depmod(Dependency Modules) command is used to generate a list of dependency description of kernel modules and its associated map files. This analyzes the kernel modules in the directory /lib/modules/kernel-release and creates a “Makefile”-like dependency file named modules.dep based on the symbols present in the set of modules. These modules are generally taken from the directories specified in the configuration file or mentioned on the command line. Then when the stack of modules are added and removed automatically with modprobe, no modules are without the other related modules they require. Simultaneously, it creates an associated map correlating the hardware identifiers and the corresponding modules that handle them for the purpose of use by the hotplug infrastructure. This specifically associated mapping is used to search for and find the correct module when a unit of hardware requests it.
The Linux kernel relies on depmod and modprobe to send the raw facts of data for its modules, in the proper order to load them. The depmod and modprobe command utilities facilitate a Linux modular kernel manageable for all end users, distribution maintenance engineers, network and system administrators.
depmod [ -a ] [ -b basedir ] [ -e ] [ -F System.map ] [ -n ] [ -v ] [ version ] [ -A ] [-n] [-v] [-A] [-P prefix] [-w] [version] depmod [-e] [-E Module.symvers] [-F System.map] [-m] [-n] [-v] [-P prefix] [-w] [version] [filename...][Tex]
Linux kernel modules would provide unique services called “symbols” for other modules to make use of its utilities. This could be done by using one of the EXPORT_SYMBOL variants in the code. Eventually when a second module uses this symbol, then the second module solely depends on the attributes and functions of the first module. These modular dependencies tend to look complex.
The main objective of the depmod command is to creates a list of module dependencies by revoking each module under /lib/modules/kernel-release and finds what export symbols are used to quantify its needs. By default, this list is written to modules.dep, and also made available in binary hashed version named modules.dep.bin, in the same specific directory.
- depmod command also creates a list of symbols provided by modules in the file named modules.symbols.
- depmod command creates a list of symbols in modules by its binary hashed version, modules.symbols.bin.
- depmod will save the output of a file named modules.devname if modules supply unique device names (devname) that should be populated in /dev on boot by a specific utility such as udev.
- -a, –all: Thoroughly probes and examines all of the modules in the kernel. By default, this option is enabled if no file names are given in the command-line.
- -A, –quick: This option scans and finds to see if any modules are new one than those in the modules.dep file before any work is done: if found not, it smoothly exits rather than regenerating the files again.
- -b basedir, –basedir, basedir: If the modules are not currently in the default directory /lib/modules/kernel-version, but in some other staging area, we can specify a basedir that make a landing to the directory name. This basedir is stripped from the resulting modules.dep file, so it is always ready to be moved into the default location /lib/modules/kernel-version. A distribution vendor who needs to pre-generate the meta-data files rather than running depmod again later would find this option very useful.
- -C, –config file-or-directory: This particular option overrides the default configuration directory at /etc/depmod.d/.
- -e, –errsyms: When combined with the -F option, this reports any specific symbols which a module particularly needs that are not absolutely supplied by other modules or the kernel. By default, any symbols that not provided by the modules are assumed to be provided by the kernel, but this presumption can be void when additionally updated third party drivers are not properly installed or were built with errors.
- -E, –symvers: depmod when combined with the -e option, reports any symbol versions supplied by modules that do not match with the symbol versions provided by the kernel in its Module.symvers. This option is mutually incompatible with -F option.
- -F, –filesyms System.map: Supplied with the System.map produced when the kernel was built, this allows the -e option to report unresolved and unidentified symbols. This option is mutually incompatible with -E.
- -h, –help: This option tends to print the help message and exit.
- -n, –show: This option displays the dependency file on stdout instead of in the /lib/modules tree.
- -q, –quiet: This option instructs depmod to keep quiet and not to complain about missing symbols.
- -r, –root: This option help some users who compile modules under a non-root userid, then install the modules as root. This process can leave the modules owned by the non-root userid which is prone to attacks by the intruders, even though the modules directory is owned by root. If the non-root userid is compromised at one stance, an intruder can overwrite the existing modules owned by that non-root userid and use this exposure to bootstrap up to root access. Normally, the modutils will reject attempts to use a module that is not owned by root. Specifying-r will override the error and allow root to load modules that are not owned by root. Use of -r is a major security exposure and is not recommended since the module is prone to attacks.
- -s, –syslog: This option displays all error messages via the syslog daemon instead of stderr.
- -u, –unresolved-error: depmod command does not set a return code when there are any unresolved symbols present in the module. Some distributions want a non-zero return code in modutils but that change might cause problems for users who expect the old behavior. If you want a non-zero return code in depmod specify -u. In latest Linux kernal versions depmod command will silently ignore the -u flag and will always give a non-zero return code for unresolved symbols.
- -n, –dry-run: This option sends the resulting modules.dep and the various associated map files to standard output rather than writing them into the module directory.
- -P: This option makes some architectures prefix symbols with an extraneous character. This mention a prefix character (for example ‘_’) to ignore.
- -v, –verbose: The option verbose mode in depmod will print to standard output all the symbols each module depends on and the particular module’s file name which provides that symbol.
- -V, –version: This option tends to display depmod’s version and exit.
- -w: This option pops up a Warning message on duplicate dependencies, aliases, symbol versions, etc.
Example: The following is a series of commands that helps to illustrate a usual way to use depmod command in Linux. Each command is prefixed with sudo since each of them requires proper root permissions:
Retriving file from default location:
ln -s /path/to/your-kernel-module.ko /lib/modules/`uname -r` /sbin/depmod -a modprobe your-kernel-module
Loading and Unloading a File from location other than default location:
$ ln -s lkm.ko /lib/modules/2.6.32-21-generic/ $ depmod -a $ modprobe lkm $ modprobe -r lkm lkm here refers to located or kept at any part of the memory.
Operations Expained line by line:
$ln -s /path/to/your-kernel-module.ko /lib/modules/`uname -r`
ln is used to create a symbolic link to our module file in the directory /lib/modules/kernel-release. The command uname -r, enclosed in back quotes, is executed by the shell and translates to the appropriate string representing our kernel release version.
Note: $depmod -a is an updated dependency list is generated by depmod -a to make sure that the module we’re installing is aware of all existing modules and dependencies. This dependency list will be used by modprobe when installing the module in the third command.