From 9c6c825691042e472ef26fdbe506ef564fb77a8b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Thu, 6 Jun 2019 01:28:15 +0200
Subject: [PATCH] initramfs: use overlayfs for /lib/modules, if available

If overlay fs is available, use it for /lib/modules. This way the whole
/lib/modules will be writable and changes (like extra modules) will
persist in TemplateVM/StandaloneVM.

In practice, this will allow to conveniently build in-vm kernel modules,
even for dom0-provided kernels.

QubesOS/qubes-issues#2908
---
 dracut/simple/init.sh         | 23 +++++++++++++++++------
 dracut/simple/module-setup.sh |  4 ++++
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/dracut/simple/init.sh b/dracut/simple/init.sh
index da06739..7a924e3 100644
--- a/dracut/simple/init.sh
+++ b/dracut/simple/init.sh
@@ -94,15 +94,26 @@ if ! [ -d "$NEWROOT/lib/modules/$kver/kernel" ]; then
     echo "Waiting for /dev/xvdd device..."
     while ! [ -e /dev/xvdd ]; do sleep 0.1; done
 
-    # Mount only `uname -r` subdirectory, to leave the rest of /lib/modules writable
     mkdir -p /tmp/modules
     mount -n -t ext3 /dev/xvdd /tmp/modules
-    if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
-        mount "$NEWROOT" -o remount,rw
-        mkdir -p "$NEWROOT/lib/modules/$kver"
-        mount "$NEWROOT" -o remount,ro
+    if /sbin/modprobe overlay; then
+        # if overlayfs is supported, use that to provide fully writable /lib/modules
+        if ! [ -d "$NEWROOT/lib/.modules_work" ]; then
+            mount "$NEWROOT" -o remount,rw
+            mkdir -p "$NEWROOT/lib/.modules_work"
+            mount "$NEWROOT" -o remount,ro
+        fi
+        mount -t overlay none $NEWROOT/lib/modules -o lowerdir=/tmp/modules,upperdir=$NEWROOT/lib/modules,workdir=$NEWROOT/lib/.modules_work
+    else
+        # otherwise mount only `uname -r` subdirectory, to leave the rest of
+        # /lib/modules writable
+        if ! [ -d "$NEWROOT/lib/modules/$kver" ]; then
+            mount "$NEWROOT" -o remount,rw
+            mkdir -p "$NEWROOT/lib/modules/$kver"
+            mount "$NEWROOT" -o remount,ro
+        fi
+        mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
     fi
-    mount --bind "/tmp/modules/$kver" "$NEWROOT/lib/modules/$kver"
     umount /tmp/modules
     rmdir /tmp/modules
 fi
diff --git a/dracut/simple/module-setup.sh b/dracut/simple/module-setup.sh
index 9eb556b..96efa85 100644
--- a/dracut/simple/module-setup.sh
+++ b/dracut/simple/module-setup.sh
@@ -9,6 +9,10 @@ depends() {
     return 0
 }
 
+installkernel() {
+    hostonly='' instmods overlay
+}
+
 install() {
     inst $moddir/init.sh /init
     inst_multiple \