I’m starting to learn kernel modules programming. To pass any parameter to the kernel module you use module_param( ) macro which i guess work something like dynamic linking method in user space (deffer symbols relocation to run time by kernel modules loader) you can correct me if I’m wrong. Anyways, module_param() takes a permission parameter to specify the read write and execute permissions of parameter values. So how exactly module_param() can become insecure if you set up the permissions correctly and how exactly does module_param_hw( ) fix these issues. I know that module_param_hw is supposed to be used when we pass hardware related values but cant see why it’s more secure.
Advertisement
Answer
It or enum KERNEL_PARAM_FL_UNSAFE to flag member of kernel_param struct in file module_param.h.. Check macro module_param_hw_named
It also adds an extra checks related to lockdown feature of kernel,
if (kp->flags & KERNEL_PARAM_FL_HWPARAM &&
security_locked_down(LOCKDOWN_MODULE_PARAMETERS))
return false;
You can check function param_check_unsafe in file kernel/params.c. This function will be called when inserting module in kernel with parameters.