Home > Net >  Does Kernel to/from User Space Communication Need To Be Secured
Does Kernel to/from User Space Communication Need To Be Secured

Time:10-12

I'm writing a kernel module device driver that depends on a user space helper program. I plan to have the two communicate using a character device. I was wondering though, should this communication be secured somehow to prevent any third party user space program from interfering or spoofing the helper program? If so, what would be a good approach to do this? Or is that overkill? In case it's relevant, the interactions are always initiated by the kernel module with the user space helper program sending data back to the kernel in response. The information being sent back is only several characters consisting of things like temperatures, fan speeds, confirmation that fan speeds have been changed, etc.

CodePudding user response:

My advice would be to rather do strict checking on the data received in the kernel. What is the attack scenario for falsifying information? The impact seems to be able to change temperatures or fan speeds, which is low enough that I do not see any reason to attack, unless another issue can be exploited - like buffer overflow in the kernel string handling etc. In that case, defending on the kernel side seems to be the correct protection, as it protects against malicious use of the user side program as well.

  • Related