From patchwork Fri Jun 19 16:15:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313068 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7s5rFrzB46t; Sat, 20 Jun 2020 02:16:41 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgz-0002Bj-0E; Fri, 19 Jun 2020 16:16:37 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgu-00027p-ID for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:32 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgt-0003Zk-SI for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:32 +0000 Received: by mail-io1-f72.google.com with SMTP id l22so7087407iob.23 for ; Fri, 19 Jun 2020 09:16:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=natZifhHBRSPfPEq8XSBeJqGGzLOpuiO7hOp7iGnnug=; b=qj2GnzU1EU7+rAFi/54GRZsZwjm3BjL4rPxQlXPDQzJNI3dvPCrYJjrtbz0y77J25s zW5HZLzFEC/R4EzYijpleOrEjDGIJeth+N9ORpK8IhfJ/748Ey+19PtqTXQ5BXkX7WFw bPQtdhZCQGJWcnX2f2RLxUopFx28BtvqG9c/GagUw0lsRvDL/xfgZz/PK276WTSGjSm1 AFhEQzlWzJvTSSqqLFgV+UuW+oL8Epur7M5cw9nks6m7AWsxebDerZ1ODVI1tdNFmRqs X5c1rEhKqj9pg8h2DqWrmuyBXqrU8xcDxA56Ii/zab6cXNCjNixKY/xshtZwELHJjna8 v03Q== X-Gm-Message-State: AOAM531zNRjb5viGaL0H6F93y8fLBCu4dYsCJkqttueFZqKFSPzwATvr ZbsBUv3hBTTPj+qg96lFuZOlHPWRWyEpC17+w4W/EwCASTkNptvt66dDFqeKp+mFd/agMQzP8TB fGtMh6wTdu878PTjYTM8zncoYDgFuqk5thdp4vACPTA== X-Received: by 2002:a05:6602:50:: with SMTP id z16mr5175085ioz.22.1592583390588; Fri, 19 Jun 2020 09:16:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxi8mKNSkWuETZzENrncdRmVt99fPQTwPm5EFF2wFJcu6c8hX+XbxQP1JKg1YzxNKlmDn9q6g== X-Received: by 2002:a05:6602:50:: with SMTP id z16mr5175043ioz.22.1592583390231; Fri, 19 Jun 2020 09:16:30 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w78sm3457360ilk.14.2020.06.19.09.16.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:29 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 06/57][B] Annotate module params that specify hardware parameters (eg. ioport) Date: Fri, 19 Jun 2020 11:15:30 -0500 Message-Id: <20200619161621.644540-7-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). This will enable such parameters to be locked down in the core parameter parser for secure boot support. I've also included annotations as to what sort of hardware configuration each module is dealing with for future use. Some of these are straightforward (ioport, iomem, irq, dma), but there are also: (1) drivers that switch the semantics of a parameter between ioport and iomem depending on a second parameter, (2) drivers that appear to reserve a CPU memory buffer at a fixed address, (3) other parameters, such as bus types and irq selection bitmasks. For the moment, the hardware configuration type isn't actually stored, though its validity is checked. Signed-off-by: David Howells (cherry picked from commit bf616d21f41174389c6d720ae21bf40f154474c8) Signed-off-by: Seth Forshee --- include/linux/moduleparam.h | 65 ++++++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h index 52666d90ca94..6be1949ebcdf 100644 --- a/include/linux/moduleparam.h +++ b/include/linux/moduleparam.h @@ -60,9 +60,11 @@ struct kernel_param_ops { * Flags available for kernel_param * * UNSAFE - the parameter is dangerous and setting it will taint the kernel + * HWPARAM - Hardware param not permitted in lockdown mode */ enum { - KERNEL_PARAM_FL_UNSAFE = (1 << 0) + KERNEL_PARAM_FL_UNSAFE = (1 << 0), + KERNEL_PARAM_FL_HWPARAM = (1 << 1), }; struct kernel_param { @@ -451,6 +453,67 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp); perm, -1, 0); \ __MODULE_PARM_TYPE(name, "array of " #type) +enum hwparam_type { + hwparam_ioport, /* Module parameter configures an I/O port */ + hwparam_iomem, /* Module parameter configures an I/O mem address */ + hwparam_ioport_or_iomem, /* Module parameter could be either, depending on other option */ + hwparam_irq, /* Module parameter configures an I/O port */ + hwparam_dma, /* Module parameter configures a DMA channel */ + hwparam_dma_addr, /* Module parameter configures a DMA buffer address */ + hwparam_other, /* Module parameter configures some other value */ +}; + +/** + * module_param_hw_named - A parameter representing a hw parameters + * @name: a valid C identifier which is the parameter name. + * @value: the actual lvalue to alter. + * @type: the type of the parameter + * @hwtype: what the value represents (enum hwparam_type) + * @perm: visibility in sysfs. + * + * Usually it's a good idea to have variable names and user-exposed names the + * same, but that's harder if the variable must be non-static or is inside a + * structure. This allows exposure under a different name. + */ +#define module_param_hw_named(name, value, type, hwtype, perm) \ + param_check_##type(name, &(value)); \ + __module_param_call(MODULE_PARAM_PREFIX, name, \ + ¶m_ops_##type, &value, \ + perm, -1, \ + KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ + __MODULE_PARM_TYPE(name, #type) + +#define module_param_hw(name, type, hwtype, perm) \ + module_param_hw_named(name, name, type, hwtype, perm) + +/** + * module_param_hw_array - A parameter representing an array of hw parameters + * @name: the name of the array variable + * @type: the type, as per module_param() + * @hwtype: what the value represents (enum hwparam_type) + * @nump: optional pointer filled in with the number written + * @perm: visibility in sysfs + * + * Input and output are as comma-separated values. Commas inside values + * don't work properly (eg. an array of charp). + * + * ARRAY_SIZE(@name) is used to determine the number of elements in the + * array, so the definition must be visible. + */ +#define module_param_hw_array(name, type, hwtype, nump, perm) \ + param_check_##type(name, &(name)[0]); \ + static const struct kparam_array __param_arr_##name \ + = { .max = ARRAY_SIZE(name), .num = nump, \ + .ops = ¶m_ops_##type, \ + .elemsize = sizeof(name[0]), .elem = name }; \ + __module_param_call(MODULE_PARAM_PREFIX, name, \ + ¶m_array_ops, \ + .arr = &__param_arr_##name, \ + perm, -1, \ + KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ + __MODULE_PARM_TYPE(name, "array of " #type) + + extern const struct kernel_param_ops param_array_ops; extern const struct kernel_param_ops param_ops_string;