## Setup env On NixOS: - Ensure Linux Kernel is the same as you configuration. Use this command to update nix inputs ```bash nix flake update --override-input nixpkgs "github:NixOS/nixpkgs/$(nixos-version --revision)" ``` - Use direnv allow or nix develop to setup shell. On other distros: 1. With direnv, in .envrc, change line by `use flake .#other` 2. With nix only, use `nix develop .#other` 3. Otherwise, you need to setup LINUX_MODULES_FOLDER to linux modules folder of your distro (ex: `/lib/modules/$(uname -r)`) in your shell (ex: .bashrc) ## make : targets list - all : Compiling kernel (by default) - clean : Cleaning build folder All subfolder is configured to use LINUX_MODULES_FOLDER env variable set by flake develop ## How test module Step 1: Load module ```bash sudo insmod [module_name].ko ``` **Warning**: Can fail if secure boot is enabled (see notes about secure boot in below) Step 2: Check logs ```bash sudo dmesg | tail ``` Step 3: Unload module ```bash sudo rmmod [module_name].ko ``` ## Usefull links - https://www.kernel.org/doc/html/latest/ - https://elixir.bootlin.com/linux/v6.13/source/ - https://static.lwn.net/images/pdf/LDD3/ch01.pdf - https://sysprog21.github.io/lkmpg ## Notes ### Find required headers files ``` nix shell nixpkgs#bear cd 01_basic_module/ bear --append --output ../.vscode/compile_commands.json -- make -C $LINUX_MODULES_FOLDER/build M=$PWD modules ``` Search -I args and -D args ### Sign kernel module for testing with secure boot enabled Prerequisites: Own secure boot keys configured. Secure boot keys can be found in : - Fedora : `/etc/pki/akmods` - With sbctl : `/var/lib/sbctl` ``` sign-file sha256 $SECUREBOOT_KEYS_PATH/private_key.priv $SECUREBOOT_KEYS_PATH/public_key.der .ko ``` sign-file executable is in `/usr/src/kernels/$(uname -r)/scripts` Full example (run as root): 1. Fedora ```bash /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 /etc/pki/akmods/private/private_key.priv /etc/pki/akmods/certs/public_key.der .ko ```