How to verify a kernel module is safe

I am installing a pci-e device on my TX1 and originally the manufacturer (in China) only had drivers for the TK1. They have now provided me with a .ko file that should work with the TX1. Is there a way to make sure it’s safe and doesn’t have any malicious code?

Short of having the source code or trusting them there really isn’t much you can do. You could disassemble the code and view the assembler, but that’s far beyond normal effort.