I'm starting to learn kernel modules programming. To pass any parameter to the kernel module you use module_param( ) macro which i guess work something like dynamic linking method in user space (deffer symbols relocation to run time by kernel modules loader) you can correct me if I'm wrong. Anyways, module_param() takes a permission parameter to specify the read write and execute permissions of parameter values. So how exactly module_param() can become insecure if you set up the permissions correctly and how exactly does module_param_hw( ) fix these issues. I know that module_param_hw is supposed to be used when we pass hardware related values but cant see why it's more secure.

1 Answer

It or enum KERNEL_PARAM_FL_UNSAFE to flag member of kernel_param struct in file module_param.h.. Check macro module_param_hw_named

It also adds an extra checks related to lockdown feature of kernel,

if (kp->flags & KERNEL_PARAM_FL_HWPARAM && security_locked_down(LOCKDOWN_MODULE_PARAMETERS)) return false; 

You can check function param_check_unsafe in file kernel/params.c. This function will be called when inserting module in kernel with parameters.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.