernel parameter to use WARN_ON() 86 instead of the pr_warn(). 87 88 If the first module request used request_module_nowait() we cannot 89 use that as the anchor to wait for duplicate module requests, since 90 users of request_module() do want a proper return value. If a call 91 for the same module happened earlier with request_module() though, 92 then a duplicate request_module_nowait() would be detected. The 93 non-wait request_module() call is synchronous and waits until modprobe 94 completes. Subsequent auto-loading requests for the same module do 95 not trigger a new finit_module() calls and do not strain virtual 96 memory, and so as soon as modprobe successfully completes we remove 97 tracking for duplicates for that module. 98 99 Enable this functionality to try to debug virtual memory abuse during 100 boot on systems which are failing to boot or if you suspect you may be 101 straining virtual memory during boot, and you want to identify if the 102 abuse was due to module auto-loading. These issues are currently only 103 known to occur on systems with many CPUs (over 400) and is likely the 104 result of udev issuing duplicate module requests for each CPU, and so 105 module auto-loading is not the culprit. There may very well still be 106 many duplicate module auto-loading requests which could be optimized 107 for and this debugging facility can be used to help identify them. 108 109 Only enable this for debugging system functionality, never have it 110 enabled on real systems. 111 112config MODULE_DEBUG_AUTOLOAD_DUPS_TRACE 113 bool "Force full stack trace when duplicates are found" 114 depends on MODULE_DEBUG_AUTOLOAD_DUPS 115 help 116 Enabling this will force a full stack trace for duplicate module 117 auto-loading requests using WARN_ON() instead of pr_warn(). You 118 should keep this disabled at all times unless you are a developer 119 and are doing a manual inspection and want to debug exactly why 120 these duplicates occur. 121 122endif # MODULE_DEBUG 123 124config MODULE_FORCE_LOAD 125 bool "Forced module loading" 126 default n 127 help 128 Allow loading of modules without version information (ie. modprobe 129 --force). Forced module loading sets the 'F' (forced) taint flag and 130 is usually a really bad idea. 131 132config MODULE_UNLOAD 133 bool "Module unloading" 134 help 135 Without this option you will not be able to unload any 136 modules (note that some modules may not be unloadable 137 anyway), which makes your kernel smaller, faster 138 and simpler. If unsure, say Y. 139 140config MODULE_FORCE_UNLOAD 141 bool "Forced module unloading" 142 depends on MODULE_UNLOAD 143 help 144 This option allows you to force a module to unload, even if the 145 kernel believes it is unsafe: the kernel will remove the module 146 without waiting for anyone to stop using it (using the -f option to 147 rmmod). This is mainly for kernel developers and desperate users. 148 If unsure, say N. 149 150config MODULE_UNLOAD_TAINT_TRACKING 151 bool "Tainted module unload tracking" 152 depends on MODULE_UNLOAD 153 select MODULE_DEBUGFS 154 help 155 This option allows you to maintain a record of each unloaded 156 module that tainted the kernel. In addition to displaying a 157 list of linked (or loaded) modules e.g. on detection of a bad 158 page (see bad_page()), the aforementioned details are also 159 shown. If unsure, say N. 160 161config MODVERSIONS 162 bool "Module versioning support" 163 depends on !COMPILE_TEST 164 help 165 Usually, you have to use modules compiled with your kernel. 166 Saying Y here makes it sometimes possible to use modules 167 compiled for different kernels, by adding enough information 168 to the modules to (hopefully) spot any changes which would 169 make them incompatible with the kernel you are running. If 170 unsure, say N. 171 172choice 173 prompt "Module versioning implementation" 174 depends on MODVERSIONS 175 help 176 Select the tool used to calculate symbol versions for modules. 177 178 If unsure, select GENKSYMS. 179 180config GENKSYMS 181 bool "genksyms (from source code)" 182 help 183 Calculate symbol versions from pre-processed source code using 184 genksyms. 185 186 If unsure, say Y. 187 188config GENDWARFKSYMS 189 bool "gendwarfksyms (from debugging information)" 190 depends on DEBUG_INFO 191 # Requires full debugging information, split DWARF not supported. 192 depends on !DEBUG_INFO_REDUCED && !DEBUG_INFO_SPLIT 193 # Requires ELF object files. 194 depends on !LTO 195 help 196 Calculate symbol versions from DWARF debugging information using 197 gendwarfksyms. Requires DEBUG_INFO to be enabled. 198 199 If unsure, say N. 200endchoice 201 202config ASM_MODVERSIONS 203 bool 204 default HAVE_ASM_MODVERSIONS && MODVERSIONS 205 help 206 This enables module versioning for exported symbols also from 207 assembly. This can be enabled only when the target architecture 208 supports it. 209 210config EXTENDED_MODVERSIONS 211 bool "Extended Module Versioning Support" 212 depends on MODVERSIONS 213 help 214 This enables extended MODVERSIONs support, allowing long symbol 215 names to be versioned. 216 217 The most likely reason you would enable this is to enable Rust 218 support. If unsure, say N. 219 220config MODULE_SRCVERSION_ALL 221 bool "Source checksum for all modules" 222 help 223 Modules which contain a MODULE_VERSION get an extra "srcversion" 224 field inserted into their modinfo section, which contains a 225 sum of the source files which made it. This helps maintainers 226 see exactly which source was used to build a module (since 227 others sometimes change the module source without updating 228 the version). With this option, such a "srcversion" field 229 will be created for all modules. If unsure, say N. 230 231config MODULE_SIG 232 bool "Module signature verification" 233 select MODULE_SIG_FORMAT 234 help 235 Check modules for valid signatures upon load: the signature 236 is simply appended to the module. For more information see 237 <file:Documentation/admin-guide/module-signing.rst>. 238 239 Note that this option adds the OpenSSL development packages as a 240 kernel build dependency so that the signing tool can use its crypto 241 library. 242 243 You should enable this option if you wish to use either 244 CONFIG_SECURITY_LOCKDOWN_LSM or lockdown functionality imposed via 245 another LSM - otherwise unsigned modules will be loadable regardless 246 of the lockdown policy. 247 248 !!!WARNING!!! If you enable this option, you MUST make sure that the 249 module DOES NOT get stripped after being signed. This includes the 250 debuginfo strip done by some packagers (such as rpmbuild) and 251 inclusion into an initramfs that wants the module size reduced. 252 253config MODULE_SIG_FORCE 254 bool "Require modules to be validly signed" 255 depends on MODULE_SIG 256 help 257 Reject unsigned modules or signed modules for which we don't have a 258 key. Without this, such modules will simply taint the kernel. 259 260config MODULE_SIG_ALL 261 bool "Automatically sign all modules" 262 default y 263 depends on MODULE_SIG || IMA_APPRAISE_MODSIG 264 help 265 Sign all modules during make modules_install. Without this option, 266 modules must be signed manually, using the scripts/sign-file tool. 267 268comment "Do not forget to sign required modules with scripts/sign-file" 269 depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL 270 271choice 272 prompt "Hash algorithm to sign modules" 273 depends on MODULE_SIG || IMA_APPRAISE_MODSIG 274 help 275 This determines which sort of hashing algorithm will be used during 276 signature generation. This algorithm _must_ be built into the kernel 277 directly so that signature verification can take place. It is not 278 possible to load a signed module containing the algorithm to check 279 the signature on that module. 280 281config MODULE_SIG_SHA1 282 bool "SHA-1" 283 select CRYPTO_SHA1 284 285config MODULE_SIG_SHA256 286 bool "SHA-256" 287 select CRYPTO_SHA256 288 289config MODULE_SIG_SHA384 290 bool "SHA-384" 291 select CRYPTO_SHA512 292 293config MODULE_SIG_SHA512 294 bool "SHA-512" 295 select CRYPTO_SHA512 296 297config MODULE_SIG_SHA3_256 298 bool "SHA3-256" 299 select CRYPTO_SHA3 300 301config MODULE_SIG_SHA3_384 302 bool "SHA3-384" 303 select CRYPTO_SHA3 304 305config MODULE_SIG_SHA3_512 306 bool "SHA3-512" 307 select CRYPTO_SHA3 308 309endchoice 310 311config MODULE_SIG_HASH 312 string 313 depends on MODULE_SIG || IMA_APPRAISE_MODSIG 314 default "sha1" if MODULE_SIG_SHA1 315 default "sha256" if MODULE_SIG_SHA256 316 default "sha384" if MODULE_SIG_SHA384 317 default "sha512" if MODULE_SIG_SHA512 318 default "sha3-256" if MODULE_SIG_SHA3_256 319 default "sha3-384" if MODULE_SIG_SHA3_384 320 default "sha3-512" if MODULE_SIG_SHA3_512 321 322config MODULE_COMPRESS 323 bool "Module compression" 324 help 325 Enable module compression to reduce on-disk size of module binaries. 326 This is fully compatible with signed modules. 327 328 The tool used to work with modules needs to support the selected 329 compression type. kmod MAY support gzip, xz and zstd. Other tools 330 might have a limited selection of the supported types. 331 332 Note that for modules inside an initrd or initramfs, it's more 333 efficient to compress the whole ramdisk instead. 334 335 If unsure, say N. 336 337choice 338 prompt "Module compression type" 339 depends on MODULE_COMPRESS 340 help 341 Choose the supported algorithm for module compression. 342 343config MODULE_COMPRESS_GZIP 344 bool "GZIP" 345 help 346 Support modules compressed with GZIP. The installed modules are 347 suffixed with .ko.gz. 348 349config MODULE_COMPRESS_XZ 350 bool "XZ" 351 help 352 Support modules compressed with XZ. The installed modules are 353 suffixed with .ko.xz. 354 355config MODULE_COMPRESS_ZSTD 356 bool "ZSTD" 357 help 358 Support modules compressed with ZSTD. The installed modules are 359 suffixed with .ko.zst. 360 361endchoice 362 363config MODULE_COMPRESS_ALL 364 bool "Automatically compress all modules" 365 default y 366 depends on MODULE_COMPRESS 367 help 368 Compress all modules during 'make modules_install'. 369 370 Your build system needs to provide the appropriate compression tool 371 for the selected compression type. External modules will also be 372 compressed in the same way during the installation. 373 374config MODULE_DECOMPRESS 375 bool "Support in-kernel module decompression" 376 depends on MODULE_COMPRESS 377 select ZLIB_INFLATE if MODULE_COMPRESS_GZIP 378 select XZ_DEC if MODULE_COMPRESS_XZ 379 select ZSTD_DECOMPRESS if MODULE_COMPRESS_ZSTD 380 help 381 Support for decompressing kernel modules by the kernel itself 382 instead of relying on userspace to perform this task. Useful when 383 load pinning security policy is enabled. 384 385 If unsure, say N. 386 387config MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS 388 bool "Allow loading of modules with missing namespace imports" 389 help 390 Symbols exported with EXPORT_SYMBOL_NS*() are considered exported in 391 a namespace. A module that makes use of a symbol exported with such a 392 namespace is required to import the namespace via MODULE_IMPORT_NS(""). 393 There is no technical reason to enforce correct namespace imports, 394 but it creates consistency between symbols defining namespaces and 395 users importing namespaces they make use of. This option relaxes this 396 requirement and lifts the enforcement when loading a module. 397 398 If unsure, say N. 399 400config MODPROBE_PATH 401 string "Path to modprobe binary" 402 default "/sbin/modprobe" 403 help 404 When kernel code requests a module, it does so by calling 405 the "modprobe" userspace utility. This option allows you to 406 set the path where that binary is found. This can be changed 407 at runtime via the sysctl file 408 /proc/sys/kernel/modprobe. Setting this to the empty string 409 removes the kernel's ability to request modules (but 410 userspace can still load modules explicitly). 411 412config TRIM_UNUSED_KSYMS 413 bool "Trim unused exported kernel symbols" 414 help 415 The kernel and some modules make many symbols available for 416 other modules to use via EXPORT_SYMBOL() and variants. Depending 417 on the set of modules being selected in your kernel configuration, 418 many of those exported symbols might never be used. 419 420 This option allows for unused exported symbols to be dropped from 421 the build. In turn, this provides the compiler more opportunities 422 (especially when using LTO) for optimizing the code and reducing 423 binary size. This might have some security advantages as well. 424 425 If unsure, or if you need to build out-of-tree modules, say N. 426 427config UNUSED_KSYMS_WHITELIST 428 string "Whitelist of symbols to keep in ksymtab" 429 depends on TRIM_UNUSED_KSYMS 430 help 431 By default, all unused exported symbols will be un-exported from the 432 build when TRIM_UNUSED_KSYMS is selected. 433 434 UNUSED_KSYMS_WHITELIST allows to whitelist symbols that must be kept 435 exported at all times, even in absence of in-tree users. The value to 436 set here is the path to a text file containing the list of symbols, 437 one per line. The path can be absolute, or relative to the kernel 438 source or obj tree. 439 440config MODULES_TREE_LOOKUP 441 def_bool y 442 depends on PERF_EVENTS || TRACING || CFI_CLANG 443 444endif # MODULES 445