Ubuntu
linux package

Don't autoload unneeded modules

Bug #1125597 reported by Christian Kujau
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Every time the kernel is upgraded and initrd is regenerated, some modules are loaded. These modules are not necessary for the system to run, take up memory and may even enlarge the attack surface when (security-)issues were to be found in these modules.

How to reproduce on this Amazon EC2 instance:

--------------------------------------------------------------------------
# lsmod
[nothing]

# dpkg-reconfigure linux-image-3.2.0-38-virtual
Running depmod.
update-initramfs: deferring update (hook will be called later)
Examining /etc/kernel/postinst.d.
run-parts: executing /etc/kernel/postinst.d/apt-auto-removal 3.2.0-38-virtual /boot/vmlinuz-3.2.0-38-virtual
run-parts: executing /etc/kernel/postinst.d/initramfs-tools 3.2.0-38-virtual /boot/vmlinuz-3.2.0-38-virtual
update-initramfs: Generating /boot/initrd.img-3.2.0-38-virtual
run-parts: executing /etc/kernel/postinst.d/x-grub-legacy-ec2 3.2.0-38-virtual /boot/vmlinuz-3.2.0-38-virtual
Searching for GRUB installation directory ... found: /boot/grub
Searching for default file ... found: /boot/grub/default
Testing for an existing GRUB menu.lst file ... found: /boot/grub/menu.lst
Searching for splash image ... none found, skipping ...
Found kernel: /boot/vmlinuz-3.2.0-38-virtual
Updating /boot/grub/menu.lst ... done

run-parts: executing /etc/kernel/postinst.d/zz-update-grub 3.2.0-38-virtual /boot/vmlinuz-3.2.0-38-virtual
Generating grub.cfg ...
cat: /boot/grub/video.lst: No such file or directory
/usr/sbin/grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
Found linux image: /boot/vmlinuz-3.2.0-38-virtual
Found initrd image: /boot/initrd.img-3.2.0-38-virtual
/usr/sbin/grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
/usr/sbin/grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
/usr/sbin/grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
/usr/sbin/grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
/usr/sbin/grub-probe: warn: disk does not exist, so falling back to partition device /dev/xvda1.
done

# lsmod
Module Size Used by
btrfs 638248 0
zlib_deflate 26622 1 btrfs
libcrc32c 12543 1 btrfs
ufs 78131 0
vfat 17308 0
msdos 17132 0
fat 55605 2 vfat,msdos
xfs 747494 0
ext2 67987 0

# grep -r ^[a-zA-Z] /etc/modules /etc/initramfs-tools/ /etc/modprobe.d/ | grep -v blacklist
/etc/initramfs-tools/initramfs.conf:MODULES=list
/etc/initramfs-tools/initramfs.conf:BUSYBOX=y
/etc/initramfs-tools/initramfs.conf:COMPCACHE_SIZE=""
/etc/initramfs-tools/initramfs.conf:COMPRESS=gzip
/etc/initramfs-tools/initramfs.conf:BOOT=local
/etc/initramfs-tools/initramfs.conf:DEVICE=
/etc/initramfs-tools/initramfs.conf:NFSROOT=auto
/etc/initramfs-tools/update-initramfs.conf:update_initramfs=yes
/etc/initramfs-tools/update-initramfs.conf:backup_initramfs=no

# grep ^b /etc/modprobe.d/local.conf
blacklist btrfs
blacklist zlib_deflate
blacklist libcrc32c
blacklist crc32c
blacklist ufs
blacklist qnx4
blacklist hfsplus
blacklist hfs
blacklist minix
blacklist ntfs
blacklist vfat
blacklist msdos
blacklist fat
blacklist dm_crypt
--------------------------------------------------------------------------

Interestingly, none of these modules are included in the resulting initrd:

# gzip -dc /boot/initrd* | cpio -it | grep kernel/
lib/modules/3.2.0-38-virtual/kernel/drivers
lib/modules/3.2.0-38-virtual/kernel/drivers/video
lib/modules/3.2.0-38-virtual/kernel/drivers/video/vga16fb.ko
lib/modules/3.2.0-38-virtual/kernel/drivers/video/vgastate.ko
lib/modules/3.2.0-38-virtual/kernel/drivers/video/vesafb.ko
lib/modules/3.2.0-38-virtual/kernel/drivers/md
lib/modules/3.2.0-38-virtual/kernel/drivers/md/dm-crypt.ko
lib/modules/3.2.0-38-virtual/kernel/crypto
lib/modules/3.2.0-38-virtual/kernel/crypto/xts.ko
lib/modules/3.2.0-38-virtual/kernel/crypto/gf128mul.ko
lib/modules/3.2.0-38-virtual/kernel/arch
lib/modules/3.2.0-38-virtual/kernel/arch/x86
lib/modules/3.2.0-38-virtual/kernel/arch/x86/crypto
lib/modules/3.2.0-38-virtual/kernel/arch/x86/crypto/aes-i586.ko
10837 blocks

Note: executing "update-initramfs -u -k `uname -r`" alone does NOT load these modules!

Workaround:

Running "rmmod btrfs zlib_deflate libcrc32c ufs vfat msdos fat xfs ext2" after every kernel upgrade.
---
AcpiTables:

AlsaDevices:
 total 0
 crw-rw---T 1 root audio 116, 1 Feb 8 15:01 seq
 crw-rw---T 1 root audio 116, 33 Feb 8 15:01 timer
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.0.1-0ubuntu17.1
Architecture: i386
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CRDA: Error: [Errno 2] No such file or directory
DistroRelease: Ubuntu 12.04
IwConfig: Error: [Errno 2] No such file or directory
Lspci: Error: [Errno 2] No such file or directory
Lsusb: Error: [Errno 2] No such file or directory
MarkForUpload: True
Package: linux (not installed)
PciMultimedia:

ProcEnviron:
 TERM=xterm-color
 PATH=(custom, no user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcFB:

ProcKernelCmdLine: root=UUID=0145b26e-0d12-45a8-b22e-fc09c1eb2904 ro console=hvc0
ProcModules:

ProcVersionSignature: Ubuntu 3.2.0-38.59-virtual 3.2.37
RelatedPackageVersions:
 linux-restricted-modules-3.2.0-38-virtual N/A
 linux-backports-modules-3.2.0-38-virtual N/A
 linux-firmware 1.79.2
RfKill: Error: [Errno 2] No such file or directory
Tags: precise
Uname: Linux 3.2.0-38-virtual i686
UpgradeStatus: Upgraded to precise on 2012-08-21 (177 days ago)
UserGroups:

WifiSyslog:

See original description
Christian Kujau (christiank)
description: updated
description: updated
Revision history for this message
Brad Figg (brad-figg) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1125597

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: precise
Revision history for this message
Christian Kujau (christiank) wrote : BootDmesg.txt

apport information

tags: added: apport-collected
description: updated
Revision history for this message
Christian Kujau (christiank) wrote : CurrentDmesg.txt

apport information

Revision history for this message
Christian Kujau (christiank) wrote : ProcCpuinfo.txt

apport information

Revision history for this message
Christian Kujau (christiank) wrote : ProcInterrupts.txt

apport information

Revision history for this message
Christian Kujau (christiank) wrote : UdevDb.txt

apport information

Revision history for this message
Christian Kujau (christiank) wrote : UdevLog.txt

apport information

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Bernardo Reino (reinob) wrote :

The modules are being loaded by os-prober, which update-grub runs (if found).

I have apt-get remove'd os-prober (I don't need it anyway) and now these modules are never being loaded.

Revision history for this message
Christian Kujau (christiank) wrote :

Hah! Great, thanks!

os-prober doesn't come with any documentation (I guess this warrants another bug :-)), never thought that it was to blame here. For the record, /usr/bin/os-prober calls /usr/lib/os-probes/init/10filesystems, where it does something like this:

 for fs in $FILESYSTEMS; do
     modprobe "$fs"
 done

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.