From: Richard Jones Date: Mon, 15 Jun 2009 13:45:05 +0000 (+0100) Subject: Move kernel module list to a separate whitelist file. X-Git-Tag: 1.0.46~6 X-Git-Url: http://git.annexia.org/?a=commitdiff_plain;h=161c7cd7f9c9d1099c35db20f78d7e5a20ea6517;p=libguestfs.git Move kernel module list to a separate whitelist file. --- diff --git a/appliance/Makefile.am b/appliance/Makefile.am index 1886e3e..5dd6521 100644 --- a/appliance/Makefile.am +++ b/appliance/Makefile.am @@ -32,7 +32,7 @@ fs_DATA = $(INITRAMFSIMG) $(VMLINUZ) $(INITRAMFSIMG) $(VMLINUZ): $(top_builddir)/initramfs/fakeroot.log -$(top_builddir)/initramfs/fakeroot.log: make.sh +$(top_builddir)/initramfs/fakeroot.log: make.sh kmod.whitelist -mv $(INITRAMFSIMG) $(INITRAMFSIMG).bak -mv $(VMLINUZ) $(VMLINUZ).bak if ! bash make.sh; then rm -f $@; exit 1; fi diff --git a/appliance/kmod.whitelist b/appliance/kmod.whitelist new file mode 100644 index 0000000..4bf4cf8 --- /dev/null +++ b/appliance/kmod.whitelist @@ -0,0 +1,38 @@ +# List of kernel modules that we leave in the appliance. This has to +# include any dependencies needed by modules. + +# Any kernel module not listed here is deleted from the appliance. + +# Wildcards are permitted. + +virtio.ko +virtio_net.ko +virtio_pci.ko +virtio_ring.ko + +ext2.ko +ext3.ko +ext4*.ko + +crc16.ko +jbd.ko +jbd2.ko + +fuse.ko + +vfat.ko +fat.ko + +udf.ko +crc_itu_t.ko +nls_utf8.ko + +dm-*.ko + +cramfs.ko +squashfs.ko + +hfsplus.ko +ufs.ko +exportfs.ko +xfs.ko diff --git a/appliance/make.sh.in b/appliance/make.sh.in index 9c52830..8f3b212 100755 --- a/appliance/make.sh.in +++ b/appliance/make.sh.in @@ -80,35 +80,22 @@ rm -f $koutput # Don't need any keyboard maps. @FEBOOTSTRAP_RUN@ initramfs -- rm -rf /lib/kbd -# Modules take up nearly half of the image. It's a rough guess that -# we don't need many drivers (which take up most of the space). -(cd initramfs && find lib/modules/*/kernel \ - -name '*.ko' \ - -a ! -name 'virtio.ko' \ - -a ! -name 'virtio_net.ko' \ - -a ! -name 'virtio_pci.ko' \ - -a ! -name 'virtio_ring.ko' \ - -a ! -name 'ext2.ko' \ - -a ! -name 'ext3.ko' \ - -a ! -name 'ext4*.ko' \ - -a ! -name 'crc16.ko' \ - -a ! -name 'jbd.ko' \ - -a ! -name 'jbd2.ko' \ - -a ! -name 'fuse.ko' \ - -a ! -name 'vfat.ko' \ - -a ! -name 'fat.ko' \ - -a ! -name 'udf.ko' \ - -a ! -name 'crc_itu_t.ko' \ - -a ! -name 'nls_utf8.ko' \ - -a ! -name 'dm-*.ko' \ - -a ! -name 'cramfs.ko' \ - -a ! -name 'squashfs.ko' \ - -a ! -name 'hfsplus.ko' \ - -a ! -name 'ufs.ko' \ - -a ! -name 'exportfs.ko' \ - -a ! -name 'xfs.ko' \ - -a -print0 ) | - xargs -0 @FEBOOTSTRAP_RUN@ initramfs -- rm +# Kernel modules take up nearly half of the image. Only include ones +# which are on the whitelist. +grep -v '^[[:space:]]*$' < appliance/kmod.whitelist | + grep -v '^#' > kmod.whitelist.tmp +exec 5