# [FAQF] KC7: Compiling directly into a kernel vs. modules

## TGL

I would add that compiling something, for instance a driver, as a module allows to easily tweak it options, which is sometimes indispensable.

----------

## wilburpan

Thanks for the suggestion.  I incorporated it into my FAQ.

----------

## spamspam

There is something to be said for making a non-modular kernel.

Some of the most effective rootkits are (or include) kernel modules. By compiling all needed features into the kernel, and disabling modules entirely, you can block them.

This technique is usefull on servers where the hardware seldom changes. It is not reccommended for desktops which are likely to need to hotplug USB or FireWire devices, or mount a variety of filesystems from time to time.

----------

## rogerx

I find building everything statically reduces the errors when trying to load a module/driver or messing with the modules.conf file... as most times, the module is already loaded with the features I need.

So what I do, is patch the kernel-2.6 w/ supermount and an orinoco hack for monitoring -- with the intent to keep the kernel as clean of patches as possible.  I have also recently started to build ieee1394/firewire statically since this feature now supports hotplugging... no need to unload & load ieee1394 modules as almost all the bugs are worked out of hotplugging hdd's and cdrom drives.

The only thing I'm loading as a module is the evdev due to my wacom pad or synaptics touch pad ... and I forget why!   :Wink: 

As a side note, I find that the o/s loads faster with a monolithic kernel versus modular.  But load times for the kernel are slightly increased on the monolithic kernel. ... no biggy.

Prior to kernel-2.6, I was still loading allot of stuff as module (ie pcmcia/ieee1394/ide-scsi/scsi, ...).

----------

## Caalvin

ok, i think compiling some drivers as module only make sense if you often change your hardware... the most desktop-system are "static" in that point..so building a monolith kernel would be the better choice.

On a notebook the situation is an other. I use Gentoo on a notebook, which i sometimes use in a docking, in several different networkenvironments, diverent monitors, printers, scanners and so on.. in this case, it is better to compile a lot drivers as modules, so they will only be loaded if the appropiated hardware is present... the "main"-drivers for the notebook itself surely as "compiled-in" for .

I hope this could help those, who are undecisive, if not, ok shame on me, this another useless post....

cheers

torsten

----------

## rogerx

Ok. granite.  Using kernel-2.6 here on my dell inspiron laptop.

To be honest, I *try* to compile everything statically into the kernel (to avoid loading modules on startup as it does somewhat slow down the boot process & sometimes using modules can conflict (atleast in kernel-2.4 modules did)).

But the clincher on the laptops are that sometimes you need to patch the kernel drivers with either more up-to-date code or because the driver isn't in the kernel yet (ie wacom, nvidia, orinoco monitor patch, ...)

Module                  Size  Used by

ppp_deflate             4992  0 

bsd_comp                5632  0 

agpgart                27688  0 

ipt_TOS                 2176  12 

ipt_LOG                 6016  7 

ipt_REJECT              5760  4 

ipt_pkttype             1664  4 

ipt_state               1792  14 

ip_nat_irc              4080  0 

ip_nat_tftp             3056  0 

ip_nat_ftp              5104  0 

ip_conntrack_irc       70832  1 ip_nat_irc

ip_conntrack_tftp       3120  0 

ip_conntrack_ftp       71600  1 ip_nat_ftp

ipt_multiport           1920  0 

ipt_conntrack           2304  0 

iptable_filter          2432  1 

iptable_mangle          2432  1 

iptable_nat            27436  3 ip_nat_irc,ip_nat_tftp,ip_nat_ftp

ip_conntrack           38928  9 ipt_state,ip_nat_irc,ip_nat_tftp,ip_nat_ftp,ip_conntrack_irc,ip_conntrack_tftp,ip_conntrack_ftp,ipt_conntrack,iptable_nat

ip_tables              19456  10 ipt_TOS,ipt_LOG,ipt_REJECT,ipt_pkttype,ipt_state,ipt_multiport,ipt_conntrack,iptable_filter,iptable_mangle,iptable_nat

e100                   29824  0 

rivafb                 46916  0 

vgastate                9600  1 rivafb

joydev                  8128  0 

ppp_async               9984  1 

ppp_generic            21780  7 ppp_deflate,bsd_comp,ppp_async

slhc                    6656  1 ppp_generic

evdev                   7552  1 

nvidia               2074184  14

As you can see, I also have firewall as modules.

I tend to just compile all my usb printer/scanner drivers right in too.  Unless you're worried about memory usage, laptops these days can have plenty of memory... granite, 512MB ain't exactly over doing it!

Again, pro's/cons of usb drivers as static/modules -- do you want to have the kernel fiddle with loading these during runtime and hope they load ok?  ... or do you just want to plug in h/w and already have the driver up and waiting to run?  Allot of pros/cons to consider -- And I still do not believe that there is one single "right way" of doing this (ie. the freedom of doing it your way.)

If I was running low on memory (which I do sometimes), I might use more modules.  Another thing one has to consider is "just how much memory" is saved by doing so... sometimes the module "help" text does offer size info, but most times, it's either negligable or not listed.

User pref, no right or wrong way as long as you use some commom sense.  :Wink: 

----------

## Gherald2

Pedantic: "In my case, if I have PCMCIA support built into the kernel, then metworking works.

----------

## rogerx

More then likely sounds like an irq or ioport conflict.

Monitor the following:

/proc/interrupts

/proc/ioports

... and then configure the device stealing the interrupt or ioport address to use a specific address.  I'm going to guess you have your network card or other device as a module and having the pcmcia network device get first take at the pool of addresses is fixing the problem.  No sweat though, as I do the same thing as you to resolve them as it is easier!  :Wink: 

I had to compile something as module and set pcmcia init.d to a default rather then boot.  The proper way for me would have been to exclude/include the address within the config file of pcmcia!  :Wink: 

----------

## cdunham

There have been a couple of annoyances I've run into running monolithic servers. As someone pointed out, it is part of a set of tactics for making more secure systems, which is great, especially if you have static hardware and don't mind recompling to get new stuff.

The annoyances are:

1) entries in the system log like:

modprobe: FATAL: Could not load /lib/modules/2.6.7-gentoo-r11/modules.dep: No such file or directory

Somewhere, someone is calling modprobe, and I can't figure out who or why. They also show up during boot, and although /etc/init.d/modules is depended on all over the place (and listed in CRITICAL_SERVICES in /sbin/rc), it is smart enough to exit cleanly if it doesn't see /proc/modules, so I'm pretty sure it's not to blame.

2) sensors-detect and other misc programs barf and die if they can't load modules. I *could* try to configure sensors by hand, but I enjoy being somewhat sane, thank you.

Perhaps I just missed the "modules=no" param in /etc/rc.conf ^_^

----------

## rogerx

yes. some of the init.d services (ie hotplug may be a culprit also), where if everything is static/monolithic, then you will get false errors posted to the syslog about not being able to load a module.  Usually, I tend to ignore these as it's obvious this gets down to providing a proper script to recognize the module is statically compiled.  This does not affect run time.  

ie:  cat /proc/config.gz |gzip -dc  

And yes, newer modules or experimental (buggy) modules may have a rougher time being statically linked.  All modules seem to go through this phase where they need to be unloaded & reloaded due to bugs.

So, what I do, to try to stay completely monolithic, compile almost everything  statically except for the few buggy ones. 

Yes.  sensors are a pain imo.  :Wink: 

----------

## cdunham

 *rogerx wrote:*   

> yes. some of the init.d services (ie hotplug may be a culprit also), where if everything is static/monolithic, then you will get false errors posted to the syslog about not being able to load a module.

 

Interestingly, 'ps' seems to be a big culprit...

----------

## betoe

Hi guys, hope i will explain this correctly (english isnt my first language). Searching on google i came here coz i have a problem (again...) with my gentoo installation.

I had installed gentoo yesterday, and after the system reboot, i see this message error.

"Modprobe: FATAL: Could not load lib/modules/2.6.12-gentoo-r6/module.dep   No such file or directory"

This error appear with:

1) Syncing hardware clock...

2) Settings DNS domain to...

3) Bringing eth0 up via DHCP...

As its fast, i can write only that.

I searched on my HDD and i have lib/modules/2.6.13-gentoo-r3    , not 2.6.13-gentoo-r6.

So what can i do for fix that? Thanks by your help.

----------

## cdunham

Is your kernel built with module support?

----------

## betoe

Hi. I really dont remember that exactly. Maybe i must reinstall the kernel carefully, i will do it this night (here its same time than mountain time in the US).

----------

## cdunham

If not, you can fix these messages with a small hack:

```
touch /lib/modules/2.6.12-gentoo-r6/module.dep
```

----------

## betoe

I cant do that cdunham, coz that path doesnt exist:

/lib/modules/2.6.12-gentoo-r6/module.dep

Damn i want to have gentoo working but i dont have enough time for (try) fix it til next sunday.

----------

## cdunham

```
mkdir -p /lib/modules/2.6.12-gentoo-r6

touch /lib/modules/2.6.12-gentoo-r6/module.dep
```

----------

## betoe

Thanks cdunham, sorry for being so noob and thanks to you for being so nice with me. That error has gone, but i still have a problem with the intenet connection, now i will try on IRC channels and searching on google.

----------

## cdunham

No worries, pass it forward...

----------

## HydroDiOxide

Don't know if this is the right place to post this question, but it struck me when reading the faq.

The TS of the faq says  *Quote:*   

> ...and your Linux system will theoretically only load the driver that is appropriate for the hardware setup at the time.

 

Does this mean that, when I compile something as a module, I won't need to load it manually, but that the system will load it when it detects the hardware? IOW, when the hardware is detected, but support isn't built into the kernel the system will look for the appropriate module and when the module isn't compiled the hardware fails to work?

----------

