Linux - Modules

The word "Module" can mean different things in Linux.

Loadable Kernel Modules (LKM)

Previously, if you want a feature that is not included in the default kernel, or if you need to support a special hardware, you need to recompile the Linux kernel; now, you can use Loadable Kernel Modules (LKM) instead.

A kernel module is a piece of compiled binary code that is inserted directly into the Linux kernel, running at ring 0, the lowest and least protected ring of execution in the x86–64 processor.

• list installed modules: lsmod, or check /proc/modules;
• load modules on the fly (often used for devices, file systems, system calls, etc.)
  • insmod, simply tries to load a module.
  • modprobe, tries to determine if the module it is loading needs other modules and picks them up from a known location.
• remove modules: rmmod
• check dependencies depmod
• check info modinfo
• kernel module suffix: .ko (Kernel Object).
• location: /lib/modules or /usr/lib/modules/.
• use modinfo XXX to list the attributes of a Kernel module.
• examples: firmware and device drivers.

Linux differ from macOS and Windows: it includes drivers at the kernel level.

Commands:

• Install: $ insmod <module> (does not resolve dependencies) or $ modprobe <module> (more powerful than insmod)
• Remove: $ rmmod <module>
• List: $ lsmod (prints a the formatted contents of the /proc/modules)
• Rebuild module dependancy database using /lib/modules/$(uname -r)/modules.dep: $ depmod -a
• Info: $ modinfo /path/to/module.ko
• List all available modules: ls -R /lib/modules/$(uname -r)

Linux Security Modules (LSM)

Linux Security Modules (LSM) are NOT loadable kernel modules. They are selectable at build-time via CONFIG_DEFAULT_SECURITY and can be overridden at boot-time.

Examples: SELinux (Redhat), AppArmor (Ubuntu).

Read more: LSM Page

Linux Pluggable Authentication Modules (PAM)

pam - Pluggable Authentication Modules for Linux.

PAM configuration files are stored in /etc/pam.