Linux Kernel Module Parameter Permissions/Access Rights

In the last post we saw how to create linux kernel module with a parameter. During that we had passed an integer 0660 for the access rights argument to macro module_param.

Let’s see what that is and how does it work?

Whenever we load any kernel module, a directory structure under /sys/module/<module-name> is created. This module tree consist of following structure. (source: kernel.org doc)

/sys/module/MODULENAME
	The name of the module that is in the kernel.  This
	module name will always show up if the module is loaded as a
	dynamic module.  If it is built directly into the kernel, it
	will only show up if it has a version or at least one
	parameter.

	Note: The conditions of creation in the built-in case are not
	by design and may be removed in the future.

/sys/module/MODULENAME/parameters
	This directory contains individual files that are each
	individual parameters of the module that are able to be
	changed at runtime.  See the individual module
	documentation as to the contents of these parameters and
	what they accomplish.

	Note: The individual parameter names and values are not
	considered stable, only the fact that they will be
	placed in this location within sysfs.  See the
	individual driver documentation for details as to the
	stability of the different parameters.

/sys/module/MODULENAME/refcnt
	If the module is able to be unloaded from the kernel, this file
	will contain the current reference count of the module.

	Note: If the module is built into the kernel, or if the
	CONFIG_MODULE_UNLOAD kernel configuration value is not enabled,
	this file will not be present.

So when we do,

$ sudo insmod mod-args.ko dest_port=8080

a directory structure under /sys/module/mod_args is created that looks like.

[05:09 PM][girish@fedo-vm]:module
$ ls -1F /sys/module/mod_args/
coresize
holders/
initsize
initstate
notes/
parameters/
refcnt
sections/
taint
uevent

Under /sys/module/mod_args/parameters you will find a file called dest_port

[05:09 PM][girish@fedo-vm]:module
$ ll /sys/module/mod_args/parameters/
total 0
-rw-rw----. 1 root root 4096 Aug 22 17:21 dest_port

It has the permission to read and write for the owner and group.

If you check the contents in dest_port.

[05:09 PM][girish@fedo-vm]:module
$ sudo cat /sys/module/mod_args/parameters/dest_port 
8080

It is the value that we had set while loading the module. We can change this value even after the module is loaded by changing data in this file.

[05:10 PM][root@fedo-vm]:module
$ echo 8081 > /sys/module/mod_args/parameters/dest_port 
[05:10 PM][root@fedo-vm]:module
$ cat /sys/module/mod_args/parameters/dest_port 
8081
[05:10 PM][root@fedo-vm]:module
$ exit
[05:10 PM][girish@fedo-vm]:module
$ sudo rmmod mod_args 
[05:10 PM][girish@fedo-vm]:module
$ dmesg
.....
.....
.....
.....
[36340.288695] hello.... dest_port=8080 
[36394.368996] bye dest_port=8081

Things to be noted:

References: