I’m starting to learn kernel modules programming. To pass any parameter to the kernel module you use module_param( )
macro which i guess work something like dynamic linking method in user space (deffer symbols relocation to run time by kernel modules loader) you can correct me if I’m wrong. Anyways, module_param()
takes a permission parameter to specify the read write and execute permissions of parameter values. So how exactly module_param()
can become insecure if you set up the permissions correctly and how exactly does module_param_hw( )
fix these issues. I know that module_param_hw
is supposed to be used when we pass hardware related values but cant see why it’s more secure.
Advertisement
Answer
It or enum KERNEL_PARAM_FL_UNSAFE to flag member of kernel_param struct in file module_param.h.. Check macro module_param_hw_named
It also adds an extra checks related to lockdown feature of kernel,
if (kp->flags & KERNEL_PARAM_FL_HWPARAM && security_locked_down(LOCKDOWN_MODULE_PARAMETERS)) return false;
You can check function param_check_unsafe in file kernel/params.c. This function will be called when inserting module in kernel with parameters.