From 789e9c2549e337dd5a756cdeea38e2b43d19ec77 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Sun, 8 Nov 2015 03:46:25 +0100
Subject: [PATCH] dracut: mount only subdirectory of /lib/modules

This makes is possible to modify /lib/modules content - especially
install other kernel packages, without unmounting the whole
/lib/modules. Since dom0-provided modules will no longer conflict with
VM kernel packages (assuming kernel versions are different), there is no
need for qubes-kernel-vm-placeholder anymore.

Having only one subdirectory of /lib/modules mounted is somehow tricky,
because:
1. Directory name isn't always the same - it depends on kernel version.
This means that mountpoint must be created dynamically (so $NEWROOT must
be mounted in R/W for a moment).
2. There is one-command way to mount only a subdirectory of some
filesystem. So use a trick: mount it in some temporary directory, get
interesting subdir with `mount --bind`, then unmount temporary
directory.

QubesOS/qubes-issues#1354
---
 dracut/full-modules/mount_modules.sh | 15 +++++++++++++--
 dracut/simple/init.sh                | 15 +++++++++++++--
 2 files changed, 26 insertions(+), 4 deletions(-)

diff --git a/dracut/full-modules/mount_modules.sh b/dracut/full-modules/mount_modules.sh
index 129de59..afa617e 100644
--- a/dracut/full-modules/mount_modules.sh
+++ b/dracut/full-modules/mount_modules.sh
@@ -4,11 +4,22 @@
 #
 
 
-if ! [ -d $NEWROOT/lib/modules/`uname -r` ]; then
+kver="`uname -r`"
+if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
     echo "Waiting for /dev/xvdd device..."
     while ! [ -e /dev/xvdd ]; do sleep 0.1; done
 
-    mount -n -t ext3 /dev/xvdd $NEWROOT/lib/modules
+    # Mount only `uname -r` subdirectory, to leave the rest of /lib/modules writable
+    mkdir -p /tmp/modules
+    mount -n -t ext3 /dev/xvdd /tmp/modules
+    if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
+        mount "$NEWROOT" -o remount,rw
+        mkdir -p "$NEWROOT/lib/modules/$kver"
+        mount "$NEWROOT" -o remount,ro
+    fi
+    mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
+    umount /tmp/modules
+    rmdir /tmp/modules
 fi
 
 killall udevd systemd-udevd
diff --git a/dracut/simple/init.sh b/dracut/simple/init.sh
index 773e518..adc525c 100644
--- a/dracut/simple/init.sh
+++ b/dracut/simple/init.sh
@@ -54,11 +54,22 @@ mkdir -p /sysroot
 mount /dev/mapper/dmroot /sysroot -o ro
 NEWROOT=/sysroot
 
-if ! [ -d $NEWROOT/lib/modules/`uname -r` ]; then
+kver="`uname -r`"
+if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
     echo "Waiting for /dev/xvdd device..."
     while ! [ -e /dev/xvdd ]; do sleep 0.1; done
 
-    mount -n -t ext3 /dev/xvdd $NEWROOT/lib/modules
+    # Mount only `uname -r` subdirectory, to leave the rest of /lib/modules writable
+    mkdir -p /tmp/modules
+    mount -n -t ext3 /dev/xvdd /tmp/modules
+    if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
+        mount "$NEWROOT" -o remount,rw
+        mkdir -p "$NEWROOT/lib/modules/$kver"
+        mount "$NEWROOT" -o remount,ro
+    fi
+    mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
+    umount /tmp/modules
+    rmdir /tmp/modules
 fi