I'm starting to learn kernel modules programming. To pass any parameter to the kernel module you use module_param( ) macro which i guess work something like dynamic linking method in user space (deffer symbols relocation to run time by kernel modules loader) you can correct me if I'm wrong. Anyways, module_param() takes a permission parameter to specify the read write and execute permissions of parameter values. So how exactly module_param() can become insecure if you set up the permissions correctly and how exactly does module_param_hw( ) fix these issues. I know that module_param_hw is supposed to be used when we pass hardware related values but cant see why it's more secure.
why module_param_hw( ) macro is more secure than module_param( )?
252 Views Asked by KMG At
1
There are 1 best solutions below
Related Questions in C
- How to call a C language function from x86 assembly code?
- What does: "char *argv[]" mean?
- User input sanitization program, which takes a specific amount of arguments and passes the execution to a bash script
- How to crop a BMP image in half using C
- How can I get the difference in minutes between two dates and hours?
- Why will this code compile although it defines two variables with the same name?
- Compiling eBPF program in Docker fails due to missing '__u64' type
- Why can't I use the file pointer after the first read attempt fails?
- #include Header files in C with definition too
- OpenCV2 on CLion
- What is causing the store latency in this program?
- How to refer to the filepath of test data in test sourcecode?
- 9 Digit Addresses in Hexadecimal System in MacOS
- My server TCP doesn't receive messages from the client in C
- Printing the characters obtained from the array s using printf?
Related Questions in LINUX
- Is there some way to use printf to print a horizontal list of decrementing hex digits in NASM assembly on Linux
- Why does Hugo generate different taxonomy-related HTML on different OS's?
- Writes in io_uring do not advance the file offset
- Why `set -o pipefail` gives different output even though the pipe is not failing
- what really controls the permissions: UID or eUID?
- Compiling eBPF program in Docker fails due to missing '__u64' type
- Docker container unable to make HTTPS requests to external API
- Whow to use callback_query_handler in Python 3.10
- Create kea runtime directory at startup in Yocto image
- Problem on CPU scheduling algorithms in OS
- How to copy files into the singularity sandbox?
- Android kernel error: undefined reference to `get_hw_version_platform'
- Is there a need for BPF Linux namespace?
- Error when trying to execute a binary compiled in a Kali Linux machine on an Ubuntu system
- Issue with launching application after updating ElectronJs to version 28.0.0 on Windows and Linux
Related Questions in MODULE
- (in promise) TypeError: NetworkError when attempting to fetch resource
- Cannot load modules/mod_dav_svn.so into server
- Not reading the function in a JavaScript Module file, by calling onclick in the html document
- Adding Modules to a Namespace using IIFE
- Preparing metadata (pyproject.toml) ... error
- I want to understand modularity in java. When compiling my app I have a ResolutionException
- ModuleNotFoundError: No module named 'src' while importing logging
- Nest.js can't resolve dependencies of the external library's Reflector dependency
- Npm build error: "Module not found: Error: Can't resolve './component/intro' in
- problemas con los CORS en .net core 7 y angular 15
- how can i fix this :ModuleNotFoundError
- A given package is installed but spyder won't see it
- Should I even continue trying to import a module from the parent package?
- Linking errors with includes in C++ nested modules
- Export and create package of c++20 modules
Related Questions in LINUX-KERNEL
- Android kernel error: undefined reference to `get_hw_version_platform'
- Is there a need for BPF Linux namespace?
- Facing fatal errors while running "yum update" command on CentOS 7/Cloudlinux 7
- crash utility itself crashes while decoding kdump generated from null pointer dereference in kernel module
- How to compile the Linux kernel with -O0 for more detailed debug?
- Linux support for parallel Pixel data Image sensor
- Can't upgrade to newest version of linux-image-6.5.0-26-generic
- How to protect a page so that it cannot be write in mips arch?
- How to extract the .img file into normal kernel source file in the linux?
- Storage size of struct hash_desc desc; isn't known
- How can I intercept failed file openning calls?
- struct nameidata-Linux Kernel Module
- How to modify a 'struct msghdr' in Linux Kernel Module?
- How to allocate 500MB+ physically contiguous memory in a Linux kernel module and copy data to that memory from a userspace process?
- Hyper Threading: nosmt in grub configuration
Related Questions in INSMOD
- insmod fails - module does not seem to match running kernel but I cannot figure out why
- What happens in kernel when modprobe is given
- insmod: ERROR could not insert module: Operation not permitted in WSL2 Ubuntu
- ADIS16507-1 on Raspberry Pi 4, spi_bcm2835: disagrees about version of symbol
- insmod error, invalid module format, fedora 35
- insmod failed, debug kmod source, error is from shared/misssing.h, syscall(__NR_finit_module, fd, uargs, flags);
- insmod: ERROR: could not insert module xline.ko: Invalid module format
- Cannot make persistant Insertion of a kernel object (debian) using Insmod
- why module_param_hw( ) macro is more secure than module_param( )?
- accidentally removed kernel module and don't know how to re enable
- insmod error, invalid module format on debian 9.5
- modprobe/insmod - ERROR: could not insert module Operation not permitted installing a kernel space module with root privileges
- insmod fails with “Unknown symbol in module”
- kernel module problem in commercial software
- docker [Errno 2] ip6tables v1.6.1: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
It or enum KERNEL_PARAM_FL_UNSAFE to flag member of kernel_param struct in file module_param.h.. Check macro module_param_hw_named
It also adds an extra checks related to lockdown feature of kernel,
You can check function param_check_unsafe in file kernel/params.c. This function will be called when inserting module in kernel with parameters.