diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2017-05-10 19:13:03 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2017-05-10 19:13:03 -0700 |
commit | 291b38a7565b41676cafd1b4052315a94d9c8977 (patch) | |
tree | 876251a73901865110c8d0d048cf379b8a6ff0e4 /drivers/scsi | |
parent | b5a53b61a2890ec08f404f524c1c42aa86f09be4 (diff) | |
parent | 6192c41fc608b0a58d5540b015aa1672c266f3c5 (diff) | |
download | lwn-291b38a7565b41676cafd1b4052315a94d9c8977.tar.gz lwn-291b38a7565b41676cafd1b4052315a94d9c8977.zip |
Merge tag 'hwparam-20170420' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs
Pull hw lockdown support from David Howells:
"Annotation of module parameters that configure hardware resources
including ioports, iomem addresses, irq lines and dma channels.
This allows a future patch to prohibit the use of such module
parameters to prevent that hardware from being abused to gain access
to the running kernel image as part of locking the kernel down under
UEFI secure boot conditions.
Annotations are made by changing:
module_param(n, t, p)
module_param_named(n, v, t, p)
module_param_array(n, t, m, p)
to:
module_param_hw(n, t, hwtype, p)
module_param_hw_named(n, v, t, hwtype, p)
module_param_hw_array(n, t, hwtype, m, p)
where the module parameter refers to a hardware setting
hwtype specifies the type of the resource being configured. This can
be one of:
ioport Module parameter configures an I/O port
iomem Module parameter configures an I/O mem address
ioport_or_iomem Module parameter could be either (runtime set)
irq Module parameter configures an I/O port
dma Module parameter configures a DMA channel
dma_addr Module parameter configures a DMA buffer address
other Module parameter configures some other value
Note that the hwtype is compile checked, but not currently stored (the
lockdown code probably won't require it). It is, however, there for
future use.
A bonus is that the hwtype can also be used for grepping.
The intention is for the kernel to ignore or reject attempts to set
annotated module parameters if lockdown is enabled. This applies to
options passed on the boot command line, passed to insmod/modprobe or
direct twiddling in /sys/module/ parameter files.
The module initialisation then needs to handle the parameter not being
set, by (1) giving an error, (2) probing for a value or (3) using a
reasonable default.
What I can't do is just reject a module out of hand because it may
take a hardware setting in the module parameters. Some important
modules, some ipmi stuff for instance, both probe for hardware and
allow hardware to be manually specified; if the driver is aborts with
any error, you don't get any ipmi hardware.
Further, trying to do this entirely in the module initialisation code
doesn't protect against sysfs twiddling.
[!] Note that in and of itself, this series of patches should have no
effect on the the size of the kernel or code execution - that is
left to a patch in the next series to effect. It does mark
annotated kernel parameters with a KERNEL_PARAM_FL_HWPARAM flag in
an already existing field"
* tag 'hwparam-20170420' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: (38 commits)
Annotate hardware config module parameters in sound/pci/
Annotate hardware config module parameters in sound/oss/
Annotate hardware config module parameters in sound/isa/
Annotate hardware config module parameters in sound/drivers/
Annotate hardware config module parameters in fs/pstore/
Annotate hardware config module parameters in drivers/watchdog/
Annotate hardware config module parameters in drivers/video/
Annotate hardware config module parameters in drivers/tty/
Annotate hardware config module parameters in drivers/staging/vme/
Annotate hardware config module parameters in drivers/staging/speakup/
Annotate hardware config module parameters in drivers/staging/media/
Annotate hardware config module parameters in drivers/scsi/
Annotate hardware config module parameters in drivers/pcmcia/
Annotate hardware config module parameters in drivers/pci/hotplug/
Annotate hardware config module parameters in drivers/parport/
Annotate hardware config module parameters in drivers/net/wireless/
Annotate hardware config module parameters in drivers/net/wan/
Annotate hardware config module parameters in drivers/net/irda/
Annotate hardware config module parameters in drivers/net/hamradio/
Annotate hardware config module parameters in drivers/net/ethernet/
...
Diffstat (limited to 'drivers/scsi')
-rw-r--r-- | drivers/scsi/aha152x.c | 4 | ||||
-rw-r--r-- | drivers/scsi/aha1542.c | 2 | ||||
-rw-r--r-- | drivers/scsi/g_NCR5380.c | 8 | ||||
-rw-r--r-- | drivers/scsi/gdth.c | 2 | ||||
-rw-r--r-- | drivers/scsi/qlogicfas.c | 4 |
5 files changed, 10 insertions, 10 deletions
diff --git a/drivers/scsi/aha152x.c b/drivers/scsi/aha152x.c index f44d0487236e..ce5dc73d85bb 100644 --- a/drivers/scsi/aha152x.c +++ b/drivers/scsi/aha152x.c @@ -331,11 +331,11 @@ MODULE_LICENSE("GPL"); #if !defined(PCMCIA) #if defined(MODULE) static int io[] = {0, 0}; -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io,"base io address of controller"); static int irq[] = {0, 0}; -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq,"interrupt for controller"); static int scsiid[] = {7, 7}; diff --git a/drivers/scsi/aha1542.c b/drivers/scsi/aha1542.c index 7db448ec8beb..a23cc9ac5acd 100644 --- a/drivers/scsi/aha1542.c +++ b/drivers/scsi/aha1542.c @@ -31,7 +31,7 @@ module_param(isapnp, bool, 0); MODULE_PARM_DESC(isapnp, "enable PnP support (default=1)"); static int io[MAXBOARDS] = { 0x330, 0x334, 0, 0 }; -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "base IO address of controller (0x130,0x134,0x230,0x234,0x330,0x334, default=0x330,0x334)"); /* time AHA spends on the AT-bus during data transfer */ diff --git a/drivers/scsi/g_NCR5380.c b/drivers/scsi/g_NCR5380.c index 67c8dac321ad..c34fc91ba486 100644 --- a/drivers/scsi/g_NCR5380.c +++ b/drivers/scsi/g_NCR5380.c @@ -85,8 +85,8 @@ static int ncr_53c400; static int ncr_53c400a; static int dtc_3181e; static int hp_c2502; -module_param(ncr_irq, int, 0); -module_param(ncr_addr, int, 0); +module_param_hw(ncr_irq, int, irq, 0); +module_param_hw(ncr_addr, int, ioport, 0); module_param(ncr_5380, int, 0); module_param(ncr_53c400, int, 0); module_param(ncr_53c400a, int, 0); @@ -94,11 +94,11 @@ module_param(dtc_3181e, int, 0); module_param(hp_c2502, int, 0); static int irq[] = { -1, -1, -1, -1, -1, -1, -1, -1 }; -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ number(s) (0=none, 254=auto [default])"); static int base[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; -module_param_array(base, int, NULL, 0); +module_param_hw_array(base, int, ioport, NULL, 0); MODULE_PARM_DESC(base, "base address(es)"); static int card[] = { -1, -1, -1, -1, -1, -1, -1, -1 }; diff --git a/drivers/scsi/gdth.c b/drivers/scsi/gdth.c index d020a13646ae..facc7271f932 100644 --- a/drivers/scsi/gdth.c +++ b/drivers/scsi/gdth.c @@ -353,7 +353,7 @@ static int probe_eisa_isa = 0; static int force_dma32 = 0; /* parameters for modprobe/insmod */ -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(disable, int, 0); module_param(reserve_mode, int, 0); module_param_array(reserve_list, int, NULL, 0); diff --git a/drivers/scsi/qlogicfas.c b/drivers/scsi/qlogicfas.c index 61cac87fb86f..840823b99e51 100644 --- a/drivers/scsi/qlogicfas.c +++ b/drivers/scsi/qlogicfas.c @@ -137,8 +137,8 @@ err: static struct qlogicfas408_priv *cards; static int iobase[MAX_QLOGICFAS]; static int irq[MAX_QLOGICFAS] = { [0 ... MAX_QLOGICFAS-1] = -1 }; -module_param_array(iobase, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(iobase, "I/O address"); MODULE_PARM_DESC(irq, "IRQ"); |