From a83ccc10c74cb507a22c6df5feba473d0ef08ec7 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Wed, 23 Apr 2025 13:37:09 +0200
Subject: [PATCH] mkosi-initrd: perform basic checks on the kernel dir before
 calling mkosi
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

openSUSE ships Kernel Module Packages (KMPs), e.g.:

```
$ rpm -ql nvidia-open-driver-G06-signed-kmp-default
/usr/lib/modules/6.14.0-1-default
/usr/lib/modules/6.14.0-1-default/updates
/usr/lib/modules/6.14.0-1-default/updates/nvidia-open-driver-G06-signed-570.133.07
/usr/lib/modules/6.14.0-1-default/updates/nvidia-open-driver-G06-signed-570.133.07/nvidia-drm.ko.zst
/usr/lib/modules/6.14.0-1-default/updates/nvidia-open-driver-G06-signed-570.133.07/nvidia-modeset.ko.zst
/usr/lib/modules/6.14.0-1-default/updates/nvidia-open-driver-G06-signed-570.133.07/nvidia-uvm.ko.zst
/usr/lib/modules/6.14.0-1-default/updates/nvidia-open-driver-G06-signed-570.133.07/nvidia.ko.zst
```

These KMPs install their kernel modules under the updates folder of a certain
kernel directory, even with that kernel directory without any other content:

```
$ tree /usr/lib/modules/6.14.0-1-default
/usr/lib/modules/6.14.0-1-default
âââ updates
    âââ hdaps.ko
    âââ nvidia-open-driver-G06-signed-570.133.07
    âÂ Â  âââ nvidia-drm.ko.zst
    âÂ Â  âââ nvidia.ko.zst
    âÂ Â  âââ nvidia-modeset.ko.zst
    âÂ Â  âââ nvidia-uvm.ko.zst
    âââ thinkpad_ec.ko
    âââ tp_smapi.ko
```

That of course will make mkosi fail:

```
$ mkosi-initrd -k 6.14.0-1-default
â£ Validating certificates and keys
â£ Copying repository metadata
â£ Building main image
â£  Copying in sandbox treesâ¦
â£  Installing openSUSE
...
â£  Applying kernel module filters
â£   Running modinfo to fetch kernel module dependencies
modinfo: ERROR: Module nvidia not found.
modinfo: ERROR: Module thinkpad-ec not found.
modinfo: ERROR: Module nvidia-modeset not found.
modinfo: ERROR: Module tp-smapi not found.
modinfo: ERROR: Module hdaps not found.
modinfo: ERROR: Module nvidia-uvm not found.
modinfo: ERROR: Module nvidia-drm not found.
â£ "modinfo --set-version 6.14.0-1-default --null nvidia thinkpad-ec nvidia-modeset tp-smapi hdaps nvidia-uvm nvidia-drm" returned non-zero exit code 1.
```

But, there is no need fail so far (after calling the package manager within
mkosi), some basic checks can be performed before spawning other processes.
---
 mkosi/initrd.py | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/mkosi/initrd.py b/mkosi/initrd.py
index c7302733a..3be08f9aa 100644
--- a/mkosi/initrd.py
+++ b/mkosi/initrd.py
@@ -16,7 +16,7 @@ from typing import Optional, cast
 import mkosi.resources
 from mkosi.config import DocFormat, InitrdProfile, OutputFormat
 from mkosi.documentation import show_docs
-from mkosi.log import ARG_DEBUG, ARG_DEBUG_SHELL, log_notice, log_setup
+from mkosi.log import ARG_DEBUG, ARG_DEBUG_SHELL, die, log_notice, log_setup
 from mkosi.run import find_binary, run, uncaught_exception_handler
 from mkosi.sandbox import __version__, umask
 from mkosi.tree import copy_tree, move_tree, rmtree
@@ -145,6 +145,13 @@ def create_parser() -> argparse.ArgumentParser:
     return parser
 
 
+def is_valid_modulesd(modulesd: Path) -> bool:
+    # Check whether a provided kernel modules directory is valid
+    return modulesd.is_dir() and (
+        (modulesd / "modules.dep").exists() or (modulesd / "modules.dep.bin").exists()
+    )
+
+
 def process_crypttab(staging_dir: Path) -> list[str]:
     cmdline = []
 
@@ -289,6 +296,10 @@ def main() -> None:
             show_docs("mkosi-initrd", DocFormat.all(), resources=r)
         return
 
+    modulesd = Path("/usr/lib/modules") / args.kernel_version
+    if not is_valid_modulesd(modulesd):
+        die(f"Invalid kernel directory: {modulesd}")
+
     with (
         tempfile.TemporaryDirectory() as staging_dir,
         tempfile.TemporaryDirectory() as sandbox_tree,
@@ -300,7 +311,7 @@ def main() -> None:
             f"--format={args.format}",
             f"--output={args.output}",
             f"--output-directory={staging_dir}",
-            f"--extra-tree=/usr/lib/modules/{args.kernel_version}:/usr/lib/modules/{args.kernel_version}",
+            f"--extra-tree={modulesd}:{modulesd}",
             "--extra-tree=/usr/lib/firmware:/usr/lib/firmware",
             "--remove-files=/usr/lib/firmware/*-ucode",
             "--build-sources=",
@@ -317,7 +328,7 @@ def main() -> None:
 
         if args.kernel_image:
             cmdline += [
-                f"--extra-tree={args.kernel_image}:/usr/lib/modules/{args.kernel_version}/vmlinuz",
+                f"--extra-tree={args.kernel_image}:{modulesd}/vmlinuz",
             ]
 
         if args.debug:
-- 
2.47.3