From patchwork Fri Jun 19 16:15:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313062 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7h16PSzB473; Sat, 20 Jun 2020 02:16:31 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgp-00025G-OL; Fri, 19 Jun 2020 16:16:27 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgn-00024v-Un for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:25 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgn-0003Z5-Jh for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:25 +0000 Received: by mail-il1-f198.google.com with SMTP id x63so6763918ilk.8 for ; Fri, 19 Jun 2020 09:16:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=D7YsGSyHRip+TZFLXlLyMc+vJKnHoZ1C6gCCK6mFUz0=; b=MGXtAFuC8unlq+ZZAfevMHP33QXIDbZ86FCBOSVDRmnAT/iNNSwYGIz1CpENimjLmk S7vmZQpGliLvSPJX660nL0b+lCMMOnqjDPrmA1NCapoZN54ncY73t8oSkBykCJvO9SFs 0g7HQxq8do86ctZSGwAfomuBByPnXjMVKF6p6FYbHrscA6FPufMagC4zk3VCemlae6Bk tljdjZAN/nKtS/MsiYISOjTVpuyQSep0eEaO2+ZzVgz0kDi73Zr/WhcYCToVA62ueXav 72OEJ7DW1NHEY5wDnjFcUCd3cvdhjmfNujOxbxju0k5Zwxbg54Uu2UtADikwOlWYEdVf HBKg== X-Gm-Message-State: AOAM532IPK4haoUseY0JrmeMesnjXY24GF0LRNGxphtwhNaq/B0z/DD6 a0ukYN63n57iC+MJ/1PD5L5YSKvt/aUs+lskLn6rE+SJ5yVC1ZavntVdLd7pZNAKuasfVUGwWFy rWwmBR1afsyAH3pJULCLYHqv0kXI64XAMlIhdAgqtXA== X-Received: by 2002:a92:c7c6:: with SMTP id g6mr4452875ilk.49.1592583384456; Fri, 19 Jun 2020 09:16:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyXgMB7yZLQiBtkRyhskxyvBJkdooCx/Cm+qVFW24PqVrvOHAU6yvLCQHbtdovni1aVGRlBew== X-Received: by 2002:a92:c7c6:: with SMTP id g6mr4452852ilk.49.1592583384176; Fri, 19 Jun 2020 09:16:24 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w18sm3547756ili.19.2020.06.19.09.16.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:23 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 01/57][B] acpi: Disable ACPI table override if the kernel is locked down Date: Fri, 19 Jun 2020 11:15:25 -0500 Message-Id: <20200619161621.644540-2-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Linn Crosetto BugLink: https://bugs.launchpad.net/bugs/1884159 >From the kernel documentation (initrd_table_override.txt): If the ACPI_INITRD_TABLE_OVERRIDE compile option is true, it is possible to override nearly any ACPI table provided by the BIOS with an instrumented, modified one. When lockdown is enabled, the kernel should disallow any unauthenticated changes to kernel space. ACPI tables contain code invoked by the kernel, so do not allow ACPI tables to be overridden if the kernel is locked down. Signed-off-by: Linn Crosetto Signed-off-by: David Howells Signed-off-by: Matthew Garrett Reviewed-by: Kees Cook cc: linux-acpi@vger.kernel.org Signed-off-by: James Morris (backported from commit 6ea0e815fc5e18597724169caa6e4d46dd8e693d) Signed-off-by: Seth Forshee --- drivers/acpi/osl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c index 62a2a564a46e..3b6d3247a4c9 100644 --- a/drivers/acpi/osl.c +++ b/drivers/acpi/osl.c @@ -675,6 +675,11 @@ void __init acpi_initrd_override(void *data, size_t size) if (table_nr == 0) return; + if (secure_modules()) { + pr_notice("kernel is locked down, ignoring table override\n"); + return; + } + acpi_tables_addr = memblock_find_in_range(0, max_low_pfn_mapped << PAGE_SHIFT, all_tables_size, PAGE_SIZE); From patchwork Fri Jun 19 16:15:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313064 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7j3yh3zB47H; Sat, 20 Jun 2020 02:16:33 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgr-00026P-WA; Fri, 19 Jun 2020 16:16:29 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgp-000251-BQ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:27 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgo-0003ZE-Oz for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:27 +0000 Received: by mail-il1-f200.google.com with SMTP id g8so6835117ilr.1 for ; Fri, 19 Jun 2020 09:16:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7+N/3IGNUElCMKhuqQh0YmGeJxPkGVioopUl579fCfQ=; b=GZX9YRNUxT1ES4X+ZOQmkYcYugH4T6Sug6zhkhVw1abqt31dH35LoMWJO1MPYDPHly 7a1FkeXAhq52ezhb/dgyBE6WlfYnLHPXQZ9LkWwsacGE/BEZJMn5vSW6OAZEhwzYKIJY djdSWIpxzxWp4hKvDQ+FEbk0Bw8cOWpAsivQTyjonzrg7M4CDqwAoiTFdB35tfBlH3H4 MkA86JVJ5GNyo/srcmnUrXxXOnAwVl8Tm3tIm1VLFmCuEbv1u3MDu/SYkWPgyFILJSwK ooh1/obdBhF+OfUL2pI69njX1KBIeMVtJiRY2uP8o2IWWRQ8uEzJ3qsi7yrEPCPSVo+w UYdw== X-Gm-Message-State: AOAM530mzBU0x8Y/UXfZxd5W/DmWGy1o6QUCr+c6iy9qaTJPg6nKQ1Dz iVtEWw8cvd+31eJDSoMo3M1nlH/CruzPqF6+zUpEVp8uCunLAp8BZQzhw3caUrlMKaYRIB7uszp m0ODC1f22MTswyROr/HKD/CuvBUPhQNASMF422vlDRA== X-Received: by 2002:a92:4001:: with SMTP id n1mr4373741ila.269.1592583385642; Fri, 19 Jun 2020 09:16:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxDFBzd0nGJdQySGqCgUoBp5B/r7436cy+ROgJ82imrNPlllB4d6WKSy/U9OJoFy9v9NDMFfg== X-Received: by 2002:a92:4001:: with SMTP id n1mr4373725ila.269.1592583385429; Fri, 19 Jun 2020 09:16:25 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id b73sm3641041iof.13.2020.06.19.09.16.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:24 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 02/57][B] UBUNTU: SAUCE: (efi-lockdown) x86/mmiotrace: Lock down the testmmiotrace module Date: Fri, 19 Jun 2020 11:15:26 -0500 Message-Id: <20200619161621.644540-3-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 The testmmiotrace module shouldn't be permitted when the kernel is locked down as it can be used to arbitrarily read and write MMIO space. Suggested-by: Thomas Gleixner Signed-off-by: David Howells cc: Steven Rostedt cc: Ingo Molnar cc: "H. Peter Anvin" cc: x86@kernel.org (backported from commit 64ce4fc1ef16d4dd818eca47701f803e58444ab2 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- arch/x86/mm/testmmiotrace.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c index 38868adf07ea..dd2a4ce7b541 100644 --- a/arch/x86/mm/testmmiotrace.c +++ b/arch/x86/mm/testmmiotrace.c @@ -115,6 +115,9 @@ static int __init init(void) { unsigned long size = (read_far) ? (8 << 20) : (16 << 10); + if (secure_modules()) + return -EPERM; + if (mmio_address == 0) { pr_err("you have to use the module argument mmio_address.\n"); pr_err("DO NOT LOAD THIS MODULE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!\n"); From patchwork Fri Jun 19 16:15:27 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313066 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7p1Mg9zB47Q; Sat, 20 Jun 2020 02:16:38 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgv-00029Q-Tl; Fri, 19 Jun 2020 16:16:33 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgq-00025X-Dz for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:28 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgq-0003ZL-1V for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:28 +0000 Received: by mail-il1-f197.google.com with SMTP id e5so6791904ill.10 for ; Fri, 19 Jun 2020 09:16:27 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AiOPnvOwqnyUNLD7jFJAgnOTqSxAvEOwg9Op5kONhfo=; b=UwHwo9AnZdP3vwoy/NU+haiP/qyYWad2k7GQxmoxkz2CWrjaePayZQGPqoaBLvA5sT YfFyCPqDGLlBIaA4p2IFKPOw40fWuCw2roMZ+x4OcIyMaGLN6YlydrmeRlIvDS+2/cPX 6YF8Ydu00ebcTpTXlgBQHcFtfD47cE8gBdMuWS4rDjaKEjW467lzlKJBSMLzHYhdtngb uuVBzr+NOCNzUMFKkW+3bxr9Yc1PNdHqf6lR1A7/fDpqWe90s2b7KFxr7OpiWaIqhLxu 56hg7F7WuuAin4t3IpKWYlZp7iu+9MWgsU+y2uqf9y42OasRIykWlKz3E5H63+XjBx1W o7wA== X-Gm-Message-State: AOAM531VXILUVJhDDf3aJAT+jGWVNAjt3dOU01icIlvSMcTwGB+Nx8Aw 8mnzfmfA3wRCEr9Jch8JimvEGNqIHCRwzYlnG+cM1HTCMgrn+DmdSQ+gHmhFdE3Or2rwpdNiesz lzCXH+m5xeCkRoG2v9mY06t7WPx9kVvsSzD+ooP4Evg== X-Received: by 2002:a92:c904:: with SMTP id t4mr4106036ilp.95.1592583386898; Fri, 19 Jun 2020 09:16:26 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy0IA3BDXWOO72tgWiKZ88H2SyOU1GZPw41pMhSudD9daucCfOL/IJpsBmjpSBXD2JYLUIWxA== X-Received: by 2002:a92:c904:: with SMTP id t4mr4106016ilp.95.1592583386660; Fri, 19 Jun 2020 09:16:26 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t24sm65972ili.17.2020.06.19.09.16.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:26 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 03/57][B] Revert "Restrict /dev/mem and /dev/kmem when module loading is restricted" Date: Fri, 19 Jun 2020 11:15:27 -0500 Message-Id: <20200619161621.644540-4-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1884159 This reverts commit 517d6c3a5c1454115dd705e084a88818df3ad7e2 to backport an updated version. Signed-off-by: Seth Forshee --- drivers/char/mem.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index a59fe7264c39..76997a645da8 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -188,9 +188,6 @@ static ssize_t write_mem(struct file *file, const char __user *buf, if (p != *ppos) return -EFBIG; - if (secure_modules()) - return -EPERM; - if (!valid_phys_addr_range(p, count)) return -EFAULT; @@ -558,9 +555,6 @@ static ssize_t write_kmem(struct file *file, const char __user *buf, char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */ int err = 0; - if (secure_modules()) - return -EPERM; - if (p < (unsigned long) high_memory) { unsigned long to_write = min_t(unsigned long, count, (unsigned long)high_memory - p); From patchwork Fri Jun 19 16:15:28 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313065 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7m0lSYzB47N; Sat, 20 Jun 2020 02:16:36 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgu-00027s-8q; Fri, 19 Jun 2020 16:16:32 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgr-000264-Lj for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:29 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgr-0003ZS-AE for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:29 +0000 Received: by mail-io1-f72.google.com with SMTP id z12so7177788iow.15 for ; Fri, 19 Jun 2020 09:16:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WEuf8q9Ui1Qo38StPYjSnD8jVS7icNLfdBHhJabzpDk=; b=hcl6cds3ztKDTLD6puBh12XKJWSKxehyL3vV/6+jctftOGxu5XLlOmfapifoczZ84j iprJeSDoErqhI49w+HDf54UuR2Y0BKbSnChu3c9ltI/lfvJ0S75xTFzHouwnimzBzJ1P 4udsjn2ZOWf0FujkN0XshofRkOPmbN1YkZODrD+WGNZKSKAYzyta4HdV02AXIATwqL7H IUJWfXSkkT/ysH3bozq88fJeSHq1fCz5b1i2AQ09z4ChUJ28lM4LabHoW1tHUl3vTi0Z UvUybMFCiKeWxA/gTQg0Y7IiZaL537qHaX4/zJ2ole3StMy03Irygz5S2V0xstAoGjR4 UvRg== X-Gm-Message-State: AOAM532YjVAatoWgSwGkLloLxuiw5VR+QBsrfJuOPtP0YgiF/ibb0gzp zSHDh/YgZFMfaVedIicKZN1Qowuv7IZr0AKkd2AuTY4iEYVQgqDOb+1iXVQeF163Ad8QX89E8+I Vhfl3cQL9QyBeicU0T1P0cqtVJk8N9bcZ1qiRArruzA== X-Received: by 2002:a92:35dd:: with SMTP id c90mr4401264ilf.103.1592583388152; Fri, 19 Jun 2020 09:16:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzOOqEwB5jxKlfBS6v3+S63+647XASZKOEblVvXuTHez9RP3+lWTmK/Xe0We2g4UZVvAhTLcA== X-Received: by 2002:a92:35dd:: with SMTP id c90mr4401244ilf.103.1592583387873; Fri, 19 Jun 2020 09:16:27 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id l20sm3325644ilk.70.2020.06.19.09.16.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:27 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 04/57][B] Revert "x86: Lock down IO port access when module security is enabled" Date: Fri, 19 Jun 2020 11:15:28 -0500 Message-Id: <20200619161621.644540-5-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1884159 This reverts commit cc223b88b8e59fca362b426b0cccfe580fd8a68e to backport an updated version. Signed-off-by: Seth Forshee --- arch/x86/kernel/ioport.c | 5 ++--- drivers/char/mem.c | 4 ---- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c index ab8372443efb..589b3193f102 100644 --- a/arch/x86/kernel/ioport.c +++ b/arch/x86/kernel/ioport.c @@ -15,7 +15,6 @@ #include #include #include -#include #include /* @@ -29,7 +28,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on) if ((from + num <= from) || (from + num > IO_BITMAP_BITS)) return -EINVAL; - if (turn_on && (!capable(CAP_SYS_RAWIO) || secure_modules())) + if (turn_on && !capable(CAP_SYS_RAWIO)) return -EPERM; /* @@ -109,7 +108,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level) return -EINVAL; /* Trying to gain more privileges? */ if (level > old) { - if (!capable(CAP_SYS_RAWIO) || secure_modules()) + if (!capable(CAP_SYS_RAWIO)) return -EPERM; } regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | diff --git a/drivers/char/mem.c b/drivers/char/mem.c index 76997a645da8..6ebe2b86d8eb 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -27,7 +27,6 @@ #include #include #include -#include #include @@ -622,9 +621,6 @@ static ssize_t write_port(struct file *file, const char __user *buf, unsigned long i = *ppos; const char __user *tmp = buf; - if (secure_modules()) - return -EPERM; - if (!access_ok(VERIFY_READ, buf, count)) return -EFAULT; while (count-- > 0 && i < 65536) { From patchwork Fri Jun 19 16:15:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313067 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7r2RDszB47R; Sat, 20 Jun 2020 02:16:40 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgx-0002AF-BX; Fri, 19 Jun 2020 16:16:35 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgt-000273-05 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:31 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgs-0003ZY-CO for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:30 +0000 Received: by mail-il1-f198.google.com with SMTP id v14so6793970ilo.19 for ; Fri, 19 Jun 2020 09:16:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=lL07rwurVYtXkhzWxKeOOQZ47YdptFYj5Aagl9IHMEQ=; b=VKwWzdwUavEZU+305LItkeuoevsx2YgFDQWlPIe6/+Q7HtmHZGehYYJIy917baKaM/ Wc6Pv9mAeDoWMu6PrbsPSdDTkQOSyGA7lz1nr6HwHXgeVBljJpnz3Nf6mo6ZAgytWiHe 6jYVIpALcoMIcvVG+P84dBAUAjAbSCA37PkcOxjyn3SCLQb6u0mQ2P6du+1c9HTNzsiM JmbwpnxUlVdt9s8moG7E6Y51vIiwusr4PKKx/6ImYgiH7Q+7OVa6OjhEZ/+oMiSJ5gVZ mGc/g4jjrH3h0Vr1xqz/tWcpq/GLULPAQQQxdq6BAkzFqy/BZ4FQcB2KioyZihFMxQJY xCgA== X-Gm-Message-State: AOAM532Zk+Eu5SCgvdffnrkw8oVHwwgXjjkn4qBJch1SpNB1s0D1uL/R 8li8QnqA+Oaxou58WdTeEZM5tMifNosvs1dwrAdSlLJbd0ZRhP5Wf+wz3/1aWHojMivmH0xo0en tNxQMKZiawpemlSw+vH+QF8L/hEtVxX1GSKLGZIKmLA== X-Received: by 2002:a92:c7c6:: with SMTP id g6mr4453245ilk.49.1592583389256; Fri, 19 Jun 2020 09:16:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwNIEPWM5DNZg6QRr8S69XmJ4nY22ckLajOCJH5RYlhzTu2C0Gj1IRMRLtSCNbZZGRNjzmCtQ== X-Received: by 2002:a92:c7c6:: with SMTP id g6mr4453222ilk.49.1592583389040; Fri, 19 Jun 2020 09:16:29 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y12sm3283840ili.83.2020.06.19.09.16.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:28 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 05/57][B] UBUNTU: SAUCE: (efi-lockdown) Restrict /dev/{mem, kmem, port} when the kernel is locked down Date: Fri, 19 Jun 2020 11:15:29 -0500 Message-Id: <20200619161621.644540-6-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Matthew Garrett BugLink: https://bugs.launchpad.net/bugs/1884159 Allowing users to read and write to core kernel memory makes it possible for the kernel to be subverted, avoiding module loading restrictions, and also to steal cryptographic information. Disallow /dev/mem and /dev/kmem from being opened this when the kernel has been locked down to prevent this. Also disallow /dev/port from being opened to prevent raw ioport access and thus DMA from being used to accomplish the same thing. Signed-off-by: Matthew Garrett Signed-off-by: David Howells Reviewed-by: "Lee, Chun-Yi" (backported from commit 2eada4c7af2d4e9522a47523d2a5106d96271cd9 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- drivers/char/mem.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index 6ebe2b86d8eb..f41ad9aa5e0a 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -8,6 +8,7 @@ * Shared /dev/zero mmapping support, Feb 2000, Kanoj Sarcar */ +#include #include #include #include @@ -756,6 +757,8 @@ static loff_t memory_lseek(struct file *file, loff_t offset, int orig) static int open_port(struct inode *inode, struct file *filp) { + if (secure_modules()) + return -EPERM; return capable(CAP_SYS_RAWIO) ? 0 : -EPERM; } From patchwork Fri Jun 19 16:15:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313068 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7s5rFrzB46t; Sat, 20 Jun 2020 02:16:41 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJgz-0002Bj-0E; Fri, 19 Jun 2020 16:16:37 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgu-00027p-ID for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:32 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgt-0003Zk-SI for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:32 +0000 Received: by mail-io1-f72.google.com with SMTP id l22so7087407iob.23 for ; Fri, 19 Jun 2020 09:16:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=natZifhHBRSPfPEq8XSBeJqGGzLOpuiO7hOp7iGnnug=; b=qj2GnzU1EU7+rAFi/54GRZsZwjm3BjL4rPxQlXPDQzJNI3dvPCrYJjrtbz0y77J25s zW5HZLzFEC/R4EzYijpleOrEjDGIJeth+N9ORpK8IhfJ/748Ey+19PtqTXQ5BXkX7WFw bPQtdhZCQGJWcnX2f2RLxUopFx28BtvqG9c/GagUw0lsRvDL/xfgZz/PK276WTSGjSm1 AFhEQzlWzJvTSSqqLFgV+UuW+oL8Epur7M5cw9nks6m7AWsxebDerZ1ODVI1tdNFmRqs X5c1rEhKqj9pg8h2DqWrmuyBXqrU8xcDxA56Ii/zab6cXNCjNixKY/xshtZwELHJjna8 v03Q== X-Gm-Message-State: AOAM531zNRjb5viGaL0H6F93y8fLBCu4dYsCJkqttueFZqKFSPzwATvr ZbsBUv3hBTTPj+qg96lFuZOlHPWRWyEpC17+w4W/EwCASTkNptvt66dDFqeKp+mFd/agMQzP8TB fGtMh6wTdu878PTjYTM8zncoYDgFuqk5thdp4vACPTA== X-Received: by 2002:a05:6602:50:: with SMTP id z16mr5175085ioz.22.1592583390588; Fri, 19 Jun 2020 09:16:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxi8mKNSkWuETZzENrncdRmVt99fPQTwPm5EFF2wFJcu6c8hX+XbxQP1JKg1YzxNKlmDn9q6g== X-Received: by 2002:a05:6602:50:: with SMTP id z16mr5175043ioz.22.1592583390231; Fri, 19 Jun 2020 09:16:30 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w78sm3457360ilk.14.2020.06.19.09.16.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:29 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 06/57][B] Annotate module params that specify hardware parameters (eg. ioport) Date: Fri, 19 Jun 2020 11:15:30 -0500 Message-Id: <20200619161621.644540-7-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). This will enable such parameters to be locked down in the core parameter parser for secure boot support. I've also included annotations as to what sort of hardware configuration each module is dealing with for future use. Some of these are straightforward (ioport, iomem, irq, dma), but there are also: (1) drivers that switch the semantics of a parameter between ioport and iomem depending on a second parameter, (2) drivers that appear to reserve a CPU memory buffer at a fixed address, (3) other parameters, such as bus types and irq selection bitmasks. For the moment, the hardware configuration type isn't actually stored, though its validity is checked. Signed-off-by: David Howells (cherry picked from commit bf616d21f41174389c6d720ae21bf40f154474c8) Signed-off-by: Seth Forshee --- include/linux/moduleparam.h | 65 ++++++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h index 52666d90ca94..6be1949ebcdf 100644 --- a/include/linux/moduleparam.h +++ b/include/linux/moduleparam.h @@ -60,9 +60,11 @@ struct kernel_param_ops { * Flags available for kernel_param * * UNSAFE - the parameter is dangerous and setting it will taint the kernel + * HWPARAM - Hardware param not permitted in lockdown mode */ enum { - KERNEL_PARAM_FL_UNSAFE = (1 << 0) + KERNEL_PARAM_FL_UNSAFE = (1 << 0), + KERNEL_PARAM_FL_HWPARAM = (1 << 1), }; struct kernel_param { @@ -451,6 +453,67 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp); perm, -1, 0); \ __MODULE_PARM_TYPE(name, "array of " #type) +enum hwparam_type { + hwparam_ioport, /* Module parameter configures an I/O port */ + hwparam_iomem, /* Module parameter configures an I/O mem address */ + hwparam_ioport_or_iomem, /* Module parameter could be either, depending on other option */ + hwparam_irq, /* Module parameter configures an I/O port */ + hwparam_dma, /* Module parameter configures a DMA channel */ + hwparam_dma_addr, /* Module parameter configures a DMA buffer address */ + hwparam_other, /* Module parameter configures some other value */ +}; + +/** + * module_param_hw_named - A parameter representing a hw parameters + * @name: a valid C identifier which is the parameter name. + * @value: the actual lvalue to alter. + * @type: the type of the parameter + * @hwtype: what the value represents (enum hwparam_type) + * @perm: visibility in sysfs. + * + * Usually it's a good idea to have variable names and user-exposed names the + * same, but that's harder if the variable must be non-static or is inside a + * structure. This allows exposure under a different name. + */ +#define module_param_hw_named(name, value, type, hwtype, perm) \ + param_check_##type(name, &(value)); \ + __module_param_call(MODULE_PARAM_PREFIX, name, \ + ¶m_ops_##type, &value, \ + perm, -1, \ + KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ + __MODULE_PARM_TYPE(name, #type) + +#define module_param_hw(name, type, hwtype, perm) \ + module_param_hw_named(name, name, type, hwtype, perm) + +/** + * module_param_hw_array - A parameter representing an array of hw parameters + * @name: the name of the array variable + * @type: the type, as per module_param() + * @hwtype: what the value represents (enum hwparam_type) + * @nump: optional pointer filled in with the number written + * @perm: visibility in sysfs + * + * Input and output are as comma-separated values. Commas inside values + * don't work properly (eg. an array of charp). + * + * ARRAY_SIZE(@name) is used to determine the number of elements in the + * array, so the definition must be visible. + */ +#define module_param_hw_array(name, type, hwtype, nump, perm) \ + param_check_##type(name, &(name)[0]); \ + static const struct kparam_array __param_arr_##name \ + = { .max = ARRAY_SIZE(name), .num = nump, \ + .ops = ¶m_ops_##type, \ + .elemsize = sizeof(name[0]), .elem = name }; \ + __module_param_call(MODULE_PARAM_PREFIX, name, \ + ¶m_array_ops, \ + .arr = &__param_arr_##name, \ + perm, -1, \ + KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ + __MODULE_PARM_TYPE(name, "array of " #type) + + extern const struct kernel_param_ops param_array_ops; extern const struct kernel_param_ops param_ops_string; From patchwork Fri Jun 19 16:15:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313069 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP7w4Cd0zB46w; Sat, 20 Jun 2020 02:16:44 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJh0-0002D4-T8; Fri, 19 Jun 2020 16:16:38 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgv-00028l-Ag for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:33 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgu-0003Zo-Th for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:33 +0000 Received: by mail-il1-f200.google.com with SMTP id a4so6821860ilq.2 for ; Fri, 19 Jun 2020 09:16:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dLvxkhn3bA30ypWAEYKfeHm/e/CerthZlVTzfMbd5yw=; b=QW0zfV3HQqTKQkQ3XgAuMrXPS56ciVXkXG6vBgBq7DFR6qJ+KWMrxKMNskUz986WK1 U8UQUvKD7WEwGQZdmBCpGfcKS4H+dkdXwPGzkOZbwXYDhd0UZwEAkVIyBkFzBVifTGmL eFs3i1MZVh1+IyCgLTiInwEHg6gmuPo1Mn41DgOI4hF79/WeGw/b7Ss3HrGv7ZcCAteK mkmFdZGUVmoqKmaJYVo3eVL8Gf9kCLntl5krwRn2OTHYd1MXnIZho26fNMlknk3iqyVw B2ROi00ekmhxPgP/xUBmKw8ugzdhdP5BKhZzGZ6baWHurfKhkE7ETk5aB8N0lCrqBnqa XzOA== X-Gm-Message-State: AOAM531rjnNX6bhVJ5qYNKU0ebdVI4h2aI2GjwrkwOGSAY4UFqDQMY02 NAyriRx4pm7WafvNABXYbkjxBWrLOkaDDpr0FJeD1vRV+A8w+hg0nKNWc1Dtu9oA0eAGvK/+LEB 2UqZKhIC+7cvmCwwIrNzoBGyTpkGWPpN7t8vi0CLfPA== X-Received: by 2002:a92:a1c9:: with SMTP id b70mr4474211ill.198.1592583391829; Fri, 19 Jun 2020 09:16:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwkDCkmfSlwxAng6opFOdG2gNjKSPgXdw/yi3vpT/Y9XPKvNa2HYHNqvDlPn5lvd0iO4a0PXg== X-Received: by 2002:a92:a1c9:: with SMTP id b70mr4474185ill.198.1592583391559; Fri, 19 Jun 2020 09:16:31 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r17sm3396032ilc.33.2020.06.19.09.16.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:30 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 07/57][B] Annotate hardware config module parameters in arch/x86/mm/ Date: Fri, 19 Jun 2020 11:15:31 -0500 Message-Id: <20200619161621.644540-8-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in arch/x86/mm/. [Note: With respect to testmmiotrace, an additional patch will be added separately that makes the module refuse to load if the kernel is locked down.] Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Steven Rostedt cc: Ingo Molnar cc: Thomas Gleixner cc: "H. Peter Anvin" cc: x86@kernel.org cc: linux-kernel@vger.kernel.org cc: nouveau@lists.freedesktop.org (cherry picked from commit 3c2e2e6816930e25c755f2e4fc298a0d05d223cf) Signed-off-by: Seth Forshee --- arch/x86/mm/testmmiotrace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c index dd2a4ce7b541..a9b62c9c1a8f 100644 --- a/arch/x86/mm/testmmiotrace.c +++ b/arch/x86/mm/testmmiotrace.c @@ -9,7 +9,7 @@ #include static unsigned long mmio_address; -module_param(mmio_address, ulong, 0); +module_param_hw(mmio_address, ulong, iomem, 0); MODULE_PARM_DESC(mmio_address, " Start address of the mapping of 16 kB " "(or 8 MB if read_far is non-zero)."); From patchwork Fri Jun 19 16:15:32 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313070 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP812jvVzB477; Sat, 20 Jun 2020 02:16:49 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJh5-0002HJ-MK; Fri, 19 Jun 2020 16:16:43 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgx-0002A2-H0 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:35 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgw-0003Zu-CL for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:34 +0000 Received: by mail-il1-f200.google.com with SMTP id d3so171718ilq.9 for ; Fri, 19 Jun 2020 09:16:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WaJ+TCKyD480FFhOLIbJ1LVxgEC2QVUS97vXY12PbRc=; b=gvVT9Zlg8+FT+clCKOoJbQa3kjhqo1hQzZWvaIiugi6cL265z3Pt7UsZK+yZbA0SNo k/2RbZRzYW/KjkIFBAcVFIbzxMzzlBQQgJDhlI2WKeYfHx2x9w9ESMAAAOH14v21uS1j kmXK8p08oAXqh9vn4wX6Lz93nNYi4PcXtHPKWQogGjI86zdjvJwJVYyqb61c3QGu9RKk XoF3qRjaRga4jLSCUfHAIegRZTWFn5VLcG2eyFoe2JGZ/pM/E8tLn2FyiqBeX2i0w1fs 8dIy8pDbYAM8+wuv1gPyExJB0i8lbWogR9WTJZe4TfGyEye2brjMaGl9YNiZx55bAk7F HLMg== X-Gm-Message-State: AOAM5322zZgFRJUxuVi4KqylpHJiwKdiowstmLk/6xjlGPs5sC4C4Zok LBRfzLLIZm2P2ukGhOoFtZXtkv0vIUqv7Y2IbQqfxVtk3SSKiqnl6VDU/9WiopBtcw4CAfRGa/D HINeYhl71ym6KPsKlFoUQfGKfMLWMofVbobLd/iQ+AQ== X-Received: by 2002:a6b:7b4a:: with SMTP id m10mr5174449iop.55.1592583393121; Fri, 19 Jun 2020 09:16:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxD+QQZ0rou+RWVHmMxiRmv9HoDMfJX1AvNAxOo6PXu0PVYvzaRBNpVd4oL78XY101DA1ePUQ== X-Received: by 2002:a6b:7b4a:: with SMTP id m10mr5174426iop.55.1592583392821; Fri, 19 Jun 2020 09:16:32 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r2sm3059733iop.34.2020.06.19.09.16.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:32 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 08/57][B] Annotate hardware config module parameters in drivers/char/ipmi/ Date: Fri, 19 Jun 2020 11:15:32 -0500 Message-Id: <20200619161621.644540-9-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/char/ipmi/. Suggested-by: Alan Cox Signed-off-by: David Howells Reviewed-by: Corey Minyard cc: openipmi-developer@lists.sourceforge.net (cherry picked from commit 684497bfe8b4485325554b96b160b5ddb6e9ebaf) Signed-off-by: Seth Forshee --- drivers/char/ipmi/ipmi_si_intf.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c index 2f8ff63bbbe4..ab672b947bd6 100644 --- a/drivers/char/ipmi/ipmi_si_intf.c +++ b/drivers/char/ipmi/ipmi_si_intf.c @@ -1392,39 +1392,39 @@ MODULE_PARM_DESC(type, "Defines the type of each interface, each" " interface separated by commas. The types are 'kcs'," " 'smic', and 'bt'. For example si_type=kcs,bt will set" " the first interface to kcs and the second to bt"); -module_param_array(addrs, ulong, &num_addrs, 0); +module_param_hw_array(addrs, ulong, iomem, &num_addrs, 0); MODULE_PARM_DESC(addrs, "Sets the memory address of each interface, the" " addresses separated by commas. Only use if an interface" " is in memory. Otherwise, set it to zero or leave" " it blank."); -module_param_array(ports, uint, &num_ports, 0); +module_param_hw_array(ports, uint, ioport, &num_ports, 0); MODULE_PARM_DESC(ports, "Sets the port address of each interface, the" " addresses separated by commas. Only use if an interface" " is a port. Otherwise, set it to zero or leave" " it blank."); -module_param_array(irqs, int, &num_irqs, 0); +module_param_hw_array(irqs, int, irq, &num_irqs, 0); MODULE_PARM_DESC(irqs, "Sets the interrupt of each interface, the" " addresses separated by commas. Only use if an interface" " has an interrupt. Otherwise, set it to zero or leave" " it blank."); -module_param_array(regspacings, int, &num_regspacings, 0); +module_param_hw_array(regspacings, int, other, &num_regspacings, 0); MODULE_PARM_DESC(regspacings, "The number of bytes between the start address" " and each successive register used by the interface. For" " instance, if the start address is 0xca2 and the spacing" " is 2, then the second address is at 0xca4. Defaults" " to 1."); -module_param_array(regsizes, int, &num_regsizes, 0); +module_param_hw_array(regsizes, int, other, &num_regsizes, 0); MODULE_PARM_DESC(regsizes, "The size of the specific IPMI register in bytes." " This should generally be 1, 2, 4, or 8 for an 8-bit," " 16-bit, 32-bit, or 64-bit register. Use this if you" " the 8-bit IPMI register has to be read from a larger" " register."); -module_param_array(regshifts, int, &num_regshifts, 0); +module_param_hw_array(regshifts, int, other, &num_regshifts, 0); MODULE_PARM_DESC(regshifts, "The amount to shift the data read from the." " IPMI register, in bits. For instance, if the data" " is read from a 32-bit word and the IPMI data is in" " bit 8-15, then the shift would be 8"); -module_param_array(slave_addrs, int, &num_slave_addrs, 0); +module_param_hw_array(slave_addrs, int, other, &num_slave_addrs, 0); MODULE_PARM_DESC(slave_addrs, "Set the default IPMB slave address for" " the controller. Normally this is 0x20, but can be" " overridden by this parm. This is an array indexed" From patchwork Fri Jun 19 16:15:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313071 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP836fCdzB47D; Sat, 20 Jun 2020 02:16:51 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJh7-0002J1-Nz; Fri, 19 Jun 2020 16:16:45 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgy-0002Az-Lm for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:36 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgx-0003a0-Mv for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:35 +0000 Received: by mail-il1-f200.google.com with SMTP id d3so171796ilq.9 for ; Fri, 19 Jun 2020 09:16:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AzqbAC/ES63EnFAvo4b4A9hsSBPEa2/RCHMG4gU+vck=; b=fzsN8pYbR+yAgLD2Wp91t6tJR7kefGQUilK2+lHZxTRSEFm18un+8JBLMKHNhXECkF w4wkWkTVV9fw4GI/4dq1Uln/CUS88KDB8c9+qZrE2/x99Pmf9wjGlMNrvh+pNkrFgLVY 4NbBKOyNup3zYUpA6fLHBxyl1F6iQ8mAEJ6i411lOXSVDd/y7IgcIlUrpAtQteD1SC8R F2rjWK97XkOg7HstZ4ar4anLUkzt3kze1LbWfhgAbBnYjmJutcSjHwpLl5tS2+gjoo5u 6fV0KjihzJvvM3qOZG4OmYt8rTCT3db+w2wy5Oya8knaCMcFbR50YpU20NCouGQurIE9 IwBw== X-Gm-Message-State: AOAM532CS4UeQRpycePQnJjgSPpRCoAypMw5pBM1tAMEn/PcFd/Zf2dq ZDduj4ns5PNif/R8FXBfqiIu6kxSsSs8fj2zAH3Ht3OKp9DwAQ1H139kbubHqUpd3bvPj1ALWyq Ir/DMFlWltcd4JAlz4P4a7R0SZBPfgrGux3jmIRu4uA== X-Received: by 2002:a92:d409:: with SMTP id q9mr4229243ilm.246.1592583394586; Fri, 19 Jun 2020 09:16:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyKycMBTRMIYE4sSv7xcUXjJs19OkRiZMnJ99b1sq7uxn5lyeOHKN7HEv44yfF7tthxx2w8+g== X-Received: by 2002:a92:d409:: with SMTP id q9mr4229217ilm.246.1592583394342; Fri, 19 Jun 2020 09:16:34 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x15sm3178707ilj.78.2020.06.19.09.16.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:33 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 09/57][B] Annotate hardware config module parameters in drivers/char/mwave/ Date: Fri, 19 Jun 2020 11:15:33 -0500 Message-Id: <20200619161621.644540-10-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/char/mwave/. Suggested-by: Alan Cox Signed-off-by: David Howells (cherry picked from commit 94b599bc07c3c4f365f546218918dcbc363111b2) Signed-off-by: Seth Forshee --- drivers/char/mwave/mwavedd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/char/mwave/mwavedd.c b/drivers/char/mwave/mwavedd.c index 618f3df6c3b9..19c11efe78b1 100644 --- a/drivers/char/mwave/mwavedd.c +++ b/drivers/char/mwave/mwavedd.c @@ -81,10 +81,10 @@ int mwave_3780i_io = 0; int mwave_uart_irq = 0; int mwave_uart_io = 0; module_param(mwave_debug, int, 0); -module_param(mwave_3780i_irq, int, 0); -module_param(mwave_3780i_io, int, 0); -module_param(mwave_uart_irq, int, 0); -module_param(mwave_uart_io, int, 0); +module_param_hw(mwave_3780i_irq, int, irq, 0); +module_param_hw(mwave_3780i_io, int, ioport, 0); +module_param_hw(mwave_uart_irq, int, irq, 0); +module_param_hw(mwave_uart_io, int, ioport, 0); static int mwave_open(struct inode *inode, struct file *file); static int mwave_close(struct inode *inode, struct file *file); From patchwork Fri Jun 19 16:15:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313072 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP870ZVfz9t79; Sat, 20 Jun 2020 02:16:55 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhA-0002LY-EC; Fri, 19 Jun 2020 16:16:48 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh0-0002CQ-OY for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:38 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJgz-0003a9-2H for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:37 +0000 Received: by mail-il1-f197.google.com with SMTP id a4so6822069ilq.2 for ; Fri, 19 Jun 2020 09:16:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=w2J9bq1jc2+eFfA0FNWUc5i8SCn0Cg7uiLuKmEbT3so=; b=PxD6X/uR/i2H0XWoyQQmQhFwqteXxKpA+3AcNEiz/Xz0jLJo0csWk6CNWfjjtCJhbx FONIZce36T9PB3NAP3x467w6OfowtNqGNznVJiJq6cgmOtYgPta/LY8lF6OBXH/x9ViV HbGOgvC8KUJ8CftlIWcBLDtrw8vy62S3QtkuUpoq58wbJZhnvUF28W59NZzLF8u1JZX9 Qy2HeltE6yuzTl1SG+cdXQY+BjxDHNO0Ng2N2dicMrWVuhe9p5XRsb6kJ56eiJJSKl4A tClJJG0XJCCoTFqIxklRIXoqE4p4V/+fLOZhochSrhUl+1Vuh0GBmrghPYb7SyWzBfK+ a1Cg== X-Gm-Message-State: AOAM530p125jPDwqSUqEOxNzGN+6FHTYhMX/qaQ38D5ozRZjCdVtdLCl i835HiTLZ7ftbs/yhfTSsSU/KkVHLd4Tta9Hl579/qW6tLKQNviRfhxVxpD/qEMhKIiUS2QArFW D0jMEFtmwNtQ8IgAShHMlksfCSkhYzJ7baSjnC2yQng== X-Received: by 2002:a05:6602:25d3:: with SMTP id d19mr5250677iop.15.1592583395866; Fri, 19 Jun 2020 09:16:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyt00lTz1oOH2woafRya9Ov3R6nRCBDHRCUV4bONO8mj48z/Q/l8Cqbn742iD3jAqM1/B4+dw== X-Received: by 2002:a05:6602:25d3:: with SMTP id d19mr5250656iop.15.1592583395598; Fri, 19 Jun 2020 09:16:35 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id v2sm3606895iol.36.2020.06.19.09.16.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:35 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 10/57][B] Annotate hardware config module parameters in drivers/char/ Date: Fri, 19 Jun 2020 11:15:34 -0500 Message-Id: <20200619161621.644540-11-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/char/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: Arnd Bergmann (cherry picked from commit 1c37ab5e51792a5419bdc84804aec6379cb43adb) Signed-off-by: Seth Forshee --- drivers/char/applicom.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/char/applicom.c b/drivers/char/applicom.c index 9fcd51095d13..aeb0b876bb19 100644 --- a/drivers/char/applicom.c +++ b/drivers/char/applicom.c @@ -95,9 +95,9 @@ static struct applicom_board { static unsigned int irq = 0; /* interrupt number IRQ */ static unsigned long mem = 0; /* physical segment of board */ -module_param(irq, uint, 0); +module_param_hw(irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ of the Applicom board"); -module_param(mem, ulong, 0); +module_param_hw(mem, ulong, iomem, 0); MODULE_PARM_DESC(mem, "Shared Memory Address of Applicom board"); static unsigned int numboards; /* number of installed boards */ From patchwork Fri Jun 19 16:15:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313073 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8F0XdRz9syB; Sat, 20 Jun 2020 02:17:01 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhF-0002P9-Gf; Fri, 19 Jun 2020 16:16:53 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh2-0002DG-Ar for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:40 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh0-0003aE-Do for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:38 +0000 Received: by mail-io1-f72.google.com with SMTP id l204so7159753ioa.4 for ; Fri, 19 Jun 2020 09:16:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uGMkQ07+7bx1FU5yI2G6Hy0lRKlEMcGlWA8E+bd5ZVA=; b=DyxZLwwVjPhPl3EhzVRQSfpNRvMsmgzR+x6qFwiI80B8ZeC+CuXYf2EM953hvEbKbh qMqqnOxbR13OKpApszDEinJT3bSCOn75p3WbcRxpW9SYydt8dKtO3Q0hKBybD2rP5gmX 97pdy4wViei7kQvYoJ/5U+hdoJAJ5a1C3wh6TNU9Zfz0soEWgTNLYiARDHw6SqkbuxAA Cp+GLNLLSGZIYdJXDrG/4LsvYt0KONLQ9DBQpu0VoTwLrfNjjpImAvK7JKh7HwnnykcR STVrqYuEsIOy1WRW0xVar1zHxfLeS534OnXPJQZZhgylJo5fXoR8Q1Z5B9g05nTxnLsR TjNQ== X-Gm-Message-State: AOAM533EGLEDLcPeUdZ2KQA42ujwiE4Pujfska9yzReULmz+pRKmolbp ans6jsll2A4SZP7J0d4+McPCsumc+q2QuD9ItatozwCCOtDOUk3dCj8mJiVVH97oY0Y8Egcb4wm Z+U935UpUZ/tdsGYDG6abOdcMGY1jmxglpxK0IBY3yA== X-Received: by 2002:a05:6e02:eee:: with SMTP id j14mr4361801ilk.261.1592583397321; Fri, 19 Jun 2020 09:16:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyXoDsxCH8X96+Gqh/eE5GW5hXtt3zfHdP7stY7indSavfLZin2z1lbIz/Amqm1M5c+GteYXw== X-Received: by 2002:a05:6e02:eee:: with SMTP id j14mr4361776ilk.261.1592583396992; Fri, 19 Jun 2020 09:16:36 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x15sm3178765ilj.78.2020.06.19.09.16.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:36 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 11/57][B] Annotate hardware config module parameters in drivers/clocksource/ Date: Fri, 19 Jun 2020 11:15:35 -0500 Message-Id: <20200619161621.644540-12-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/clocksource/. [Note: With regard to cs5535-clockevt.c, Thomas Gleixner asked whether the timer_irq parameter is required for the driver to work on anything other than arbitrary hardware which has it mapped to 0. Jens Rottmann replied that the parameter defaults to 0, which means: 1. autodetect (=keep IRQ BIOS has set up) 2. if that fails use CONFIG_CS5535_MFGPT_DEFAULT_IRQ (see drivers/misc/cs5535-mfgpt.c: cs5535_mfgpt_set_irq()) Jens further noted that there may not be any systems that have CS5535/36 devices that support EFI and secure boot.] Suggested-by: Alan Cox Signed-off-by: David Howells cc: Daniel Lezcano cc: Thomas Gleixner cc: Jens Rottmann cc: linux-kernel@vger.kernel.org (cherry picked from commit cc9c617557cd0442294138188ac8611659768a10) Signed-off-by: Seth Forshee --- drivers/clocksource/cs5535-clockevt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clocksource/cs5535-clockevt.c b/drivers/clocksource/cs5535-clockevt.c index e1d7373e63e0..1de8cac99a0e 100644 --- a/drivers/clocksource/cs5535-clockevt.c +++ b/drivers/clocksource/cs5535-clockevt.c @@ -22,7 +22,7 @@ #define DRV_NAME "cs5535-clockevt" static int timer_irq; -module_param_named(irq, timer_irq, int, 0644); +module_param_hw_named(irq, timer_irq, int, irq, 0644); MODULE_PARM_DESC(irq, "Which IRQ to use for the clock source MFGPT ticks."); /* From patchwork Fri Jun 19 16:15:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313075 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8R3vwkzB471; Sat, 20 Jun 2020 02:17:11 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhR-0002Zp-Ca; Fri, 19 Jun 2020 16:17:05 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh3-0002Eq-Ff for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:41 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh2-0003aW-KJ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:40 +0000 Received: by mail-io1-f70.google.com with SMTP id l22so7087833iob.23 for ; Fri, 19 Jun 2020 09:16:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2LUEeHhPc0QLdUDAtM7h+fXX/Xde04MwmYmNnrJbCSs=; b=sba5TebKgHh8RglfZyBVOvPRNOoi2LJPnx6LNXuG9zWuQT5tkdRlyFeyNrzw6XfpoA gMZR0DAqZZIHU+WmA14lr1iILSMdDTNC8aNJTYSr+8RfRWgvXkhPhk9l/f39LLOV0XVL GxkhK2HVUsWHYj8V52uMnO1Qj6YCE3mcWfCvC4zH2vWR6vZCgfwzbPYnDGvDVH5FD6DV O85QtKqcEK2TPndXqcoxers1/ckWAUeXdbusNXvwoyqMbF+nEoS1jpelzfP/ZvSMhwge hSl1WaFLDVIFw4hZ+ZZaTevPZwWSRgSl8I1j1X2oVJ7bNs5brBDcMsOkdA4L6fM/1s/L XE2Q== X-Gm-Message-State: AOAM532kgXlziRs4jxFiDJMd44+5VDXPpiIASXuLzWs6jHtu7TaImzBc 4hS6QNg5if+THLbzwukqb8Idl/haPA+deyeF1SyWSgFDe0+1kk6wfv3pNdQnhlTdlqWhCmEkBfs k5xCyCuzN7xFsRKlNXadB6RD5iySA7AiN5KYOrpUlYA== X-Received: by 2002:a05:6602:1601:: with SMTP id x1mr5249301iow.129.1592583399214; Fri, 19 Jun 2020 09:16:39 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzsG9i/hgEh23/X/PSwJ+MUpqvXza0Nn9tDpxvH6nzFzIns/xUaj4sEG8BL6tmQ+Yi0TXWOLA== X-Received: by 2002:a05:6602:1601:: with SMTP id x1mr5249214iow.129.1592583398231; Fri, 19 Jun 2020 09:16:38 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y2sm3341786ilg.69.2020.06.19.09.16.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:37 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 12/57][B] Annotate hardware config module parameters in drivers/cpufreq/ Date: Fri, 19 Jun 2020 11:15:36 -0500 Message-Id: <20200619161621.644540-13-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/cpufreq/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: "Rafael J. Wysocki" Acked-by: Viresh Kumar cc: linux-pm@vger.kernel.org (cherry picked from commit 40059ec6701bd10d7d972ed302cca61cf8b6f2cf) Signed-off-by: Seth Forshee --- drivers/cpufreq/speedstep-smi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/cpufreq/speedstep-smi.c b/drivers/cpufreq/speedstep-smi.c index 819229e824fb..b5691317b6dd 100644 --- a/drivers/cpufreq/speedstep-smi.c +++ b/drivers/cpufreq/speedstep-smi.c @@ -377,7 +377,7 @@ static void __exit speedstep_exit(void) cpufreq_unregister_driver(&speedstep_driver); } -module_param(smi_port, int, 0444); +module_param_hw(smi_port, int, ioport, 0444); module_param(smi_cmd, int, 0444); module_param(smi_sig, uint, 0444); From patchwork Fri Jun 19 16:15:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313076 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8V3tSrzB47D; Sat, 20 Jun 2020 02:17:14 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhU-0002dl-EH; Fri, 19 Jun 2020 16:17:08 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh3-0002Ez-Tc for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:41 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh2-0003aX-OG for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:40 +0000 Received: by mail-io1-f70.google.com with SMTP id c5so7092514iok.18 for ; Fri, 19 Jun 2020 09:16:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BL5yL7oY/9Qnleyl5Itl0tw0Tibek5I6ZYbO8678NgE=; b=FZibFEXhF7574iiZW91ZvEMIvQboh9mkFRKt8/XC+lrbj/xgDQzL5btkXnSdVsa/06 pud/DmLiNeQE4NNKyyBCjRPVwbsPGvv4wJnNGn32Ak8pi1lYuT29lAN5JY/I/1z6qWYP ePkYZWrMl+tNa4NYvoMZObKHdtsN67ZJ7bu6UqEiBlk4lnqz/TsDT7SrcQZj0j7tAKwD /vKsRyapG+3KGnK6rZe/+ruU4Ii+LLpk1Vy8yoxurDvWV18+NAr47Wc6RSjtl88+gb0R y+AkBGX50o3LwVqTIP1a8Sp/DJShqMeymR+wUhGGtDyjZcnwj/tbM3JVv5Y4JcBRnMjZ yNog== X-Gm-Message-State: AOAM5334+95kUakFhPQf/p+eAhRDZZP+7e96tWhyKUxf73Qr8+qLeG7/ gaqBNBfNFjTrt5tGFuHe85rcT1fq9awADLKld2WkNrkV9Yy2cAo4fu6UyO3ggNm7AGA8A8jT9Va KX5uUwBmruLu52K46n1sky628RZQZ46y5n1ZSXaNlSQ== X-Received: by 2002:a92:c0c8:: with SMTP id t8mr4601595ilf.176.1592583399571; Fri, 19 Jun 2020 09:16:39 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxLQ0LoVxoVU8A7ER9CnjF+wvSIo+c94FgB3gzGKFwX62Bs8V5Ngd+yn2SD2XpSU98o64q6wQ== X-Received: by 2002:a92:c0c8:: with SMTP id t8mr4601572ilf.176.1592583399330; Fri, 19 Jun 2020 09:16:39 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a10sm3404601ilb.31.2020.06.19.09.16.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:38 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 13/57][B] Annotate hardware config module parameters in drivers/gpio/ Date: Fri, 19 Jun 2020 11:15:37 -0500 Message-Id: <20200619161621.644540-14-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/gpio/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: William Breathitt Gray Acked-by: Linus Walleij cc: Alexandre Courbot cc: linux-gpio@vger.kernel.org (backported from commit d759f906794b3b2894780870227c3c05895d83c1) Signed-off-by: Seth Forshee --- drivers/gpio/gpio-104-idio-16.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpio/gpio-104-idio-16.c b/drivers/gpio/gpio-104-idio-16.c index 5400d7d4d8fd..f48f72e20f2e 100644 --- a/drivers/gpio/gpio-104-idio-16.c +++ b/drivers/gpio/gpio-104-idio-16.c @@ -23,7 +23,7 @@ #include static unsigned idio_16_base; -module_param(idio_16_base, uint, 0); +module_param_hw(idio_16_base, uint, ioport, 0); MODULE_PARM_DESC(idio_16_base, "ACCES 104-IDIO-16 base address"); /** From patchwork Fri Jun 19 16:15:38 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313074 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8L0t7PzB3t1; Sat, 20 Jun 2020 02:17:06 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhL-0002TS-1L; Fri, 19 Jun 2020 16:16:59 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh5-0002GO-Mb for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:43 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh4-0003ah-4u for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:42 +0000 Received: by mail-io1-f71.google.com with SMTP id l204so7159972ioa.4 for ; Fri, 19 Jun 2020 09:16:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=A1Fcvn23JBd+n0F4D5ztp3w3AN0IlJH/19qO+Q+8nBE=; b=LY8/+RvU+lD0n3IpaZ/FH6OO9UefYtcb1uqO6ZXDGufuXdqC4F+pSjoi4fU+tQA6wf ewKhKcurEL+s+lO8vNTAh7JV9wlly2CBJS+xIn5HETKYxizhqGSzZlwmNASmaLarGu1u dmDNtliyvWxpOlcOcK37nXhiK2gkOQjFfNWBxRVIoOlUkr+BILo+U1873XWATDyxB1J3 7VGj8JnhxAY1fZoT5JiqElt2ltwFb3otyvi2qFIoF8zdr0WNr8pNOSiBI+ZtKNFKu/u9 rCic/5pqcVLyrOBJghtf9/cTxWm66hr7IzpfRRBpfHL+DJvc5ksCwsErvXGw4qRezt/v DqWg== X-Gm-Message-State: AOAM533qJDFfJOduVAxqVgtVN5msu/G8wHXwxD3/a4tKfsT7ZkUC3qfk hJIqRH5tq7K01p3Mp8e3CzvIN+zXRXzrT1Mg3MfCXwZO//Y4+8D+/0r+3zedfDX1OD4KEegCNfk cAMBOKlHi1eVPJwo0eibWucUdwbTtl38tcYMDsF3e6Q== X-Received: by 2002:a92:c78b:: with SMTP id c11mr4337846ilk.56.1592583400932; Fri, 19 Jun 2020 09:16:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy3BgKld15TyCJydwHh2z8brOl7k4jSyB0fBww/icsgWYNmNYWwD28NpLpEvV6ILDzGYN9HIA== X-Received: by 2002:a92:c78b:: with SMTP id c11mr4337833ilk.56.1592583400629; Fri, 19 Jun 2020 09:16:40 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id p11sm3663197ioo.26.2020.06.19.09.16.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:40 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 14/57][B] Annotate hardware config module parameters in drivers/i2c/ Date: Fri, 19 Jun 2020 11:15:38 -0500 Message-Id: <20200619161621.644540-15-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/i2c/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Wolfram Sang Acked-by: Jean Delvare cc: linux-i2c@vger.kernel.org (backported from commit c78babcc7d25ffd44a579c796fb4e9a313c0b127) Signed-off-by: Seth Forshee --- drivers/i2c/busses/i2c-ali15x3.c | 2 +- drivers/i2c/busses/i2c-elektor.c | 6 +++--- drivers/i2c/busses/i2c-parport-light.c | 4 ++-- drivers/i2c/busses/i2c-pca-isa.c | 4 ++-- drivers/i2c/busses/i2c-piix4.c | 2 +- drivers/i2c/busses/i2c-sis5595.c | 2 +- drivers/i2c/busses/i2c-viapro.c | 2 +- drivers/i2c/busses/scx200_acb.c | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/i2c/busses/i2c-ali15x3.c b/drivers/i2c/busses/i2c-ali15x3.c index 45c5c4883022..6e6bf46bcb52 100644 --- a/drivers/i2c/busses/i2c-ali15x3.c +++ b/drivers/i2c/busses/i2c-ali15x3.c @@ -119,7 +119,7 @@ /* If force_addr is set to anything different from 0, we forcibly enable the device at the given address. */ static u16 force_addr; -module_param(force_addr, ushort, 0); +module_param_hw(force_addr, ushort, ioport, 0); MODULE_PARM_DESC(force_addr, "Initialize the base address of the i2c controller"); diff --git a/drivers/i2c/busses/i2c-elektor.c b/drivers/i2c/busses/i2c-elektor.c index 92e8c0ce1625..af4eedef733e 100644 --- a/drivers/i2c/busses/i2c-elektor.c +++ b/drivers/i2c/busses/i2c-elektor.c @@ -333,11 +333,11 @@ MODULE_AUTHOR("Hans Berglund "); MODULE_DESCRIPTION("I2C-Bus adapter routines for PCF8584 ISA bus adapter"); MODULE_LICENSE("GPL"); -module_param(base, int, 0); -module_param(irq, int, 0); +module_param_hw(base, int, ioport_or_iomem, 0); +module_param_hw(irq, int, irq, 0); module_param(clock, int, 0); module_param(own, int, 0); -module_param(mmapped, int, 0); +module_param_hw(mmapped, int, other, 0); module_init(i2c_pcfisa_init); module_exit(i2c_pcfisa_exit); diff --git a/drivers/i2c/busses/i2c-parport-light.c b/drivers/i2c/busses/i2c-parport-light.c index 1bcdd10b68b9..faa8fb8f2b8f 100644 --- a/drivers/i2c/busses/i2c-parport-light.c +++ b/drivers/i2c/busses/i2c-parport-light.c @@ -38,11 +38,11 @@ static struct platform_device *pdev; static u16 base; -module_param(base, ushort, 0); +module_param_hw(base, ushort, ioport, 0); MODULE_PARM_DESC(base, "Base I/O address"); static int irq; -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "IRQ (optional)"); /* ----- Low-level parallel port access ----------------------------------- */ diff --git a/drivers/i2c/busses/i2c-pca-isa.c b/drivers/i2c/busses/i2c-pca-isa.c index e0eb4ca0102e..2e1931d5ca76 100644 --- a/drivers/i2c/busses/i2c-pca-isa.c +++ b/drivers/i2c/busses/i2c-pca-isa.c @@ -207,10 +207,10 @@ MODULE_AUTHOR("Ian Campbell "); MODULE_DESCRIPTION("ISA base PCA9564/PCA9665 driver"); MODULE_LICENSE("GPL"); -module_param(base, ulong, 0); +module_param_hw(base, ulong, ioport, 0); MODULE_PARM_DESC(base, "I/O base address"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "IRQ"); module_param(clock, int, 0); MODULE_PARM_DESC(clock, "Clock rate in hertz.\n\t\t" diff --git a/drivers/i2c/busses/i2c-piix4.c b/drivers/i2c/busses/i2c-piix4.c index b61db9db3ca5..45cb33360522 100644 --- a/drivers/i2c/busses/i2c-piix4.c +++ b/drivers/i2c/busses/i2c-piix4.c @@ -86,7 +86,7 @@ MODULE_PARM_DESC(force, "Forcibly enable the PIIX4. DANGEROUS!"); /* If force_addr is set to anything different from 0, we forcibly enable the PIIX4 at the given address. VERY DANGEROUS! */ static int force_addr; -module_param (force_addr, int, 0); +module_param_hw(force_addr, int, ioport, 0); MODULE_PARM_DESC(force_addr, "Forcibly enable the PIIX4 at the given address. " "EXTREMELY DANGEROUS!"); diff --git a/drivers/i2c/busses/i2c-sis5595.c b/drivers/i2c/busses/i2c-sis5595.c index 7d58a40faf2d..d543a9867ba4 100644 --- a/drivers/i2c/busses/i2c-sis5595.c +++ b/drivers/i2c/busses/i2c-sis5595.c @@ -119,7 +119,7 @@ static int blacklist[] = { /* If force_addr is set to anything different from 0, we forcibly enable the device at the given address. */ static u16 force_addr; -module_param(force_addr, ushort, 0); +module_param_hw(force_addr, ushort, ioport, 0); MODULE_PARM_DESC(force_addr, "Initialize the base address of the i2c controller"); static struct pci_driver sis5595_driver; diff --git a/drivers/i2c/busses/i2c-viapro.c b/drivers/i2c/busses/i2c-viapro.c index 0ee2646f3b00..0dc45e12bb1d 100644 --- a/drivers/i2c/busses/i2c-viapro.c +++ b/drivers/i2c/busses/i2c-viapro.c @@ -94,7 +94,7 @@ MODULE_PARM_DESC(force, "Forcibly enable the SMBus. DANGEROUS!"); /* If force_addr is set to anything different from 0, we forcibly enable the VT596 at the given address. VERY DANGEROUS! */ static u16 force_addr; -module_param(force_addr, ushort, 0); +module_param_hw(force_addr, ushort, ioport, 0); MODULE_PARM_DESC(force_addr, "Forcibly enable the SMBus at the given address. " "EXTREMELY DANGEROUS!"); diff --git a/drivers/i2c/busses/scx200_acb.c b/drivers/i2c/busses/scx200_acb.c index 0a7e410b6195..e0923bee8d1f 100644 --- a/drivers/i2c/busses/scx200_acb.c +++ b/drivers/i2c/busses/scx200_acb.c @@ -42,7 +42,7 @@ MODULE_LICENSE("GPL"); #define MAX_DEVICES 4 static int base[MAX_DEVICES] = { 0x820, 0x840 }; -module_param_array(base, int, NULL, 0); +module_param_hw_array(base, int, ioport, NULL, 0); MODULE_PARM_DESC(base, "Base addresses for the ACCESS.bus controllers"); #define POLL_TIMEOUT (HZ/5) From patchwork Fri Jun 19 16:15:39 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313078 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8f2F07zB46t; Sat, 20 Jun 2020 02:17:22 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJha-0002kM-Nn; Fri, 19 Jun 2020 16:17:14 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh7-0002Hd-8h for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:45 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh5-0003ao-BL for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:43 +0000 Received: by mail-il1-f199.google.com with SMTP id n2so6814737ilq.4 for ; Fri, 19 Jun 2020 09:16:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=sQA4RNjeOAFL8ZvSpU90F10ame2j3xG6L97Q7eOgZ3o=; b=aYF0e8lPkFTX8/96FSQo2w+RucMJmS0V4A/u2rFMrgDPMMBSkciO5ZNprCoyoP1osW s7iNXVxT3AC+df906CRmq0A39SmuHT8CjRMRjKTYGu13cNiszRq9gViqfAZ3mtQMNeXp WKu/KuydnBZtL/1LI1jUqTzf2glxO83aV/ddxB/EnIbYES0CduH6FLGAUXYWxojsjO4M zEpjHW9CSS3RZy++KHq3pGLj60Ta8G1bd/t9jt5Bor5WC6sCpSjYARrBnxguAEO3gWEH agKUkRBAIoaEQGYGQDwJpxkdRJOqBMEvwjkUdu9MBHyLGInJAILyVgKZHnCD4ZIr2q6S zpig== X-Gm-Message-State: AOAM530ZkFmSwxlcacw7Tdn+T9BMDpn3GeKF/MGyfx3IRHv6vEx2TQVG E9h3s/pqhlglXXupVQ56Marks47XOAlr93mp7bnOJq7dGYoDL5qml++6OhyXMgPq5emnO2bJmO4 luOD4IS7PC64JHAxQTZK21yVpFYEmB+fatGvNYOp/4Q== X-Received: by 2002:a5d:914d:: with SMTP id y13mr5206132ioq.48.1592583402215; Fri, 19 Jun 2020 09:16:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxKHsj+2sNZY9zm5HwUqQIZnJCa8Hee52xSNyCiwT6BpEF55BQqIux7HkiyE9gWptDvHjNwWw== X-Received: by 2002:a5d:914d:: with SMTP id y13mr5206091ioq.48.1592583401896; Fri, 19 Jun 2020 09:16:41 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id s71sm3463738ili.44.2020.06.19.09.16.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:41 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 15/57][B] Annotate hardware config module parameters in drivers/input/ Date: Fri, 19 Jun 2020 11:15:39 -0500 Message-Id: <20200619161621.644540-16-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/input/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Dmitry Torokhov cc: linux-input@vger.kernel.org (cherry picked from commit f6b12d04346cfcc926756ded982c91c25eff0333) Signed-off-by: Seth Forshee --- drivers/input/mouse/inport.c | 2 +- drivers/input/mouse/logibm.c | 2 +- drivers/input/touchscreen/mk712.c | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/input/mouse/inport.c b/drivers/input/mouse/inport.c index 3827a22362de..9ce71dfa0de1 100644 --- a/drivers/input/mouse/inport.c +++ b/drivers/input/mouse/inport.c @@ -78,7 +78,7 @@ MODULE_LICENSE("GPL"); #define INPORT_IRQ 5 static int inport_irq = INPORT_IRQ; -module_param_named(irq, inport_irq, uint, 0); +module_param_hw_named(irq, inport_irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ number (5=default)"); static struct input_dev *inport_dev; diff --git a/drivers/input/mouse/logibm.c b/drivers/input/mouse/logibm.c index e2413113df22..6f165e053f4d 100644 --- a/drivers/input/mouse/logibm.c +++ b/drivers/input/mouse/logibm.c @@ -69,7 +69,7 @@ MODULE_LICENSE("GPL"); #define LOGIBM_IRQ 5 static int logibm_irq = LOGIBM_IRQ; -module_param_named(irq, logibm_irq, uint, 0); +module_param_hw_named(irq, logibm_irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ number (5=default)"); static struct input_dev *logibm_dev; diff --git a/drivers/input/touchscreen/mk712.c b/drivers/input/touchscreen/mk712.c index 36e57deacd03..bd5352824f77 100644 --- a/drivers/input/touchscreen/mk712.c +++ b/drivers/input/touchscreen/mk712.c @@ -50,11 +50,11 @@ MODULE_DESCRIPTION("ICS MicroClock MK712 TouchScreen driver"); MODULE_LICENSE("GPL"); static unsigned int mk712_io = 0x260; /* Also 0x200, 0x208, 0x300 */ -module_param_named(io, mk712_io, uint, 0); +module_param_hw_named(io, mk712_io, uint, ioport, 0); MODULE_PARM_DESC(io, "I/O base address of MK712 touchscreen controller"); static unsigned int mk712_irq = 10; /* Also 12, 14, 15 */ -module_param_named(irq, mk712_irq, uint, 0); +module_param_hw_named(irq, mk712_irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ of MK712 touchscreen controller"); /* eight 8-bit registers */ From patchwork Fri Jun 19 16:15:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313077 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8b6kHgz9syB; Sat, 20 Jun 2020 02:17:19 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhY-0002jD-Tu; Fri, 19 Jun 2020 16:17:12 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh7-0002Ih-Qj for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:45 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh6-0003au-HL for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:44 +0000 Received: by mail-io1-f70.google.com with SMTP id j9so5199056iog.1 for ; Fri, 19 Jun 2020 09:16:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=21D9e3VSqCE7i8xDSLjIEWPWTfu0JPqpi2POaHrpW0w=; b=LKGwEoP3rOO37cx/uhOcDuIpB9YVF3Qtp6tp+pPNElTL/4tCwpLymqaa7cQ7aQDiF1 voxGWnoEZLWD7VbYLabIgMl3BO9Dj/3fT5aMi0a5ZzT6BXCSR3NnhF/W0yhB6jAu1trm cXWAGZAFm8LjJUhXD6RO3RQ4uMsE8NcszQucfxpntYEasVxJSFNXR7dOyYrn5VMYQNnM qA6tf/XBLHQ4hAbnncoXSQ1zNU2UCYvtlHc+223FNg6epqmU826T01jjmwcxYtqlwxpC Mfw1XB6Ca2HbF5E2altP+kpPH834+0zRdGOfel56+9sBQ9sefa81jChZl47xarQhPKpj 7pfA== X-Gm-Message-State: AOAM533z1QXznrgsK0Pbj1RBISD6i4Bvu2wdBdQxpaZa6HGlRmI+vWi/ zlc7LIBcA7+KbJWEYY4JUwAOSNSZ07FzqwXABfBHaV8o66WXdgYDbSm2AhzC/27oGkZwRuxARfR VxWqDdFhJuDQLjkaYd+3B+tOeqFhXbt0FfM5WF8LeiA== X-Received: by 2002:a6b:f801:: with SMTP id o1mr749808ioh.25.1592583403392; Fri, 19 Jun 2020 09:16:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyVeTZsJ6Jfk23yvMgxZOQtQxb5Tz2qkBkfMljVylVHsSPyOROQdUPee3yisE/OvbkxxVhu+Q== X-Received: by 2002:a6b:f801:: with SMTP id o1mr749787ioh.25.1592583403143; Fri, 19 Jun 2020 09:16:43 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id p25sm3648486iog.47.2020.06.19.09.16.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:42 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 16/57][B] Annotate hardware config module parameters in drivers/isdn/ Date: Fri, 19 Jun 2020 11:15:40 -0500 Message-Id: <20200619161621.644540-17-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/isdn/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Karsten Keil cc: netdev@vger.kernel.org (cherry picked from commit b9351f7e51dbbf1d850281142a55d848301d482d) Signed-off-by: Seth Forshee --- drivers/isdn/hardware/avm/b1isa.c | 4 ++-- drivers/isdn/hardware/avm/t1isa.c | 4 ++-- drivers/isdn/hisax/config.c | 10 +++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/isdn/hardware/avm/b1isa.c b/drivers/isdn/hardware/avm/b1isa.c index 31ef8130a87f..54e871a47387 100644 --- a/drivers/isdn/hardware/avm/b1isa.c +++ b/drivers/isdn/hardware/avm/b1isa.c @@ -169,8 +169,8 @@ static struct pci_dev isa_dev[MAX_CARDS]; static int io[MAX_CARDS]; static int irq[MAX_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/isdn/hardware/avm/t1isa.c b/drivers/isdn/hardware/avm/t1isa.c index 72ef18853951..9516203c735f 100644 --- a/drivers/isdn/hardware/avm/t1isa.c +++ b/drivers/isdn/hardware/avm/t1isa.c @@ -516,8 +516,8 @@ static int io[MAX_CARDS]; static int irq[MAX_CARDS]; static int cardnr[MAX_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(cardnr, int, NULL, 0); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/isdn/hisax/config.c b/drivers/isdn/hisax/config.c index bf04d2a3cf4a..30da1bc106f0 100644 --- a/drivers/isdn/hisax/config.c +++ b/drivers/isdn/hisax/config.c @@ -350,13 +350,13 @@ MODULE_AUTHOR("Karsten Keil"); MODULE_LICENSE("GPL"); module_param_array(type, int, NULL, 0); module_param_array(protocol, int, NULL, 0); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); -module_param_array(mem, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); +module_param_hw_array(mem, int, iomem, NULL, 0); module_param(id, charp, 0); #ifdef IO0_IO1 -module_param_array(io0, int, NULL, 0); -module_param_array(io1, int, NULL, 0); +module_param_hw_array(io0, int, ioport, NULL, 0); +module_param_hw_array(io1, int, ioport, NULL, 0); #endif #endif /* MODULE */ From patchwork Fri Jun 19 16:15:41 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313083 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8w5C2QzB3tk; Sat, 20 Jun 2020 02:17:36 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhs-0002vx-7H; Fri, 19 Jun 2020 16:17:32 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhA-0002Kv-EX for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:48 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh8-0003b2-Qc for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:47 +0000 Received: by mail-il1-f197.google.com with SMTP id k63so6810338ilg.17 for ; Fri, 19 Jun 2020 09:16:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=oZjnHxKTRX1BIAALuvjimTbveYb60wqvLXYE53tpma0=; b=KVoacjxB0ubivZyOKNZEcHcHNxAg8JbPaQ1yn2OwGbk2FH9qCTCxMA79Ise7ZnbOWF TXWaVBzPq0YtNIxa2sqT8itVieNc2RtGPTx5+pzYPra4wRUJvUSEB0a+6XXpKlPDzUi4 RopG68sVuBGkfqvFK6Hmbwvv5N8lHDY6BMQguZcfm5gqMA0xYWAXE5mb/W9jd2Nu401X ZlnumUFEdSPxg+Qq5lZ2E53k/iB1/RxfHBIo0GJ7+RW4mYlmglldS4XUh+k8wHNeWRIR v+6n/cKgEwhVg9nIn9+buC70Kv6AMDxU+bzGj482PfWthuoYaSFeqY1oCJY9QYVBMssg QhKQ== X-Gm-Message-State: AOAM533mE4rlrJiwx3nOyjN70FmLTS4SK3vcxiiMqr0/OfIsQ0+dpQca +8AIarIgPcqM/MkfHZOIqhAHtdIRXEKn9uy3DWmGmLFr0lqjUWxlL1UzqGvGKoZVjLNn4ufdrnZ SsvEINHcWpePeSS3GQcv6J14iUK+Pbzx6dIanXMSK0w== X-Received: by 2002:a5d:9413:: with SMTP id v19mr5330415ion.105.1592583405683; Fri, 19 Jun 2020 09:16:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxm2zjJuoxpWaIgQttM7EVxMrFmM53RvnkeNBx3u89RPNB7u+10waf39VRPSBdDmazLeZSFSA== X-Received: by 2002:a5d:9413:: with SMTP id v19mr5330282ion.105.1592583404213; Fri, 19 Jun 2020 09:16:44 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n7sm3320541ile.76.2020.06.19.09.16.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:43 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 17/57][B] Annotate hardware config module parameters in drivers/media/ Date: Fri, 19 Jun 2020 11:15:41 -0500 Message-Id: <20200619161621.644540-18-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/media/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Mauro Carvalho Chehab cc: mjpeg-users@lists.sourceforge.net cc: linux-media@vger.kernel.org (backported from commit 5a8fc6a3cebb0dde27584603c5c4b5c72c6d810f) Signed-off-by: Seth Forshee --- drivers/media/pci/zoran/zoran_card.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/media/pci/zoran/zoran_card.c b/drivers/media/pci/zoran/zoran_card.c index 1136d92af642..4dc81cca7cdb 100644 --- a/drivers/media/pci/zoran/zoran_card.c +++ b/drivers/media/pci/zoran/zoran_card.c @@ -73,7 +73,7 @@ MODULE_PARM_DESC(card, "Card type"); */ static unsigned long vidmem; /* default = 0 - Video memory base address */ -module_param(vidmem, ulong, 0444); +module_param_hw(vidmem, ulong, iomem, 0444); MODULE_PARM_DESC(vidmem, "Default video memory base address"); /* From patchwork Fri Jun 19 16:15:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313082 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8t5Gp2zB47D; Sat, 20 Jun 2020 02:17:34 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhp-0002tm-1Z; Fri, 19 Jun 2020 16:17:29 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhA-0002Kx-EY for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:48 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJh8-0003b3-TS for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:47 +0000 Received: by mail-io1-f69.google.com with SMTP id f25so255521ioh.7 for ; Fri, 19 Jun 2020 09:16:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=d+chaEpPEvOe7XOrWdcQB4G4HUo1yXAnP7ryyJDse38=; b=NjzrOjGa6Rcc6JrLRWNR9eSTlk4Bt317bA4I2+rOOwVVaYcNNqBhocGNJa0cG2d5Ne N6SciWXuglijdfupKgjT7WW4hIub+TEv2IYOBMU08DyMrMnH98E+u5dHKsg6gqz4odkb lDU4j5k2epowhXpTqyOShhpLeAvRiF7vnsHiftjO3YSqR2c7eGXHBoD+GoxoQa38LS5C S0nkvZxIcTJtbo0YdVN5wGNdT4qoCfTX7zjXO7t/eIMVpf0xMIjMMJG4B8HzH/9cdzmL EvZ5/0kMBWTLSonb4Nc2EyoR6XmfAFbaikECBLaaurDYm7JsfFURRxn/2NS+syfEPH5W +qdA== X-Gm-Message-State: AOAM533kmhmHLBHyAYU/9CtVx4UHg2kyFaCIB2uF/zl0Qg6BHv9LiuxA JKoiz/izA5C6zU4C51JsGeQq2lCeBU9XqSQACIHkHWxRvZONshsq9i7BtGX6YW8kS/wfuBYNc3j m+qVp7Ryt/WhqDvJ8ANEOAKGrsVP0oxuJfbpv63UPAg== X-Received: by 2002:a02:6a1a:: with SMTP id l26mr4553580jac.66.1592583405698; Fri, 19 Jun 2020 09:16:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwo4yfQRO2EQbUdK0E2EwKbuis+t3OZkymjJMqpz6ZYYwiU2N9zrOpb4mIoCA4NlNx4Fslygw== X-Received: by 2002:a02:6a1a:: with SMTP id l26mr4553557jac.66.1592583405415; Fri, 19 Jun 2020 09:16:45 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id o19sm1088187iob.5.2020.06.19.09.16.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:44 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 18/57][B] Annotate hardware config module parameters in drivers/misc/ Date: Fri, 19 Jun 2020 11:15:42 -0500 Message-Id: <20200619161621.644540-19-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/misc/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: Arnd Bergmann (cherry picked from commit 4f1927dcbf79f6c7c153c8ec9beeb17364649f0c) Signed-off-by: Seth Forshee --- drivers/misc/dummy-irq.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/misc/dummy-irq.c b/drivers/misc/dummy-irq.c index acbbe0390be4..76a1015d5783 100644 --- a/drivers/misc/dummy-irq.c +++ b/drivers/misc/dummy-irq.c @@ -59,6 +59,6 @@ module_exit(dummy_irq_exit); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Jiri Kosina"); -module_param(irq, uint, 0444); +module_param_hw(irq, uint, irq, 0444); MODULE_PARM_DESC(irq, "The IRQ to register for"); MODULE_DESCRIPTION("Dummy IRQ handler driver"); From patchwork Fri Jun 19 16:15:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313079 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8j54f7zB3t1; Sat, 20 Jun 2020 02:17:25 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhe-0002mp-FP; Fri, 19 Jun 2020 16:17:18 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhB-0002Ld-UO for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:50 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhA-0003bB-4a for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:48 +0000 Received: by mail-io1-f70.google.com with SMTP id l19so7189224iol.5 for ; Fri, 19 Jun 2020 09:16:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=tbI6OR9nO9H0Cyk/Yf25ljA+851AY89QAaFmaeHBgqc=; b=MKZoTCDylx3B/CK+KzRSxYxxAmPIF+E1nTgFa5qQAfjH9KHCezQ5GO10uhUhFeAzDe GEvt7UOEeBQ4i5ouZhBpwg3YQu/Nvh3mWRMUV1w00IZ/LeV0imQYktucisiLDkK/dpY5 BFndcJH0VvExx/Qs7hgA34X/F5KXyZi1jELe2eubrikk4Ne1ndQvartVO5DpKZKX/WeM XEPOG239KH/nB6MKGmO4NpAiCHmuASkSUsMwtvvvBmaQ6zr5XnnFUd3P+2c1TZXb4AQ8 BjadEOw4exoL4xCogA5fw5VNP1SrKchovRyTwk3lLVlHLIh0sMOvKaj9/V1KWTvmVPyG tgBg== X-Gm-Message-State: AOAM5319Zb9M0fIzGE3qokCjzWGbRt9COxtrSqMRr3CyT60ps3CplBNG PtnRAUm4GklqeU1jEjNeCROi2NhNQr5+m8P8Bm+N4he35owa6pxZluXFaKdY+ukDhs3Wn1IBIWk hAyzKhZv3INlPnvvC5CzmQiCgmXJfnLvtXytyWz4dtA== X-Received: by 2002:a05:6602:1408:: with SMTP id t8mr5217227iov.125.1592583406943; Fri, 19 Jun 2020 09:16:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzLyflVjlU6l4A3K3JxctPyT0sDnTxm8GzxjfvmhuIBj2LRUNLyV6ggp9FZWpfd1LW0ZmeT+g== X-Received: by 2002:a05:6602:1408:: with SMTP id t8mr5217205iov.125.1592583406715; Fri, 19 Jun 2020 09:16:46 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r10sm3464961ile.36.2020.06.19.09.16.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:46 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 19/57][B] Annotate hardware config module parameters in drivers/mmc/host/ Date: Fri, 19 Jun 2020 11:15:43 -0500 Message-Id: <20200619161621.644540-20-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/mmc/host/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Pierre Ossman cc: Ulf Hansson cc: linux-mmc@vger.kernel.org (cherry picked from commit dac562fc5ff4956d779029d2ae379e34c791f011) Signed-off-by: Seth Forshee --- drivers/mmc/host/wbsd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/mmc/host/wbsd.c b/drivers/mmc/host/wbsd.c index c3fd16d997ca..76c7f643fab5 100644 --- a/drivers/mmc/host/wbsd.c +++ b/drivers/mmc/host/wbsd.c @@ -1995,11 +1995,11 @@ static void __exit wbsd_drv_exit(void) module_init(wbsd_drv_init); module_exit(wbsd_drv_exit); #ifdef CONFIG_PNP -module_param_named(nopnp, param_nopnp, uint, 0444); +module_param_hw_named(nopnp, param_nopnp, uint, other, 0444); #endif -module_param_named(io, param_io, uint, 0444); -module_param_named(irq, param_irq, uint, 0444); -module_param_named(dma, param_dma, int, 0444); +module_param_hw_named(io, param_io, uint, ioport, 0444); +module_param_hw_named(irq, param_irq, uint, irq, 0444); +module_param_hw_named(dma, param_dma, int, dma, 0444); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pierre Ossman "); From patchwork Fri Jun 19 16:15:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313080 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8m5Vq3zB3th; Sat, 20 Jun 2020 02:17:28 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhi-0002pM-9z; Fri, 19 Jun 2020 16:17:22 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhD-0002Mq-R3 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:52 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhB-0003bG-5r for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:49 +0000 Received: by mail-io1-f72.google.com with SMTP id c5so7092935iok.18 for ; Fri, 19 Jun 2020 09:16:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=LOz31QKtwpZHTHIZ41bGny0068Zy9Jo/VOjVe5Ks4zQ=; b=gyeVRe/JwEvlrWa36lq/+rv7keKj0WlorlZYar3xngwVI6f5W9HHZZumY5vG69OAXv jL43ZU7p7ynurQYGE29R8wDMXEpeSP2DH6VkhKyoeRwnveKPZ4Vu7iFcGE+UIMiJphHp BEEWQmG38nx2XBhzmEuYzFfRr1RGxEs1cs5Sn7mTS/teaciJ4zkgzephIiJrPVMQmahV gy2wj59ysNrU/+nHORonoa7tV8GTB84NXJXI6yGzpy0eYFzMzGqqYRTjNXyuPE1N2us+ N2TI2qwxhf8gTtYB62Z0K4345JMOwgJAwGbYUiF6EH2Oa/sBTLwOSnlWDnSaGy72EEPr ZifA== X-Gm-Message-State: AOAM532BagSuha3CyC9Eb7akrkqojJ5ahSUKb1/OeiCEwuLhXsbLGBNZ OsuCgAXrKydd51fV7rwyiUUqOaNQogIlnozjQN04nQQRR7yr+PKdG1OdHk1dUMC4HRwlBelMXnU ERyktMcr/MdG0mTFJpbVsgsUrs/W8pxlWdvIYgzbWOA== X-Received: by 2002:a05:6602:2c8b:: with SMTP id i11mr5093254iow.139.1592583408076; Fri, 19 Jun 2020 09:16:48 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzNiStytX1XkxCTMrOKl/NQBjoF2Cb8fyl873yQqt4nGJbw4ZU3X1HgNcGeFam+rOfE49bvQA== X-Received: by 2002:a05:6602:2c8b:: with SMTP id i11mr5093234iow.139.1592583407827; Fri, 19 Jun 2020 09:16:47 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x18sm3293405ilq.46.2020.06.19.09.16.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:47 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 20/57][B] Annotate hardware config module parameters in drivers/net/appletalk/ Date: Fri, 19 Jun 2020 11:15:44 -0500 Message-Id: <20200619161621.644540-21-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/appletalk/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Arnaldo Carvalho de Melo cc: netdev@vger.kernel.org (cherry picked from commit 6621f85d79775f71de9623fdfc9135fc494d6863) Signed-off-by: Seth Forshee --- drivers/net/appletalk/cops.c | 6 +++--- drivers/net/appletalk/ltpc.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/net/appletalk/cops.c b/drivers/net/appletalk/cops.c index 7f2a032c354c..f50e87944f2e 100644 --- a/drivers/net/appletalk/cops.c +++ b/drivers/net/appletalk/cops.c @@ -986,9 +986,9 @@ static int cops_close(struct net_device *dev) static struct net_device *cops_dev; MODULE_LICENSE("GPL"); -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(board_type, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(board_type, int, other, 0); static int __init cops_module_init(void) { diff --git a/drivers/net/appletalk/ltpc.c b/drivers/net/appletalk/ltpc.c index 01e2ac55c137..ac755d2950a6 100644 --- a/drivers/net/appletalk/ltpc.c +++ b/drivers/net/appletalk/ltpc.c @@ -1231,9 +1231,9 @@ static struct net_device *dev_ltpc; MODULE_LICENSE("GPL"); module_param(debug, int, 0); -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(dma, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(dma, int, dma, 0); static int __init ltpc_module_init(void) From patchwork Fri Jun 19 16:15:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313102 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPB31qHDzB47H; Sat, 20 Jun 2020 02:18:35 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJio-0003ev-Dd; Fri, 19 Jun 2020 16:18:30 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhF-0002OB-87 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:53 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhC-0003bQ-Px for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:50 +0000 Received: by mail-io1-f69.google.com with SMTP id j9so5199403iog.1 for ; Fri, 19 Jun 2020 09:16:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EAAy2jsyO/x+py6Ttd3XgcKs2zdMfVXyxg2ZwvdpDoU=; b=fNrxVSvVoqq8gmJnRZBx/3wroWheD3uU3Yf9msDdglyX7zICmFLbrgfGmmbS8vGvVM Y4hK6+7gcvmESiNNSa8aNPW0qJIClzxDCCSQdu7K9IEC/ZPeJE0RxFRQ5xwz0EIeNc1c 64jC1zayLl3OhEY4CM2iSVW9wjWSykOOoAyDc2g4V9ukGf03ruMLT1vvOEbo+gPD65FY SR9lZhrmXufuOoH/9ctTxdoF4/Pl3/JaYlQDW6+599wUusAllhz9zTjFMY0TQKhfoMTl IUdhs2/SuguXKs9haWsk6BHtRR+0C35Hwjzn4h6u3XdHmYqhkXMWsErnw7LuqVlQiWBZ g3cg== X-Gm-Message-State: AOAM5330K8yAqF4JYVh+ttfQsav47idp1dtvJRBNahVJHwLmQQgfx9oC J/YsGsTR4f/kBchPXTWDRQHsNGqsDYzg8ONOZHWfLB3I4W8D0c8oKrnK1cSusY1V+W7j9sjvEV8 xtXMx1F2frkCKpnQGWDh8h3RyEJQqHVGOEL3iFpUbMQ== X-Received: by 2002:a02:30cf:: with SMTP id q198mr4337944jaq.103.1592583409273; Fri, 19 Jun 2020 09:16:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyrab+GJ1KQ5kx4yHTKjLrdJcxYweqLQL29G3VAe3Lo0QXUDeb4zbfqmBHFra4KKhNguggiRw== X-Received: by 2002:a02:30cf:: with SMTP id q198mr4337929jaq.103.1592583408986; Fri, 19 Jun 2020 09:16:48 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id d71sm3502137ill.9.2020.06.19.09.16.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:48 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 21/57][B] Annotate hardware config module parameters in drivers/net/arcnet/ Date: Fri, 19 Jun 2020 11:15:45 -0500 Message-Id: <20200619161621.644540-22-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/arcnet/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Michael Grzeschik cc: netdev@vger.kernel.org (cherry picked from commit 06a5128a29b3d67fadff5d9593d79b815d8b34d8) Signed-off-by: Seth Forshee --- drivers/net/arcnet/com20020-isa.c | 4 ++-- drivers/net/arcnet/com90io.c | 4 ++-- drivers/net/arcnet/com90xx.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/net/arcnet/com20020-isa.c b/drivers/net/arcnet/com20020-isa.c index b9e9931353b2..38fa60ddaf2e 100644 --- a/drivers/net/arcnet/com20020-isa.c +++ b/drivers/net/arcnet/com20020-isa.c @@ -129,8 +129,8 @@ static int clockp = 0; static int clockm = 0; module_param(node, int, 0); -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param_string(device, device, sizeof(device), 0); module_param(timeout, int, 0); module_param(backplane, int, 0); diff --git a/drivers/net/arcnet/com90io.c b/drivers/net/arcnet/com90io.c index b57863df5bf5..4e56aaf2b984 100644 --- a/drivers/net/arcnet/com90io.c +++ b/drivers/net/arcnet/com90io.c @@ -347,8 +347,8 @@ static int io; /* use the insmod io= irq= shmem= options */ static int irq; static char device[9]; /* use eg. device=arc1 to change name */ -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param_string(device, device, sizeof(device), 0); MODULE_LICENSE("GPL"); diff --git a/drivers/net/arcnet/com90xx.c b/drivers/net/arcnet/com90xx.c index 0d9b45ff1bb2..7cbdfca6d189 100644 --- a/drivers/net/arcnet/com90xx.c +++ b/drivers/net/arcnet/com90xx.c @@ -88,8 +88,8 @@ static int irq; static int shmem; static char device[9]; /* use eg. device=arc1 to change name */ -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param(shmem, int, 0); module_param_string(device, device, sizeof(device), 0); From patchwork Fri Jun 19 16:15:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313081 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP8r35r7zB47H; Sat, 20 Jun 2020 02:17:32 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhl-0002re-Vf; Fri, 19 Jun 2020 16:17:26 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhF-0002OR-OM for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:53 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhD-0003bU-Fs for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:51 +0000 Received: by mail-io1-f72.google.com with SMTP id g3so7148320ioc.20 for ; Fri, 19 Jun 2020 09:16:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Jr+ltGGcvLqJABwXgglZ8VVpMNwMHnI1YYW3tqv3Xsc=; b=pIyPUVCsk0+qEN3fmnHwBBR023xT+GwhhzhQ11xIkxUGaIvCN6vQX6VrJuvHkcQbSR KgSsYyNliaG/MgTkdS6IvJrHuDWI8n0xIDEXxq5obeTRdL8JNeBb+IzR27EXSqMhpx2b IK7dSC8z492axoxOfIAMreCJdhCz29JAU1LQYKUn0aD9+XK3ZfoXUPcbCuVdaT2fpE77 Zc0JQwGuH0zcZN+DFLhztr4d1W4BcuttkYZezumYgBdz/YwQHUQO9K2wrn2KbgAXi18T i+waeA6U9IwUC9SrvPedA7ZeVY4JfoijN/XeXymGttF5WmPqdItwsJrdy80+UhV0lfYe VYRQ== X-Gm-Message-State: AOAM533/GvNbi4DUHAihb2XMolmsowxBH5w3QpgMKTxFg7qCJpmVic7t X+oj+/VJs4xkCskrnm7nIqzkQhVgMI82XDb5YLnd4BsdKvL0uFvGofxPe4iib0603JuZcR51cos 54L3ltbonREToS4G2KMe5j/xzUFM+yqgcrD/avLFW1Q== X-Received: by 2002:a05:6602:2004:: with SMTP id y4mr5138447iod.130.1592583410370; Fri, 19 Jun 2020 09:16:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxdM4y7bJIY0+Nb4l9IeLrEM9V+BybEieIgtNKXGIdQUeg2aBDU8vOWvmdAgEkR+Bm6w+yIHQ== X-Received: by 2002:a05:6602:2004:: with SMTP id y4mr5138419iod.130.1592583410082; Fri, 19 Jun 2020 09:16:50 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id s26sm3482298ilb.81.2020.06.19.09.16.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:49 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 22/57][B] Annotate hardware config module parameters in drivers/net/can/ Date: Fri, 19 Jun 2020 11:15:46 -0500 Message-Id: <20200619161621.644540-23-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/can/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Marc Kleine-Budde cc: Wolfgang Grandegger cc: linux-can@vger.kernel.org cc: netdev@vger.kernel.org (cherry picked from commit e43f2c52a07793cb97e4a963a5b90d4af311c3d5) Signed-off-by: Seth Forshee --- drivers/net/can/cc770/cc770_isa.c | 8 ++++---- drivers/net/can/sja1000/sja1000_isa.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/drivers/net/can/cc770/cc770_isa.c b/drivers/net/can/cc770/cc770_isa.c index e0d15711e9ac..3a30fd3b4498 100644 --- a/drivers/net/can/cc770/cc770_isa.c +++ b/drivers/net/can/cc770/cc770_isa.c @@ -82,16 +82,16 @@ static u8 cor[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; static u8 bcr[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; static int indirect[MAXDEV] = {[0 ... (MAXDEV - 1)] = -1}; -module_param_array(port, ulong, NULL, S_IRUGO); +module_param_hw_array(port, ulong, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(port, "I/O port number"); -module_param_array(mem, ulong, NULL, S_IRUGO); +module_param_hw_array(mem, ulong, iomem, NULL, S_IRUGO); MODULE_PARM_DESC(mem, "I/O memory address"); -module_param_array(indirect, int, NULL, S_IRUGO); +module_param_hw_array(indirect, int, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(indirect, "Indirect access via address and data port"); -module_param_array(irq, int, NULL, S_IRUGO); +module_param_hw_array(irq, int, irq, NULL, S_IRUGO); MODULE_PARM_DESC(irq, "IRQ number"); module_param_array(clk, int, NULL, S_IRUGO); diff --git a/drivers/net/can/sja1000/sja1000_isa.c b/drivers/net/can/sja1000/sja1000_isa.c index e97e6d35b300..a89c1e92554d 100644 --- a/drivers/net/can/sja1000/sja1000_isa.c +++ b/drivers/net/can/sja1000/sja1000_isa.c @@ -48,16 +48,16 @@ static unsigned char ocr[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; static int indirect[MAXDEV] = {[0 ... (MAXDEV - 1)] = -1}; static spinlock_t indirect_lock[MAXDEV]; /* lock for indirect access mode */ -module_param_array(port, ulong, NULL, S_IRUGO); +module_param_hw_array(port, ulong, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(port, "I/O port number"); -module_param_array(mem, ulong, NULL, S_IRUGO); +module_param_hw_array(mem, ulong, iomem, NULL, S_IRUGO); MODULE_PARM_DESC(mem, "I/O memory address"); -module_param_array(indirect, int, NULL, S_IRUGO); +module_param_hw_array(indirect, int, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(indirect, "Indirect access via address and data port"); -module_param_array(irq, int, NULL, S_IRUGO); +module_param_hw_array(irq, int, irq, NULL, S_IRUGO); MODULE_PARM_DESC(irq, "IRQ number"); module_param_array(clk, int, NULL, S_IRUGO); From patchwork Fri Jun 19 16:15:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313084 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP920V0CzB46t; Sat, 20 Jun 2020 02:17:42 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhu-0002yH-12; Fri, 19 Jun 2020 16:17:34 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhG-0002PF-OD for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:54 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhE-0003bo-My for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:52 +0000 Received: by mail-il1-f200.google.com with SMTP id w65so6799492ilk.14 for ; Fri, 19 Jun 2020 09:16:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ITGfBKCLXhUTcBEiWFZy+NDWQ7nCiOs9WP7/uK6Psi8=; b=ISy0FzDptHqO0/N2T6a+JjvvUQp0ZxIcDGvcJeIpvQjpNOyOuBf0JCcuj+9pyIp6xd yO4HTjv8ib1nT1CrnrzpTbo+9jqX5f+v3GI1tj5a3Dw9l4jQ6/l3oVBjlW9V4TVMOkGQ RNoXPacNlmqmXCnFg2X4yYq8+z3DtHe2NjL5mYa+fC6PC1ZQpS3TCPhOndHG8Jtijjlm qp0r/DhT3y/rxzfuUGnfHNiodBdaPffByr5Niev0QBWDfF7oK1KryToiLsvD2XFGHE6+ TXZSXa4jtiHaEMWPwzaxA+/K3F24NtG8J/0szju9iaXRuwX8O7cBdsS4N0z/lYPWASqC 0umg== X-Gm-Message-State: AOAM533QEsmSpC0LmulIUIJai/7k+3umXpx57KGQBn4wfE79sl+3/x0f Ge1zbsZBbShEnuG1RbNdICtkMAuivfOYyeSMEFfHZWIE3ejfW6ysCjcTSBZIzegdzE1XJ1nCaEC TwmQh/a8F8TC5Gx+D+O5cfsdfpbGMBSnAGCDdL7SIvw== X-Received: by 2002:a92:d151:: with SMTP id t17mr4583441ilg.197.1592583411545; Fri, 19 Jun 2020 09:16:51 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxbYUtfar1jIsc0iQ0d0nZT0EXwlDrIQQ2nAmgZLTdWvTUiphP7zpPx7e+TDGzR0jkucTknYQ== X-Received: by 2002:a92:d151:: with SMTP id t17mr4583420ilg.197.1592583411237; Fri, 19 Jun 2020 09:16:51 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id h14sm3344070ilo.10.2020.06.19.09.16.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:50 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 23/57][B] Annotate hardware config module parameters in drivers/net/ethernet/ Date: Fri, 19 Jun 2020 11:15:47 -0500 Message-Id: <20200619161621.644540-24-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/ethernet/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Steffen Klassert cc: Jaroslav Kysela cc: netdev@vger.kernel.org cc: linux-parisc@vger.kernel.org (cherry picked from commit df29840815a6aaa6a1ab8d85d7745a1a6fc25de0) Signed-off-by: Seth Forshee --- drivers/net/ethernet/3com/3c509.c | 2 +- drivers/net/ethernet/3com/3c59x.c | 4 ++-- drivers/net/ethernet/8390/ne.c | 4 ++-- drivers/net/ethernet/8390/smc-ultra.c | 4 ++-- drivers/net/ethernet/8390/wd.c | 8 ++++---- drivers/net/ethernet/amd/lance.c | 6 +++--- drivers/net/ethernet/amd/ni65.c | 6 +++--- drivers/net/ethernet/cirrus/cs89x0.c | 6 +++--- drivers/net/ethernet/dec/tulip/de4x5.c | 2 +- drivers/net/ethernet/hp/hp100.c | 2 +- drivers/net/ethernet/realtek/atp.c | 4 ++-- drivers/net/ethernet/smsc/smc9194.c | 4 ++-- 12 files changed, 26 insertions(+), 26 deletions(-) diff --git a/drivers/net/ethernet/3com/3c509.c b/drivers/net/ethernet/3com/3c509.c index 7677c745fb30..c1111eeb189b 100644 --- a/drivers/net/ethernet/3com/3c509.c +++ b/drivers/net/ethernet/3com/3c509.c @@ -1369,7 +1369,7 @@ el3_resume(struct device *pdev) #endif /* CONFIG_PM */ module_param(debug,int, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(max_interrupt_work, int, 0); MODULE_PARM_DESC(debug, "debug level (0-6)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/net/ethernet/3com/3c59x.c b/drivers/net/ethernet/3com/3c59x.c index 1c5f3b273e6a..92b90624d913 100644 --- a/drivers/net/ethernet/3com/3c59x.c +++ b/drivers/net/ethernet/3com/3c59x.c @@ -813,8 +813,8 @@ module_param(global_enable_wol, int, 0); module_param_array(enable_wol, int, NULL, 0); module_param(rx_copybreak, int, 0); module_param(max_interrupt_work, int, 0); -module_param(compaq_ioaddr, int, 0); -module_param(compaq_irq, int, 0); +module_param_hw(compaq_ioaddr, int, ioport, 0); +module_param_hw(compaq_irq, int, irq, 0); module_param(compaq_device_id, int, 0); module_param(watchdog, int, 0); module_param(global_use_mmio, int, 0); diff --git a/drivers/net/ethernet/8390/ne.c b/drivers/net/ethernet/8390/ne.c index c063b410a163..66f47987e2a2 100644 --- a/drivers/net/ethernet/8390/ne.c +++ b/drivers/net/ethernet/8390/ne.c @@ -74,8 +74,8 @@ static int bad[MAX_NE_CARDS]; static u32 ne_msg_enable; #ifdef MODULE -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(bad, int, NULL, 0); module_param_named(msg_enable, ne_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); MODULE_PARM_DESC(io, "I/O base address(es),required"); diff --git a/drivers/net/ethernet/8390/smc-ultra.c b/drivers/net/ethernet/8390/smc-ultra.c index 139385dcdaa7..c5dbf6938a4e 100644 --- a/drivers/net/ethernet/8390/smc-ultra.c +++ b/drivers/net/ethernet/8390/smc-ultra.c @@ -562,8 +562,8 @@ static struct net_device *dev_ultra[MAX_ULTRA_CARDS]; static int io[MAX_ULTRA_CARDS]; static int irq[MAX_ULTRA_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_named(msg_enable, ultra_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/net/ethernet/8390/wd.c b/drivers/net/ethernet/8390/wd.c index dd7d816bde52..e16deef661e3 100644 --- a/drivers/net/ethernet/8390/wd.c +++ b/drivers/net/ethernet/8390/wd.c @@ -504,10 +504,10 @@ static int irq[MAX_WD_CARDS]; static int mem[MAX_WD_CARDS]; static int mem_end[MAX_WD_CARDS]; /* for non std. mem size */ -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); -module_param_array(mem, int, NULL, 0); -module_param_array(mem_end, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); +module_param_hw_array(mem, int, iomem, NULL, 0); +module_param_hw_array(mem_end, int, iomem, NULL, 0); module_param_named(msg_enable, wd_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (ignored for PureData boards)"); diff --git a/drivers/net/ethernet/amd/lance.c b/drivers/net/ethernet/amd/lance.c index 256f590f6bb1..2b5f16131a51 100644 --- a/drivers/net/ethernet/amd/lance.c +++ b/drivers/net/ethernet/amd/lance.c @@ -318,9 +318,9 @@ static int io[MAX_CARDS]; static int dma[MAX_CARDS]; static int irq[MAX_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(dma, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(lance_debug, int, 0); MODULE_PARM_DESC(io, "LANCE/PCnet I/O base address(es),required"); MODULE_PARM_DESC(dma, "LANCE/PCnet ISA DMA channel (ignored for some devices)"); diff --git a/drivers/net/ethernet/amd/ni65.c b/drivers/net/ethernet/amd/ni65.c index 1cf33addd15e..f33def497e6c 100644 --- a/drivers/net/ethernet/amd/ni65.c +++ b/drivers/net/ethernet/amd/ni65.c @@ -1228,9 +1228,9 @@ static void set_multicast_list(struct net_device *dev) #ifdef MODULE static struct net_device *dev_ni65; -module_param(irq, int, 0); -module_param(io, int, 0); -module_param(dma, int, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(dma, int, dma, 0); MODULE_PARM_DESC(irq, "ni6510 IRQ number (ignored for some cards)"); MODULE_PARM_DESC(io, "ni6510 I/O base address"); MODULE_PARM_DESC(dma, "ni6510 ISA DMA channel (ignored for some cards)"); diff --git a/drivers/net/ethernet/cirrus/cs89x0.c b/drivers/net/ethernet/cirrus/cs89x0.c index 60383040d6c6..8a13680115ee 100644 --- a/drivers/net/ethernet/cirrus/cs89x0.c +++ b/drivers/net/ethernet/cirrus/cs89x0.c @@ -1703,12 +1703,12 @@ static int use_dma; /* These generate unused var warnings if ALLOW_DMA = 0 */ static int dma; static int dmasize = 16; /* or 64 */ -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param(debug, int, 0); module_param_string(media, media, sizeof(media), 0); module_param(duplex, int, 0); -module_param(dma , int, 0); +module_param_hw(dma , int, dma, 0); module_param(dmasize , int, 0); module_param(use_dma , int, 0); MODULE_PARM_DESC(io, "cs89x0 I/O base address"); diff --git a/drivers/net/ethernet/dec/tulip/de4x5.c b/drivers/net/ethernet/dec/tulip/de4x5.c index 7799cf33cc6e..3ea4e8bbb2d0 100644 --- a/drivers/net/ethernet/dec/tulip/de4x5.c +++ b/drivers/net/ethernet/dec/tulip/de4x5.c @@ -1015,7 +1015,7 @@ static int compact_infoblock(struct net_device *dev, u_char count, u_char *p static int io=0x0;/* EDIT THIS LINE FOR YOUR CONFIGURATION IF NEEDED */ -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); module_param(de4x5_debug, int, 0); module_param(dec_only, int, 0); module_param(args, charp, 0); diff --git a/drivers/net/ethernet/hp/hp100.c b/drivers/net/ethernet/hp/hp100.c index 884aa809baac..e1e066a89369 100644 --- a/drivers/net/ethernet/hp/hp100.c +++ b/drivers/net/ethernet/hp/hp100.c @@ -2968,7 +2968,7 @@ MODULE_DESCRIPTION("HP CASCADE Architecture Driver for 100VG-AnyLan Network Adap #define HP100_DEVICES 5 /* Parameters set by insmod */ static int hp100_port[HP100_DEVICES] = { 0, [1 ... (HP100_DEVICES-1)] = -1 }; -module_param_array(hp100_port, int, NULL, 0); +module_param_hw_array(hp100_port, int, ioport, NULL, 0); /* List of devices */ static struct net_device *hp100_devlist[HP100_DEVICES]; diff --git a/drivers/net/ethernet/realtek/atp.c b/drivers/net/ethernet/realtek/atp.c index d77d60ea8202..b01ebd79cbb2 100644 --- a/drivers/net/ethernet/realtek/atp.c +++ b/drivers/net/ethernet/realtek/atp.c @@ -151,8 +151,8 @@ MODULE_LICENSE("GPL"); module_param(max_interrupt_work, int, 0); module_param(debug, int, 0); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(xcvr, int, NULL, 0); MODULE_PARM_DESC(max_interrupt_work, "ATP maximum events handled per interrupt"); MODULE_PARM_DESC(debug, "ATP debug level (0-7)"); diff --git a/drivers/net/ethernet/smsc/smc9194.c b/drivers/net/ethernet/smsc/smc9194.c index 664f596971b5..baa1121ce8b8 100644 --- a/drivers/net/ethernet/smsc/smc9194.c +++ b/drivers/net/ethernet/smsc/smc9194.c @@ -1502,8 +1502,8 @@ static void smc_set_multicast_list(struct net_device *dev) static struct net_device *devSMC9194; MODULE_LICENSE("GPL"); -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param(ifport, int, 0); MODULE_PARM_DESC(io, "SMC 99194 I/O base address"); MODULE_PARM_DESC(irq, "SMC 99194 IRQ number"); From patchwork Fri Jun 19 16:15:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313085 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP966bZSzB3t1; Sat, 20 Jun 2020 02:17:46 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJhz-00032W-Ka; Fri, 19 Jun 2020 16:17:39 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhH-0002QB-NX for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:55 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhF-0003bx-Vh for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:54 +0000 Received: by mail-io1-f70.google.com with SMTP id l204so7160551ioa.4 for ; Fri, 19 Jun 2020 09:16:53 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3m9BcutPCftQjeLaUt/aYJSN8YjoSwQinFTT7E3tWgA=; b=PlQ9RV3peoKgjsx5SK2icMjHyNm0qakvDBMfSJKHDUvGRKMsjgwQVJ/QqExsDyrKvb hRg5suT2sNJO0G34ELB5MEClbQaRVSK7/U19qkrF6qYFzIgORaEqE2dg5OVMRSiquPEK AGUe73jU86CS0HjYZqCmkrJJVeYvn+5V3S1Rx6zVnT6R28BaCvbZ7/t+msB1ygFNpFTJ nGmnTAEC3t/a1td9WBQQxUXqMIqH2TogkTCVtq9JiRGneAtqjWCymwHC7vLw9PSCjkhI tkxFtiePzAdMfPFE9sbSzP09GpBGQR3Ll0RObSJ2JZsFwjUqDTk23U/bw3HmUtDc8DWS TlYg== X-Gm-Message-State: AOAM532+rxeg/wmHJvJ5mwAvugv4U5V7NA3pnb33Z0gANYQxW1PPbWV3 NQvW2n64VGo84fAevXjovpzZ9kpgJYGe5l3hK/YlPrGTek8EKbuYZTfVB6JPll/TQeK4nRoEuFb mNWiEY7oWOYQsstEF7xRF2oaBtRjVFemqPCdCwEEdLg== X-Received: by 2002:a02:aa13:: with SMTP id r19mr4571988jam.49.1592583412869; Fri, 19 Jun 2020 09:16:52 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxb0MzGfKhB6HJOiqfmfmUlCnHXPAKFCusHAa39wWe6czghuemQTMR3rEFT+0QSKVzxjEVcPw== X-Received: by 2002:a02:aa13:: with SMTP id r19mr4571969jam.49.1592583412492; Fri, 19 Jun 2020 09:16:52 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a20sm208292ila.5.2020.06.19.09.16.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:52 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 24/57][B] Annotate hardware config module parameters in drivers/net/hamradio/ Date: Fri, 19 Jun 2020 11:15:48 -0500 Message-Id: <20200619161621.644540-25-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/hamradio/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Thomas Sailer cc: Joerg Reuter cc: linux-hams@vger.kernel.org cc: netdev@vger.kernel.org (cherry picked from commit b658e5d854d4e9015d83133a826ec734770deefb) Signed-off-by: Seth Forshee --- drivers/net/hamradio/baycom_epp.c | 2 +- drivers/net/hamradio/baycom_par.c | 2 +- drivers/net/hamradio/baycom_ser_fdx.c | 4 ++-- drivers/net/hamradio/baycom_ser_hdx.c | 4 ++-- drivers/net/hamradio/dmascc.c | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/net/hamradio/baycom_epp.c b/drivers/net/hamradio/baycom_epp.c index 72c9f1f352b4..8c5db53e8742 100644 --- a/drivers/net/hamradio/baycom_epp.c +++ b/drivers/net/hamradio/baycom_epp.c @@ -1170,7 +1170,7 @@ static int iobase[NR_PORTS] = { 0x378, }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); diff --git a/drivers/net/hamradio/baycom_par.c b/drivers/net/hamradio/baycom_par.c index acb636963e90..6f05792f6999 100644 --- a/drivers/net/hamradio/baycom_par.c +++ b/drivers/net/hamradio/baycom_par.c @@ -481,7 +481,7 @@ static int iobase[NR_PORTS] = { 0x378, }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode; eg. par96 or picpar"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); diff --git a/drivers/net/hamradio/baycom_ser_fdx.c b/drivers/net/hamradio/baycom_ser_fdx.c index 636b65c66d49..6b07ef9ca345 100644 --- a/drivers/net/hamradio/baycom_ser_fdx.c +++ b/drivers/net/hamradio/baycom_ser_fdx.c @@ -612,9 +612,9 @@ static int baud[NR_PORTS] = { [0 ... NR_PORTS-1] = 1200 }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode; * for software DCD"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "baycom irq number"); module_param_array(baud, int, NULL, 0); MODULE_PARM_DESC(baud, "baycom baud rate (300 to 4800)"); diff --git a/drivers/net/hamradio/baycom_ser_hdx.c b/drivers/net/hamradio/baycom_ser_hdx.c index f9a8976195ba..1b310493ba8a 100644 --- a/drivers/net/hamradio/baycom_ser_hdx.c +++ b/drivers/net/hamradio/baycom_ser_hdx.c @@ -642,9 +642,9 @@ static int irq[NR_PORTS] = { 4, }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode; * for software DCD"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "baycom irq number"); MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); diff --git a/drivers/net/hamradio/dmascc.c b/drivers/net/hamradio/dmascc.c index c3d377770616..bf52868aee38 100644 --- a/drivers/net/hamradio/dmascc.c +++ b/drivers/net/hamradio/dmascc.c @@ -274,7 +274,7 @@ static unsigned long rand; MODULE_AUTHOR("Klaus Kudielka"); MODULE_DESCRIPTION("Driver for high-speed SCC boards"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_LICENSE("GPL"); static void __exit dmascc_exit(void) From patchwork Fri Jun 19 16:15:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313086 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9B1ftgzB471; Sat, 20 Jun 2020 02:17:50 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJi2-00034T-Lu; Fri, 19 Jun 2020 16:17:42 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhK-0002RK-1V for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:58 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhH-0003cD-5q for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:55 +0000 Received: by mail-il1-f198.google.com with SMTP id c8so6837068ilm.5 for ; Fri, 19 Jun 2020 09:16:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uTBXWfh5orR41bUJOe7Ev59lOrAlt+upYQ0ls0b/tCI=; b=X5BKOx1pFrN4y0t0c2iCmfN4tw3qFIAq1LYfjooIKKt6e/na9hDwJn/hSn4OflGbeU E0avf3OJr6SyVkd25iRlFs0Lm0gaFH6kcNIoX+ro11Don/LYbTjBGVKsmajw02zkW0Te 6aYehihx6ozRFgGVof3ND6s8Hlg50IY9y0dEmmbr4ItBMPM1X30UUNHTPt58fji/y7Lk C+3Io2WTDFUN9yNo1v0AAwk4Z5+QJ1/HDQByZoc7ge/7kLg8uU4bL7pTt2ekysFa2Jie 8J0KyH4l5hxgXzfroFrlCdUNPZF3F6p2D6tAhlOj351lnL3EpOsNGWVavM96p3+qcvEW Yu1A== X-Gm-Message-State: AOAM531ypHcaD1g4scaRX2wformLjO7eC+QiPIHdZ0lii7Ot/oiwG8SQ 2EvmFnvU/48mEkfU6U0/i5Jq92BiCdD6mrxH5LCYB2DcRAMSn2lE/O0lR3PAamTvRXhP45k2w6o lXxdPbk5B/3iIFG1n/J3Y5iYjpqzlurdfNiMUw8HUHQ== X-Received: by 2002:a92:508:: with SMTP id q8mr4180089ile.298.1592583413908; Fri, 19 Jun 2020 09:16:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwjpjYVkcfcM7fueOX4sb1rshtflb3nXrJlVrd8wXkqoUS5n2wKq4h+FzA37r+ovWOj+nUKjQ== X-Received: by 2002:a92:508:: with SMTP id q8mr4180069ile.298.1592583413650; Fri, 19 Jun 2020 09:16:53 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y2sm3342057ilg.69.2020.06.19.09.16.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:53 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 25/57][B] Annotate hardware config module parameters in drivers/net/irda/ Date: Fri, 19 Jun 2020 11:15:49 -0500 Message-Id: <20200619161621.644540-26-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/irda/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Samuel Ortiz cc: netdev@vger.kernel.org (cherry picked from commit 4f06e652721da79e032d3ba38bc1589bd553a5fc) Signed-off-by: Seth Forshee --- drivers/net/irda/ali-ircc.c | 6 +++--- drivers/net/irda/nsc-ircc.c | 6 +++--- drivers/net/irda/smsc-ircc2.c | 10 +++++----- drivers/net/irda/w83977af_ir.c | 4 ++-- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/drivers/net/irda/ali-ircc.c b/drivers/net/irda/ali-ircc.c index 64bb44d5d867..c50ab723b850 100644 --- a/drivers/net/irda/ali-ircc.c +++ b/drivers/net/irda/ali-ircc.c @@ -2207,11 +2207,11 @@ MODULE_LICENSE("GPL"); MODULE_ALIAS("platform:" ALI_IRCC_DRIVER_NAME); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "Base I/O addresses"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ lines"); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); MODULE_PARM_DESC(dma, "DMA channels"); module_init(ali_ircc_init); diff --git a/drivers/net/irda/nsc-ircc.c b/drivers/net/irda/nsc-ircc.c index dc0dbd8dd0b5..b7f3873b13c7 100644 --- a/drivers/net/irda/nsc-ircc.c +++ b/drivers/net/irda/nsc-ircc.c @@ -2395,11 +2395,11 @@ MODULE_LICENSE("GPL"); module_param(qos_mtt_bits, int, 0); MODULE_PARM_DESC(qos_mtt_bits, "Minimum Turn Time"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "Base I/O addresses"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ lines"); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); MODULE_PARM_DESC(dma, "DMA channels"); module_param(dongle_id, int, 0); MODULE_PARM_DESC(dongle_id, "Type-id of used dongle"); diff --git a/drivers/net/irda/smsc-ircc2.c b/drivers/net/irda/smsc-ircc2.c index b455ffe8850c..f28a1fe8f9dd 100644 --- a/drivers/net/irda/smsc-ircc2.c +++ b/drivers/net/irda/smsc-ircc2.c @@ -82,24 +82,24 @@ MODULE_PARM_DESC(nopnp, "Do not use PNP to detect controller settings, defaults #define DMA_INVAL 255 static int ircc_dma = DMA_INVAL; -module_param(ircc_dma, int, 0); +module_param_hw(ircc_dma, int, dma, 0); MODULE_PARM_DESC(ircc_dma, "DMA channel"); #define IRQ_INVAL 255 static int ircc_irq = IRQ_INVAL; -module_param(ircc_irq, int, 0); +module_param_hw(ircc_irq, int, irq, 0); MODULE_PARM_DESC(ircc_irq, "IRQ line"); static int ircc_fir; -module_param(ircc_fir, int, 0); +module_param_hw(ircc_fir, int, ioport, 0); MODULE_PARM_DESC(ircc_fir, "FIR Base Address"); static int ircc_sir; -module_param(ircc_sir, int, 0); +module_param_hw(ircc_sir, int, ioport, 0); MODULE_PARM_DESC(ircc_sir, "SIR Base Address"); static int ircc_cfg; -module_param(ircc_cfg, int, 0); +module_param_hw(ircc_cfg, int, ioport, 0); MODULE_PARM_DESC(ircc_cfg, "Configuration register base address"); static int ircc_transceiver; diff --git a/drivers/net/irda/w83977af_ir.c b/drivers/net/irda/w83977af_ir.c index e8c3a8c32534..d17389117b2d 100644 --- a/drivers/net/irda/w83977af_ir.c +++ b/drivers/net/irda/w83977af_ir.c @@ -1266,9 +1266,9 @@ MODULE_LICENSE("GPL"); module_param(qos_mtt_bits, int, 0); MODULE_PARM_DESC(qos_mtt_bits, "Mimimum Turn Time"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "Base I/O addresses"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ lines"); /* From patchwork Fri Jun 19 16:15:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313087 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9D0vxnzB47T; Sat, 20 Jun 2020 02:17:52 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJi4-00036E-UT; Fri, 19 Jun 2020 16:17:45 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhK-0002S6-Qh for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:58 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhI-0003cU-Bd for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:56 +0000 Received: by mail-il1-f200.google.com with SMTP id g8so6836676ilr.1 for ; Fri, 19 Jun 2020 09:16:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+C9vfCHsfBvDtq4HNTDMkPqh6jimkPvow2uhCCNL/Z4=; b=RhUwgxUgrbRBtYAFD0zccash+HxVJmGVX/BldeDvcsGRh154DUdS3wKklifAAcI6Jz Zk2xZm8rKYJBvzzex6I/91wGpJguNlIy8GOYNfvDk4Mgqp117/CRfbHxeCv8qrZ4z2YQ 2Esq1GhlkWVlrXDddGFf5sQwzqGYid++shSY16Kgzq4e4hXwD2rr5Hv9CxZdiy4fZCpf cijDKrEr690PqOcJIma+cO+43vv9yIE3Egn+h/d/0Rx9WuJ7GXlkdhH3K8sNedoYk6z+ UN+6COualJw8gtNj9wrWk+5SAPHD9zWN1vqcYTJDP4OMyGg767LgQJIdaRMDiH2xR69N k73A== X-Gm-Message-State: AOAM531RqgSSwckZdS3BQf6bXU91w7dpmg+D2oEGiEYRMTrkL91YvoOT u5Ii3dPMOBxH1FEyEJtuY5irzevIf+HvWTVeBiHxonYQ8CVHhBsUkQxZ8NbHGlrmDnXxG233aUJ B/GHjRvDXvf1Tcpcw1x9rmm9ihjHUPh6IHEDhlpgolg== X-Received: by 2002:a05:6638:d89:: with SMTP id l9mr4420481jaj.139.1592583415155; Fri, 19 Jun 2020 09:16:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwU+vgo+DbCbc9fWqUJTqvHQfkB7UjqVvKy4fVVRb8Qj+olGkUYIaDhoZRu5pn3WF8CBPUg6w== X-Received: by 2002:a05:6638:d89:: with SMTP id l9mr4420455jaj.139.1592583414842; Fri, 19 Jun 2020 09:16:54 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t14sm3270260ilp.73.2020.06.19.09.16.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:54 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 26/57][B] Annotate hardware config module parameters in drivers/net/wan/ Date: Fri, 19 Jun 2020 11:15:50 -0500 Message-Id: <20200619161621.644540-27-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/wan/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: "Jan \"Yenya\" Kasprzak" cc: netdev@vger.kernel.org (cherry picked from commit af28a03c1b1eae4d7c97f4bd0c6326522c8a3bc9) Signed-off-by: Seth Forshee --- drivers/net/wan/cosa.c | 6 +++--- drivers/net/wan/hostess_sv11.c | 6 +++--- drivers/net/wan/sbni.c | 4 ++-- drivers/net/wan/sealevel.c | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/net/wan/cosa.c b/drivers/net/wan/cosa.c index 848ea6a399f2..18956c47cf92 100644 --- a/drivers/net/wan/cosa.c +++ b/drivers/net/wan/cosa.c @@ -232,11 +232,11 @@ static int irq[MAX_CARDS+1] = { -1, -1, -1, -1, -1, -1, 0, }; static struct class *cosa_class; #ifdef MODULE -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "The I/O bases of the COSA or SRP cards"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "The IRQ lines of the COSA or SRP cards"); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); MODULE_PARM_DESC(dma, "The DMA channels of the COSA or SRP cards"); MODULE_AUTHOR("Jan \"Yenya\" Kasprzak, "); diff --git a/drivers/net/wan/hostess_sv11.c b/drivers/net/wan/hostess_sv11.c index 3d741663fd67..4845560fd848 100644 --- a/drivers/net/wan/hostess_sv11.c +++ b/drivers/net/wan/hostess_sv11.c @@ -325,11 +325,11 @@ static void sv11_shutdown(struct z8530_dev *dev) static int io = 0x200; static int irq = 9; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "The I/O base of the Comtrol Hostess SV11 card"); -module_param(dma, int, 0); +module_param_hw(dma, int, dma, 0); MODULE_PARM_DESC(dma, "Set this to 1 to use DMA1/DMA3 for TX/RX"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "The interrupt line setting for the Comtrol Hostess SV11 card"); MODULE_AUTHOR("Alan Cox"); diff --git a/drivers/net/wan/sbni.c b/drivers/net/wan/sbni.c index 8fef8d83436d..5868fc25962c 100644 --- a/drivers/net/wan/sbni.c +++ b/drivers/net/wan/sbni.c @@ -1464,8 +1464,8 @@ set_multicast_list( struct net_device *dev ) #ifdef MODULE -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(baud, int, NULL, 0); module_param_array(rxl, int, NULL, 0); module_param_array(mac, int, NULL, 0); diff --git a/drivers/net/wan/sealevel.c b/drivers/net/wan/sealevel.c index 27860b4f5908..1d762a2d3ddc 100644 --- a/drivers/net/wan/sealevel.c +++ b/drivers/net/wan/sealevel.c @@ -364,13 +364,13 @@ static int rxdma=3; static int irq=5; static bool slow=false; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "The I/O base of the Sealevel card"); -module_param(txdma, int, 0); +module_param_hw(txdma, int, dma, 0); MODULE_PARM_DESC(txdma, "Transmit DMA channel"); -module_param(rxdma, int, 0); +module_param_hw(rxdma, int, dma, 0); MODULE_PARM_DESC(rxdma, "Receive DMA channel"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "The interrupt line setting for the SeaLevel card"); module_param(slow, bool, 0); MODULE_PARM_DESC(slow, "Set this for an older Sealevel card such as the 4012"); From patchwork Fri Jun 19 16:15:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313088 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9J54MGzB47L; Sat, 20 Jun 2020 02:17:56 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiA-00039B-9y; Fri, 19 Jun 2020 16:17:50 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhL-0002Ss-Bo for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:59 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhJ-0003ct-Do for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:57 +0000 Received: by mail-io1-f71.google.com with SMTP id d197so7178440iog.3 for ; Fri, 19 Jun 2020 09:16:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=1agq090lQWFCLnU2+tJoMpWRWYwxVgcamoAKSXr4o+g=; b=VViI73lKz7N4uOvhWkC7aVCueokYHi0cpH6EiV6Y0SDMwlm52JWLBeU5vMNaot5YBm lH4fW8Lqun3QzomUsbKNllIOdTqebwLQ/py0egRDudsye8GMDUY7isU+5lO4QmIEHSWq cZ2boGV3A6V2z6EJYEEiJ1udnfhQX8IQCzzLW/Cb4kn7dzliF6RL5654vJmBEPaJem4c 9Acq2wxjIHCADRTcvunwBQ1fl6HXJ5wJU3HpIVPCc8AZbpi6bU9/IVW9G7J0IrkX44Do q4ACzSleEEgbMNtB1ZCsdzkUJ/JbavgidFg7v+2saTz4n50pDulRbtOQ0ZOSKbA7fe0o A84A== X-Gm-Message-State: AOAM530rqQAfhK/EaZ0etxIHs8IMDEz7Q3gHKS6K0GteAxE67r3BD2+f rscd3jY+Xotk6TEkg1TJ1ruEyw0OUkgJdVVlL4bm6nJP0x/FoCUNPwNw5yAwqTfalVxRxhrmm7M yiDPNr5UmSGZYg/cnDusG7k5d1CDAzSAKNkoytkHPsg== X-Received: by 2002:a92:c0c8:: with SMTP id t8mr4602919ilf.176.1592583416276; Fri, 19 Jun 2020 09:16:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwQw7tQy+l+ySUl+VwGkpqbaqgWtFr44Fu7w3gz1oqUPCSK+XgeMdCMkdVU2MO4n18B6r5Kkw== X-Received: by 2002:a92:c0c8:: with SMTP id t8mr4602891ilf.176.1592583415973; Fri, 19 Jun 2020 09:16:55 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id c70sm3465260ila.42.2020.06.19.09.16.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:55 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 27/57][B] Annotate hardware config module parameters in drivers/net/wireless/ Date: Fri, 19 Jun 2020 11:15:51 -0500 Message-Id: <20200619161621.644540-28-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/wireless/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Kalle Valo cc: linux-wireless@vger.kernel.org cc: netdev@vger.kernel.org (cherry picked from commit 767c13e610d5775be00423c1ce046c1eb9616a21) Signed-off-by: Seth Forshee --- drivers/net/wireless/airo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/wireless/airo.c b/drivers/net/wireless/airo.c index a44496d8423a..3ea2ef19667d 100644 --- a/drivers/net/wireless/airo.c +++ b/drivers/net/wireless/airo.c @@ -246,8 +246,8 @@ MODULE_DESCRIPTION("Support for Cisco/Aironet 802.11 wireless ethernet cards. " "Direct support for ISA/PCI/MPI cards and support for PCMCIA when used with airo_cs."); MODULE_LICENSE("Dual BSD/GPL"); MODULE_SUPPORTED_DEVICE("Aironet 4500, 4800 and Cisco 340/350"); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(rates, int, NULL, 0); module_param_array(ssids, charp, NULL, 0); module_param(auto_wep, int, 0); From patchwork Fri Jun 19 16:15:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313089 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9P4kZfz9syB; Sat, 20 Jun 2020 02:18:01 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiE-0003C2-JX; Fri, 19 Jun 2020 16:17:54 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhN-0002Tu-7I for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:01 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhK-0003dD-Uh for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:16:59 +0000 Received: by mail-il1-f199.google.com with SMTP id l11so6836223ils.11 for ; Fri, 19 Jun 2020 09:16:58 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=s2iYtTgqfRjBSubgr9yQvdH+ZRxjad4Sk+zVWiOybRE=; b=KBd+P+iM7OIrPzhPav6/4arlSfCpa2XAuAnr4DAsHPU2gfOEB4q6Lv+OIkmKz25xKG tbgHyTX00avDQCE48A/vrj0peCKkgLu2zqx63jEedhU3WhDJsQxegCtu5TpotYTlfWjO /ISS9DagprkGa1MuR/r3APTGJZTb/sp5X8/GGMPi9KCvgp6tk7AtNJnACVloTKcS0Su/ PAQqrxcqFF6t8sxzEFqQDrNI3NtmuldOCUfp0glX2Q1ZkA6Tk9eVqheX3UqkxK/zDyxD JB+dglmuDMyBGDbJbSPRX9eSWj9swx5SAmbHqLRvCq/sSt6P+p5g49/FvOWlwsDlP5dG 32GA== X-Gm-Message-State: AOAM533JgRpuab5apz+A1v+kAAZA1q20eZkLly+sFRkjoirKStkbJpFU CNLer8unP8/pAUVsUqs9cFhb2dkuLwL3uw3ye9INYbrJ5W+Cr6uvHvxi6C1F0o8qaae6OvNXUgE xtoWtr06//fQGOQ1h1roZFr6HHjWeYF22HKMsFiKwIA== X-Received: by 2002:a02:cd2b:: with SMTP id h11mr4553697jaq.47.1592583417778; Fri, 19 Jun 2020 09:16:57 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxBQ+WjFz3Ajr+0ks5VQFXwbtCrTleQXqyvi8b3aS0cYcf/KiJh9M1LI0Q7LSpcIV+eIERLnQ== X-Received: by 2002:a02:cd2b:: with SMTP id h11mr4553670jaq.47.1592583417379; Fri, 19 Jun 2020 09:16:57 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id m18sm3320037ilj.11.2020.06.19.09.16.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:56 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 28/57][B] Annotate hardware config module parameters in drivers/parport/ Date: Fri, 19 Jun 2020 11:15:52 -0500 Message-Id: <20200619161621.644540-29-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/parport/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Sudip Mukherjee (cherry picked from commit c8fc074dd388112890684b614be1e58335890b27) Signed-off-by: Seth Forshee --- drivers/parport/parport_pc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/parport/parport_pc.c b/drivers/parport/parport_pc.c index 02e6485c1ed5..6520c4041bf7 100644 --- a/drivers/parport/parport_pc.c +++ b/drivers/parport/parport_pc.c @@ -3154,13 +3154,13 @@ static char *irq[PARPORT_PC_MAX_PORTS]; static char *dma[PARPORT_PC_MAX_PORTS]; MODULE_PARM_DESC(io, "Base I/O address (SPP regs)"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io_hi, "Base I/O address (ECR)"); -module_param_array(io_hi, int, NULL, 0); +module_param_hw_array(io_hi, int, ioport, NULL, 0); MODULE_PARM_DESC(irq, "IRQ line"); -module_param_array(irq, charp, NULL, 0); +module_param_hw_array(irq, charp, irq, NULL, 0); MODULE_PARM_DESC(dma, "DMA channel"); -module_param_array(dma, charp, NULL, 0); +module_param_hw_array(dma, charp, dma, NULL, 0); #if defined(CONFIG_PARPORT_PC_SUPERIO) || \ (defined(CONFIG_PARPORT_1284) && defined(CONFIG_PARPORT_PC_FIFO)) MODULE_PARM_DESC(verbose_probing, "Log chit-chat during initialisation"); From patchwork Fri Jun 19 16:15:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313090 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9V3JBDzB3th; Sat, 20 Jun 2020 02:18:06 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiJ-0003Fa-Et; Fri, 19 Jun 2020 16:17:59 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhO-0002Uf-Oz for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:02 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhM-0003du-9G for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:00 +0000 Received: by mail-il1-f197.google.com with SMTP id o4so6823855ilc.15 for ; Fri, 19 Jun 2020 09:17:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EM8bBTuEkyO2oujhTLe6kQQeeFf2IhPpwv84qkbRo70=; b=s8GPeNL1xINDcrqsz9DShApkFtNmYv1gwzp36k5c+J1evXmbMv2uI8SC0BwhKRQvhf Qs/y3nNHrEkqsob6RhpZWXHGWtv/cvl0MAnsrOCjfzHzxOucXEfX3Uz0i3q7q1vuWl9z 4kq+x8zfnVASPIGsHNcOwDaNjKR9cO80AbS4VwqNyhy3E6z2UkOJ65RmHUQXzTC+nlNk 4bO/m16kgWFuVqZYR613b8frS/QA4m5CXl5U6eHRMAWKWLX5dQb46A4zV1d2ChDlgK5V oNrise0A5b3V0JxaD496axvBosrIltrXGvOXuRSiDBgd4VyipXxNQEduOb9xFm0wo9V2 WOqw== X-Gm-Message-State: AOAM530dYjMQ+ysv5WGGH2VCGQ/PZZDr+BhtYkxL3G4dDjWL5mM7/w22 mWbwyj1gz/JWlExgzqxiftjHUqiH3kJIPFhWCXIf8dpNjjNveLDb4AWLdkH0TlH597pZjov6NH/ 4EK0fYe/r7EYLAaclxIp7IB8GkFu6GeNukyN3PggT2g== X-Received: by 2002:a02:7f0e:: with SMTP id r14mr4621473jac.8.1592583418939; Fri, 19 Jun 2020 09:16:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyEBcfDSxEaFdZ9GoOBAslub3ZxxHsiwzmSuaBtGECHTesI+j2OBlPEZ4OAXbvd/vdTjMGtpw== X-Received: by 2002:a02:7f0e:: with SMTP id r14mr4621451jac.8.1592583418592; Fri, 19 Jun 2020 09:16:58 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id q5sm3374080ile.37.2020.06.19.09.16.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:58 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 29/57][B] Annotate hardware config module parameters in drivers/pci/hotplug/ Date: Fri, 19 Jun 2020 11:15:53 -0500 Message-Id: <20200619161621.644540-30-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/pci/hotplug/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Bjorn Helgaas cc: Scott Murray cc: linux-pci@vger.kernel.org (cherry picked from commit 01b961b70dde53b3a5b5062670a19d566e67e78e) Signed-off-by: Seth Forshee --- drivers/pci/hotplug/cpcihp_generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pci/hotplug/cpcihp_generic.c b/drivers/pci/hotplug/cpcihp_generic.c index 66b7bbebe493..d92f5304d67b 100644 --- a/drivers/pci/hotplug/cpcihp_generic.c +++ b/drivers/pci/hotplug/cpcihp_generic.c @@ -220,7 +220,7 @@ module_param(first_slot, byte, 0); MODULE_PARM_DESC(first_slot, "Hotswap bus first slot number"); module_param(last_slot, byte, 0); MODULE_PARM_DESC(last_slot, "Hotswap bus last slot number"); -module_param(port, ushort, 0); +module_param_hw(port, ushort, ioport, 0); MODULE_PARM_DESC(port, "#ENUM signal I/O port"); module_param(enum_bit, uint, 0); MODULE_PARM_DESC(enum_bit, "#ENUM signal bit (0-7)"); From patchwork Fri Jun 19 16:15:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313093 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9g0rl7zB3t1; Sat, 20 Jun 2020 02:18:15 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiR-0003MI-So; Fri, 19 Jun 2020 16:18:07 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhP-0002Wn-VF for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:04 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhN-0003e5-Jv for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:01 +0000 Received: by mail-io1-f70.google.com with SMTP id l19so7189882iol.5 for ; Fri, 19 Jun 2020 09:17:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uPZL00A3olC19YonkBL+r+JbLrro800tK/FmuCV7xlY=; b=mJP6roPFpbMDAJFytGd16p+fKNTRnKKaexLKflFAtVPg3ieUXF/0QojgLqZmL7bGci QpT5JhVHbpux3XZV3rj3y1K58WdJswGDMhxyUbTxr3E49cZB2QRjorw8eIA+85apv3Io mzLdM6zhbajyqM4FOi9nRcHPZwbt4Kh1ub5RWUxvQPaUlJDABhJ5oSpUsJQqumvhznAC L5KpAlrW6VaUQ0JpejYnxfklFKE5lN8FpX/MqYpiVRRkfpZFIP6JDitgR+Iq8T82TA+7 r+Gk+YwFolyOngdVPr10Mk/r0I4d2xj5BBqquTWsHPM/HV1GueP0R8KW3n6cmKpS34Bc gSWQ== X-Gm-Message-State: AOAM530Ww2GCoS4ZW2JTy7JL+A/HwFageefNOXRaky8sOvBEe/wJ8nEj XOPgUz2j73XXlZrnjAREZ2A536ZyafBPnunUJARl9c6vHoHS2cHu2uUZAyNPQv2KV5zneCF88Jk 4NRdcTqIf0zww+xiyGBQQSxo9To/VTo05EFetKX23zw== X-Received: by 2002:a92:40dc:: with SMTP id d89mr4530650ill.170.1592583420434; Fri, 19 Jun 2020 09:17:00 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxfM72sg3Crf6mZjYdEAWP3IUetIesfQUDAHpuObDf275KJ6piP1n3q+q2KINXunNLroujlFQ== X-Received: by 2002:a92:40dc:: with SMTP id d89mr4530630ill.170.1592583420165; Fri, 19 Jun 2020 09:17:00 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id m18sm3320115ilj.11.2020.06.19.09.16.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:16:59 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 30/57][B] Annotate hardware config module parameters in drivers/pcmcia/ Date: Fri, 19 Jun 2020 11:15:54 -0500 Message-Id: <20200619161621.644540-31-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/pcmcia/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: linux-pcmcia@lists.infradead.org (cherry picked from commit 9149ba1fc2276181c7f80969d349ea25a7f9fe1f) Signed-off-by: Seth Forshee --- drivers/pcmcia/i82365.c | 8 ++++---- drivers/pcmcia/tcic.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/drivers/pcmcia/i82365.c b/drivers/pcmcia/i82365.c index eb0d80a429e4..fb38cc01859f 100644 --- a/drivers/pcmcia/i82365.c +++ b/drivers/pcmcia/i82365.c @@ -108,12 +108,12 @@ static int async_clock = -1; static int cable_mode = -1; static int wakeup = 0; -module_param(i365_base, ulong, 0444); +module_param_hw(i365_base, ulong, ioport, 0444); module_param(ignore, int, 0444); module_param(extra_sockets, int, 0444); -module_param(irq_mask, int, 0444); -module_param_array(irq_list, int, &irq_list_count, 0444); -module_param(cs_irq, int, 0444); +module_param_hw(irq_mask, int, other, 0444); +module_param_hw_array(irq_list, int, irq, &irq_list_count, 0444); +module_param_hw(cs_irq, int, irq, 0444); module_param(async_clock, int, 0444); module_param(cable_mode, int, 0444); module_param(wakeup, int, 0444); diff --git a/drivers/pcmcia/tcic.c b/drivers/pcmcia/tcic.c index 1ee63e5f0550..a1ac72d51d70 100644 --- a/drivers/pcmcia/tcic.c +++ b/drivers/pcmcia/tcic.c @@ -85,12 +85,12 @@ static int poll_quick = HZ/20; /* CCLK external clock time, in nanoseconds. 70 ns = 14.31818 MHz */ static int cycle_time = 70; -module_param(tcic_base, ulong, 0444); +module_param_hw(tcic_base, ulong, ioport, 0444); module_param(ignore, int, 0444); module_param(do_scan, int, 0444); -module_param(irq_mask, int, 0444); -module_param_array(irq_list, int, &irq_list_count, 0444); -module_param(cs_irq, int, 0444); +module_param_hw(irq_mask, int, other, 0444); +module_param_hw_array(irq_list, int, irq, &irq_list_count, 0444); +module_param_hw(cs_irq, int, irq, 0444); module_param(poll_interval, int, 0444); module_param(poll_quick, int, 0444); module_param(cycle_time, int, 0444); From patchwork Fri Jun 19 16:15:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313092 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9X739pzB47Q; Sat, 20 Jun 2020 02:18:08 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiM-0003In-TP; Fri, 19 Jun 2020 16:18:02 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhQ-0002YX-VC for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:05 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhP-0003fb-1b for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:03 +0000 Received: by mail-io1-f70.google.com with SMTP id m11so7134182ioj.14 for ; Fri, 19 Jun 2020 09:17:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6evih9eCw13bV+iTJ06y8E92Jy57NygmKyZJ5ZxTcb4=; b=C+vaLVVJDeRALTpLUgeXJPDysd/dl94cHQ0pRZv95El2wD98cK4Le2I6UDQeX8XXUq 13rEzkhvsl/YR3WNs8D3eOI55YcByIKlWrmelC6YVUlfGoMX27AY1qjort+k7EYAYHGG Blr2fIOIkW05z61Il2J0cTsXSOrXhSzHqzvxRlmG3zWIn9HD1hIRSpRKJKFYlNcedaes XcabNwFb0TOspGT5lmcKVlvLY5eUjkii8dkYt4tK4nZwGAIO4HpjXg2tOsURLhVDuCk2 Zpa6P35rEFUSXd05EFCnbAxGFsKmG2fhPea/0Ohb61eRqeOzz/GGZEepZOFNRynqcHVK 813Q== X-Gm-Message-State: AOAM5308FIRAzcHYW1p28MdZn/AduLaD56PKUqb0VoZ3JDyff4MsZ63D QCq3r1mQ13eYvAjCOtfRwtosZem64Tjj1k7pg+Iue1nFSpKnVTQdF64gJIw85NTCT9GIIq+o0K+ qKcgczlcgwYgCVeVlzP0k3uPBFeRTEAe59JGVKcKhPw== X-Received: by 2002:a6b:661a:: with SMTP id a26mr5079851ioc.197.1592583421910; Fri, 19 Jun 2020 09:17:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzYzXDBgFOufj3YALuq1UyAaiv/itSvxUntDqPT7yGoAys9xBbqhV39haeLH4aoIc5QSyF5Vg== X-Received: by 2002:a6b:661a:: with SMTP id a26mr5079823ioc.197.1592583421641; Fri, 19 Jun 2020 09:17:01 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id p10sm3289588ilm.32.2020.06.19.09.17.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:00 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 31/57][B] Annotate hardware config module parameters in drivers/scsi/ Date: Fri, 19 Jun 2020 11:15:55 -0500 Message-Id: <20200619161621.644540-32-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/scsi/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: "Juergen E. Fischer" cc: "James E.J. Bottomley" cc: "Martin K. Petersen" cc: Dario Ballabio cc: Finn Thain cc: Michael Schmitz cc: Achim Leubner cc: linux-scsi@vger.kernel.org (backported from commit 88f06b76e462119cb694c3ff13d7d343c49d2569) Signed-off-by: Seth Forshee --- drivers/scsi/aha152x.c | 4 ++-- drivers/scsi/aha1542.c | 2 +- drivers/scsi/g_NCR5380.c | 17 +++++++++++++++-- drivers/scsi/gdth.c | 2 +- drivers/scsi/qlogicfas.c | 4 ++-- 5 files changed, 21 insertions(+), 8 deletions(-) diff --git a/drivers/scsi/aha152x.c b/drivers/scsi/aha152x.c index f44d0487236e..ce5dc73d85bb 100644 --- a/drivers/scsi/aha152x.c +++ b/drivers/scsi/aha152x.c @@ -331,11 +331,11 @@ MODULE_LICENSE("GPL"); #if !defined(PCMCIA) #if defined(MODULE) static int io[] = {0, 0}; -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io,"base io address of controller"); static int irq[] = {0, 0}; -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq,"interrupt for controller"); static int scsiid[] = {7, 7}; diff --git a/drivers/scsi/aha1542.c b/drivers/scsi/aha1542.c index 5b8b2937a3fe..04e40ea98dad 100644 --- a/drivers/scsi/aha1542.c +++ b/drivers/scsi/aha1542.c @@ -31,7 +31,7 @@ module_param(isapnp, bool, 0); MODULE_PARM_DESC(isapnp, "enable PnP support (default=1)"); static int io[MAXBOARDS] = { 0x330, 0x334, 0, 0 }; -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "base IO address of controller (0x130,0x134,0x230,0x234,0x330,0x334, default=0x330,0x334)"); /* time AHA spends on the AT-bus during data transfer */ diff --git a/drivers/scsi/g_NCR5380.c b/drivers/scsi/g_NCR5380.c index 87e081f8a386..70f83281bcf9 100644 --- a/drivers/scsi/g_NCR5380.c +++ b/drivers/scsi/g_NCR5380.c @@ -75,6 +75,7 @@ #include #include "g_NCR5380.h" #include "NCR5380.h" +#include #include #include #include @@ -174,6 +175,9 @@ static int __init do_NCR5380_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_NCR5380, str, ints); return 1; @@ -192,6 +196,9 @@ static int __init do_NCR53C400_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_NCR53C400, str, ints); return 1; @@ -210,6 +217,9 @@ static int __init do_NCR53C400A_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_NCR53C400A, str, ints); return 1; @@ -228,6 +238,9 @@ static int __init do_DTC3181E_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_DTC3181E, str, ints); return 1; @@ -717,9 +730,9 @@ static struct scsi_host_template driver_template = { #include #include "scsi_module.c" -module_param(ncr_irq, int, 0); +module_param_hw(ncr_irq, int, irq, 0); module_param(ncr_dma, int, 0); -module_param(ncr_addr, int, 0); +module_param_hw(ncr_addr, int, ioport, 0); module_param(ncr_5380, int, 0); module_param(ncr_53c400, int, 0); module_param(ncr_53c400a, int, 0); diff --git a/drivers/scsi/gdth.c b/drivers/scsi/gdth.c index 71e138044379..efc2083a211f 100644 --- a/drivers/scsi/gdth.c +++ b/drivers/scsi/gdth.c @@ -353,7 +353,7 @@ static int probe_eisa_isa = 0; static int force_dma32 = 0; /* parameters for modprobe/insmod */ -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(disable, int, 0); module_param(reserve_mode, int, 0); module_param_array(reserve_list, int, NULL, 0); diff --git a/drivers/scsi/qlogicfas.c b/drivers/scsi/qlogicfas.c index 61cac87fb86f..840823b99e51 100644 --- a/drivers/scsi/qlogicfas.c +++ b/drivers/scsi/qlogicfas.c @@ -137,8 +137,8 @@ err: static struct qlogicfas408_priv *cards; static int iobase[MAX_QLOGICFAS]; static int irq[MAX_QLOGICFAS] = { [0 ... MAX_QLOGICFAS-1] = -1 }; -module_param_array(iobase, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(iobase, "I/O address"); MODULE_PARM_DESC(irq, "IRQ"); From patchwork Fri Jun 19 16:15:56 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313095 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9m1ByqzB3tp; Sat, 20 Jun 2020 02:18:18 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiW-0003QR-Ca; Fri, 19 Jun 2020 16:18:12 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhS-0002a3-9f for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:06 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhQ-0003gW-HZ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:04 +0000 Received: by mail-io1-f69.google.com with SMTP id g3so7148913ioc.20 for ; Fri, 19 Jun 2020 09:17:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VHL6SDuyGaUOiEerLfWtysP/5JzdyeTwqiohGCHg5Nc=; b=c1cGazph36QbzK1uWSpEDZyE9cS1p4Y7HitlMZHl+zah3MhqmgGxIL9tE9vPG4wuVe +BNGLE6zOQupSpLP0Pqmem9E2OtQT3lop+D7cAG/EyDOvQbhJ1CXbe4oNNYi9FqkcLK5 UuNYS2w/lzQ/6ItkZk4vE049ckVCVbt5nCNQgfLp6YRIEnK7sYwF4tL+XUSyGRLz9Mmj 1NQs6JZ1rL9xdCvBcdPrjaDjUn2hvV0bG/tno2grYqWrAk9EPydCWxkA3hWu1udFHbTK zHMfFx1DsoQizxJpTqo9jfDaspjuZvgSIfBTH5ybVK3ro8prbEi+K8LDdmjN13esbROb X8/Q== X-Gm-Message-State: AOAM532SIl8IRDJ6Eb5D06lzf6uRJ1Q+2Ze8hivsmiALWSUkw1+B6c2p oobK1t4O0oWU+y6ndMKievxgUgSpFOIwvqHo7Yh5dhDYcemZTpMN/pFx7Pj6quJ7MmRyXGACP9V XMGm4ULyidkS9Avr9vupWpt1b79IrL096lJcSmNwuVA== X-Received: by 2002:a92:6b05:: with SMTP id g5mr4204580ilc.120.1592583423299; Fri, 19 Jun 2020 09:17:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyuwSpoiPWKMWwqiLm+BR9Qe+fsFSpZr/ulQyR++lG9S+1SUHo9G9b/zqbDDH3cAidCZkLq4Q== X-Received: by 2002:a92:6b05:: with SMTP id g5mr4204560ilc.120.1592583423051; Fri, 19 Jun 2020 09:17:03 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n1sm3289624ilm.55.2020.06.19.09.17.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:02 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 32/57][B] Annotate hardware config module parameters in drivers/staging/media/ Date: Fri, 19 Jun 2020 11:15:56 -0500 Message-Id: <20200619161621.644540-33-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/staging/media/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman Acked-by: Mauro Carvalho Chehab cc: linux-media@vger.kernel.org cc: devel@driverdev.osuosl.org (cherry picked from commit 32820d8abd4d9502208697f0d26a3f8761b5868f) Signed-off-by: Seth Forshee --- drivers/staging/media/lirc/lirc_sir.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/staging/media/lirc/lirc_sir.c b/drivers/staging/media/lirc/lirc_sir.c index 4f326e97ad75..e27842e01fba 100644 --- a/drivers/staging/media/lirc/lirc_sir.c +++ b/drivers/staging/media/lirc/lirc_sir.c @@ -986,10 +986,10 @@ MODULE_AUTHOR("Milan Pikula"); #endif MODULE_LICENSE("GPL"); -module_param(io, int, S_IRUGO); +module_param_hw(io, int, ioport, S_IRUGO); MODULE_PARM_DESC(io, "I/O address base (0x3f8 or 0x2f8)"); -module_param(irq, int, S_IRUGO); +module_param_hw(irq, int, irq, S_IRUGO); MODULE_PARM_DESC(irq, "Interrupt (4 or 3)"); module_param(threshold, int, S_IRUGO); From patchwork Fri Jun 19 16:15:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313096 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9n07fhzB47R; Sat, 20 Jun 2020 02:18:21 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiZ-0003Ss-QZ; Fri, 19 Jun 2020 16:18:15 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhS-0002bW-NI for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:06 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhR-0003gy-SU for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:06 +0000 Received: by mail-io1-f70.google.com with SMTP id c5so7093840iok.18 for ; Fri, 19 Jun 2020 09:17:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7XKBQb+yfv062gRlFUoiVKu33DCw4bYaAKJygfCXe78=; b=X4sG8JuDeyuuK1uD8Zk84eAXUaKiw6ldj4KBkIpLXYxPHyeInFXidFEsrlD/tkBsLm 82A45VbrGAVMUy/v/6KJxH/Blua6YlQylZ2u7j/pUi9o6VeyElwX99Ssw3ZRdy82M8Q+ JOOnzFGJEneOzJ64pH7YZGu6VWB+Tk4LD2eHTK4A6PAr7qFCI5Z/RXqHD2wuKKXwV1RN Qi7YQ8FjJcGMzvAWHCfb+gWpTyHlItrSpwwUhkMPm8o/+zdkua0a/mdDVPYOZn9YClxR Jrc2M0o+Ucl0R0Dajrq/pXUO4xK3qp1bTZc4OPp7NfS+jcvfNW2xd11djcudFT2ce+/Y RGHA== X-Gm-Message-State: AOAM531u5oqUzPIYveH2yAwDJmbnmvgTKzLpmBmx1wjQcsj3T81iFS74 WIzH8kn9jvUwjPTOsulCnDEpHGTAXvR3VYBP/njs6fS6hkaLXVW8zOG7sY5X/PP2cuuGohh9rfB ztmNPIU5J5sYSeuKrQj2TYV7MvQR39Olhp39JsHtsjA== X-Received: by 2002:a02:3402:: with SMTP id x2mr4262864jae.11.1592583424677; Fri, 19 Jun 2020 09:17:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxluc+E5grQYMOjmja5zgnyIOsTYE5A0qZgoagBJNL9nQR0sYinjLxsR2gxliwIUsoIZ/+l5A== X-Received: by 2002:a02:3402:: with SMTP id x2mr4262846jae.11.1592583424363; Fri, 19 Jun 2020 09:17:04 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id m18sm3320217ilj.11.2020.06.19.09.17.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:03 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 33/57][B] Annotate hardware config module parameters in drivers/staging/speakup/ Date: Fri, 19 Jun 2020 11:15:57 -0500 Message-Id: <20200619161621.644540-34-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/staging/speakup/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: speakup@linux-speakup.org cc: devel@driverdev.osuosl.org (backported from commit dbf05cb05f61145069d01ca9c6a896159184af88) Signed-off-by: Seth Forshee --- drivers/staging/speakup/speakup_acntpc.c | 2 +- drivers/staging/speakup/speakup_dtlk.c | 2 +- drivers/staging/speakup/speakup_keypc.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/staging/speakup/speakup_acntpc.c b/drivers/staging/speakup/speakup_acntpc.c index f418893928ec..092e2ae8f3eb 100644 --- a/drivers/staging/speakup/speakup_acntpc.c +++ b/drivers/staging/speakup/speakup_acntpc.c @@ -312,7 +312,7 @@ static void accent_release(void) speakup_info.port_tts = 0; } -module_param_named(port, port_forced, int, S_IRUGO); +module_param_hw_named(port, port_forced, int, ioport, S_IRUGO); module_param_named(start, synth_acntpc.startup, short, S_IRUGO); MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); diff --git a/drivers/staging/speakup/speakup_dtlk.c b/drivers/staging/speakup/speakup_dtlk.c index 345efd3344b0..a888315b9e78 100644 --- a/drivers/staging/speakup/speakup_dtlk.c +++ b/drivers/staging/speakup/speakup_dtlk.c @@ -382,7 +382,7 @@ static void dtlk_release(void) speakup_info.port_tts = 0; } -module_param_named(port, port_forced, int, S_IRUGO); +module_param_hw_named(port, port_forced, int, ioport, S_IRUGO); module_param_named(start, synth_dtlk.startup, short, S_IRUGO); MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); diff --git a/drivers/staging/speakup/speakup_keypc.c b/drivers/staging/speakup/speakup_keypc.c index 6ea027365664..55c0e733a7fa 100644 --- a/drivers/staging/speakup/speakup_keypc.c +++ b/drivers/staging/speakup/speakup_keypc.c @@ -313,7 +313,7 @@ static void keynote_release(void) synth_port = 0; } -module_param_named(port, port_forced, int, S_IRUGO); +module_param_hw_named(port, port_forced, int, ioport, S_IRUGO); module_param_named(start, synth_keypc.startup, short, S_IRUGO); MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); From patchwork Fri Jun 19 16:15:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313097 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9q5nPWzB46t; Sat, 20 Jun 2020 02:18:23 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJic-0003V6-GI; Fri, 19 Jun 2020 16:18:18 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhV-0002d7-0a for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:09 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhS-0003hc-UH for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:07 +0000 Received: by mail-il1-f199.google.com with SMTP id k13so6747037ilh.23 for ; Fri, 19 Jun 2020 09:17:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KPTYc9vIjdpsDkpkdtpldOj+A1+GdmiPIHbafAmh/Dc=; b=NjlaThm7t/WJ4C5tGTHtXt5Yprb1pUlvKYjE+waSf0Mdt2qshp6IxT84FH2Fct+41t 9N9RUCrInHvAA85q3luRYPnnhQEFOghBWdx97pMR0s/hOX6rHtFLyX4rkXTNdrMuPmRo uzwIGyBHEJkRxCVU6aZV/djQDN6++YlAN4xLUcLRf0D91w0L3ypnAEZ9NbxbZLEyp0FP d8KpRBr3nDY5IFyBeGrTiHU61HRDjVYEYqS9TPuiKU3CTebe+F8+tLDH2o6g2OhwuoCf hVFjvwwqKORaPUJtblUeWOkDiP+UicKbsetFqLIB9fNQodsD4RUajsO08EENI5Uj5pxY qkCA== X-Gm-Message-State: AOAM530hSrIX4+gNkhfr8G0atx7qd+uap+bzV91F6UALWBUO4fKahjY3 czIy7JO/su6mRsofwD9N0WUEQkKSQ0Rr+CJH6Ls4/KZKxh8/K7AW1HNsb+u08WjaTBB4g4ZJyyH OfvkBHzEfk0LRZXstIwMyqYlDHzrolnQHiqqgFfa3Kw== X-Received: by 2002:a05:6e02:52e:: with SMTP id h14mr4331837ils.194.1592583425810; Fri, 19 Jun 2020 09:17:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxDw1WqvXAmFdqaH6rpPQRRA6iLWGPDP1L++i+RNUARljklMrVzF3TlGcW7bOQ0hDFIvMZnnw== X-Received: by 2002:a05:6e02:52e:: with SMTP id h14mr4331818ils.194.1592583425551; Fri, 19 Jun 2020 09:17:05 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id v16sm3344811ilo.47.2020.06.19.09.17.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:05 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 34/57][B] Annotate hardware config module parameters in drivers/staging/vme/ Date: Fri, 19 Jun 2020 11:15:58 -0500 Message-Id: <20200619161621.644540-35-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/staging/vme/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Martyn Welch cc: Manohar Vanga cc: Greg Kroah-Hartman cc: devel@driverdev.osuosl.org (backported from commit ea38fd72fb5f065e3f655d388193db3476820482) Signed-off-by: Seth Forshee --- drivers/staging/vme/devices/vme_pio2_core.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/staging/vme/devices/vme_pio2_core.c b/drivers/staging/vme/devices/vme_pio2_core.c index 35c6ce5047de..c7f068af3e58 100644 --- a/drivers/staging/vme/devices/vme_pio2_core.c +++ b/drivers/staging/vme/devices/vme_pio2_core.c @@ -478,16 +478,16 @@ static void __exit pio2_exit(void) /* These are required for each board */ MODULE_PARM_DESC(bus, "Enumeration of VMEbus to which the board is connected"); -module_param_array(bus, int, &bus_num, S_IRUGO); +module_param_hw_array(bus, int, other, &bus_num, S_IRUGO); MODULE_PARM_DESC(base, "Base VME address for PIO2 Registers"); -module_param_array(base, long, &base_num, S_IRUGO); +module_param_hw_array(base, long, other, &base_num, S_IRUGO); MODULE_PARM_DESC(vector, "VME IRQ Vector (Lower 4 bits masked)"); -module_param_array(vector, int, &vector_num, S_IRUGO); +module_param_hw_array(vector, int, other, &vector_num, S_IRUGO); MODULE_PARM_DESC(level, "VME IRQ Level"); -module_param_array(level, int, &level_num, S_IRUGO); +module_param_hw_array(level, int, other, &level_num, S_IRUGO); MODULE_PARM_DESC(variant, "Last 4 characters of PIO2 board variant"); module_param_array(variant, charp, &variant_num, S_IRUGO); From patchwork Fri Jun 19 16:15:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313098 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9x2s4DzB47J; Sat, 20 Jun 2020 02:18:29 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJig-0003Y4-PF; Fri, 19 Jun 2020 16:18:22 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhW-0002eV-H6 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:10 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhU-0003hu-Ci for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:08 +0000 Received: by mail-io1-f71.google.com with SMTP id b30so7136783ioc.8 for ; Fri, 19 Jun 2020 09:17:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=A4V+OakdM2l+jNGvM8AkxhmVias1hH9ZNoYDSfRdin8=; b=JunOZAAunD2ISsSSXMw2TgW5ZDUdllIL5y7vktyPG/WCaqt8CEyZfnl+/q/5A2VdA9 sHzTG1WGSmb5sjG+ueqsNgp7sKtsHdt0k3bQjDKbuaF7YXxzEB2aSOl31Li2bmu+C4fY QA6f6tbGlel/H341Kc3Vj4c7hjIYp5NdXSXZpUiD0pLR9KG/MMYQBROFwZ0KJoWN/5Ax etOGmidfy+IZvygdP/OvQmWLwvH0bVCE6thoI7kNEkVSs2grG9OuyLE3OfsSoN/XYfWR 0fEVHz9Kaxx9bNdbmK2zmyxNB4rFqrJuKRtiY5v4ILGVeELtrYD9j1Au9pOAyZWoW5zV Ruxw== X-Gm-Message-State: AOAM533P8MxYt/UusBHRGY71P/h2F2jXYiPiVpzTrpD1BJDw49nE3gTw EtDjfixxOFi9tbRpOdD827aaYLeMR1AdFR/YW5af9qqjrlWfvOBBXljYnTzC+kG+litBomDI2uc uIcfPzLTY7/c8H1l6v4K+ZCW3mz7aT8G8NVeg4flEAw== X-Received: by 2002:a6b:740b:: with SMTP id s11mr5218333iog.10.1592583427102; Fri, 19 Jun 2020 09:17:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyvmAPj54lQY/diZ4+kgDZMmvfDPQDc72TTT79+ysxq/MZV+54A3+mkp0bCJ/NwzSzfdXrZEQ== X-Received: by 2002:a6b:740b:: with SMTP id s11mr5218304iog.10.1592583426693; Fri, 19 Jun 2020 09:17:06 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id d11sm3692926iod.11.2020.06.19.09.17.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:06 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 35/57][B] Annotate hardware config module parameters in drivers/tty/ Date: Fri, 19 Jun 2020 11:15:59 -0500 Message-Id: <20200619161621.644540-36-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/tty/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: Jiri Slaby cc: linux-serial@vger.kernel.org (backported from commit 3b60daf86b133f0b15e3eb9b767c6c1752af2bd6) Signed-off-by: Seth Forshee --- drivers/tty/cyclades.c | 4 ++-- drivers/tty/moxa.c | 2 +- drivers/tty/mxser.c | 2 +- drivers/tty/rocket.c | 10 +++++----- drivers/tty/serial/8250/8250_core.c | 4 ++-- drivers/tty/synclink.c | 6 +++--- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/drivers/tty/cyclades.c b/drivers/tty/cyclades.c index d4a1331675ed..cfd1b7f5179c 100644 --- a/drivers/tty/cyclades.c +++ b/drivers/tty/cyclades.c @@ -158,8 +158,8 @@ static unsigned int cy_isa_addresses[] = { static long maddr[NR_CARDS]; static int irq[NR_CARDS]; -module_param_array(maddr, long, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(maddr, long, iomem, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); #endif /* CONFIG_ISA */ diff --git a/drivers/tty/moxa.c b/drivers/tty/moxa.c index 14c54e041065..2ff6a13062d8 100644 --- a/drivers/tty/moxa.c +++ b/drivers/tty/moxa.c @@ -180,7 +180,7 @@ MODULE_FIRMWARE("c320tunx.cod"); module_param_array(type, uint, NULL, 0); MODULE_PARM_DESC(type, "card type: C218=2, C320=4"); -module_param_array(baseaddr, ulong, NULL, 0); +module_param_hw_array(baseaddr, ulong, ioport, NULL, 0); MODULE_PARM_DESC(baseaddr, "base address"); module_param_array(numports, uint, NULL, 0); MODULE_PARM_DESC(numports, "numports (ignored for C218)"); diff --git a/drivers/tty/mxser.c b/drivers/tty/mxser.c index 4c4a23674569..935e9a9fb020 100644 --- a/drivers/tty/mxser.c +++ b/drivers/tty/mxser.c @@ -183,7 +183,7 @@ static int ttymajor = MXSERMAJOR; MODULE_AUTHOR("Casper Yang"); MODULE_DESCRIPTION("MOXA Smartio/Industio Family Multiport Board Device Driver"); -module_param_array(ioaddr, ulong, NULL, 0); +module_param_hw_array(ioaddr, ulong, ioport, NULL, 0); MODULE_PARM_DESC(ioaddr, "ISA io addresses to look for a moxa board"); module_param(ttymajor, int, 0); MODULE_LICENSE("GPL"); diff --git a/drivers/tty/rocket.c b/drivers/tty/rocket.c index 0d3cc3324f46..e8a65ed4bb2c 100644 --- a/drivers/tty/rocket.c +++ b/drivers/tty/rocket.c @@ -250,15 +250,15 @@ static int sReadAiopNumChan(WordIO_t io); MODULE_AUTHOR("Theodore Ts'o"); MODULE_DESCRIPTION("Comtrol RocketPort driver"); -module_param(board1, ulong, 0); +module_param_hw(board1, ulong, ioport, 0); MODULE_PARM_DESC(board1, "I/O port for (ISA) board #1"); -module_param(board2, ulong, 0); +module_param_hw(board2, ulong, ioport, 0); MODULE_PARM_DESC(board2, "I/O port for (ISA) board #2"); -module_param(board3, ulong, 0); +module_param_hw(board3, ulong, ioport, 0); MODULE_PARM_DESC(board3, "I/O port for (ISA) board #3"); -module_param(board4, ulong, 0); +module_param_hw(board4, ulong, ioport, 0); MODULE_PARM_DESC(board4, "I/O port for (ISA) board #4"); -module_param(controller, ulong, 0); +module_param_hw(controller, ulong, ioport, 0); MODULE_PARM_DESC(controller, "I/O port for (ISA) rocketport controller"); module_param(support_low_speed, bool, 0); MODULE_PARM_DESC(support_low_speed, "1 means support 50 baud, 0 means support 460400 baud"); diff --git a/drivers/tty/serial/8250/8250_core.c b/drivers/tty/serial/8250/8250_core.c index 39126460c1f5..3305b7b1e4cf 100644 --- a/drivers/tty/serial/8250/8250_core.c +++ b/drivers/tty/serial/8250/8250_core.c @@ -1173,7 +1173,7 @@ EXPORT_SYMBOL(serial8250_resume_port); MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("Generic 8250/16x50 serial driver"); -module_param(share_irqs, uint, 0644); +module_param_hw(share_irqs, uint, other, 0644); MODULE_PARM_DESC(share_irqs, "Share IRQs with other non-8250/16x50 devices" " (unsafe)"); @@ -1184,7 +1184,7 @@ module_param(skip_txen_test, uint, 0644); MODULE_PARM_DESC(skip_txen_test, "Skip checking for the TXEN bug at init time"); #ifdef CONFIG_SERIAL_8250_RSA -module_param_array(probe_rsa, ulong, &probe_rsa_count, 0444); +module_param_hw_array(probe_rsa, ulong, ioport, &probe_rsa_count, 0444); MODULE_PARM_DESC(probe_rsa, "Probe I/O ports for RSA"); #endif MODULE_ALIAS_CHARDEV_MAJOR(TTY_MAJOR); diff --git a/drivers/tty/synclink.c b/drivers/tty/synclink.c index 6188059fd523..0a4416b2ce63 100644 --- a/drivers/tty/synclink.c +++ b/drivers/tty/synclink.c @@ -869,9 +869,9 @@ static int txholdbufs[MAX_TOTAL_DEVICES]; module_param(break_on_load, bool, 0); module_param(ttymajor, int, 0); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); module_param(debug_level, int, 0); module_param_array(maxframe, int, NULL, 0); module_param_array(txdmabufs, int, NULL, 0); From patchwork Fri Jun 19 16:16:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313103 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPB461X0zB3th; Sat, 20 Jun 2020 02:18:36 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJip-0003fv-CE; Fri, 19 Jun 2020 16:18:31 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhX-0002fW-DE for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:11 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhV-0003i6-8M for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:09 +0000 Received: by mail-io1-f71.google.com with SMTP id d20so7135070iom.16 for ; Fri, 19 Jun 2020 09:17:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=n1yj+U/Z/29O6MdyC5HHnYy5jwlYDzyoyfOy+QMU4c4=; b=MS3xYa4oNnofPN2hjVhuQqZLnRAcA3Dv6N6AMMWoAh+SuBMoJxuhgkfJfVs5X8LGYL w1iaITiQWu2ndQwlNQ0xVhyI0DHVV7CGrzRxWSC0W0jZ7t40JJn0sfzIqIvGkv8Lql8s F5zdRZcrHP0B5Mp6301VSKz0c0yJEf5H6sVYFAvBCCCVbddCWdtpIZGiFSEt4rPHT2VA /xs6KJ+1ZZE4YzRH82jul9L87r0lLU7pmJ2jXzVXdEmJwtFDf2aJvBBzA6G7XOBfxV2z ZGJLzfiyCH3CwvENmKCkQTUljFkoVf7CeoZR7t1InyM+rDMyBte4qfTntpj9Lz5W7y8j BcRA== X-Gm-Message-State: AOAM530cg9dFUaYUm9T117ypQGX4yRwbQF2oMUEDTmTFrz2oNn5zjQDJ b0mS3AWcRRrZVdf8Tg+raFzAaVpvuPfkILT3Oq2pDCzZ+ug64h09f6R4p0ND9XbjLWULO2UdYdG XFDMhtCZf9Sfs0kT6qcEQPi/ziug7i41/sE3cWh8dfg== X-Received: by 2002:a6b:1d7:: with SMTP id 206mr5169914iob.138.1592583428076; Fri, 19 Jun 2020 09:17:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxEl6ahozhdBk7r98BVqURae5Mfq6NwCIwGKUNZ5oo/ZCe55BW7GDpzpF4nDr1IOPMiaCdiVQ== X-Received: by 2002:a6b:1d7:: with SMTP id 206mr5169880iob.138.1592583427768; Fri, 19 Jun 2020 09:17:07 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y5sm3804401iov.3.2020.06.19.09.17.07 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:07 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 36/57][B] Annotate hardware config module parameters in drivers/video/ Date: Fri, 19 Jun 2020 11:16:00 -0500 Message-Id: <20200619161621.644540-37-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/video/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Bartlomiej Zolnierkiewicz cc: Tomi Valkeinen cc: linux-fbdev@vger.kernel.org (cherry picked from commit c729203defa7e6672ff6a5e503066351ac3928cb) Signed-off-by: Seth Forshee --- drivers/video/fbdev/arcfb.c | 8 ++++---- drivers/video/fbdev/n411.c | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/video/fbdev/arcfb.c b/drivers/video/fbdev/arcfb.c index 1b0b233b8b39..875496d277cd 100644 --- a/drivers/video/fbdev/arcfb.c +++ b/drivers/video/fbdev/arcfb.c @@ -645,17 +645,17 @@ module_param(nosplash, uint, 0); MODULE_PARM_DESC(nosplash, "Disable doing the splash screen"); module_param(arcfb_enable, uint, 0); MODULE_PARM_DESC(arcfb_enable, "Enable communication with Arc board"); -module_param(dio_addr, ulong, 0); +module_param_hw(dio_addr, ulong, ioport, 0); MODULE_PARM_DESC(dio_addr, "IO address for data, eg: 0x480"); -module_param(cio_addr, ulong, 0); +module_param_hw(cio_addr, ulong, ioport, 0); MODULE_PARM_DESC(cio_addr, "IO address for control, eg: 0x400"); -module_param(c2io_addr, ulong, 0); +module_param_hw(c2io_addr, ulong, ioport, 0); MODULE_PARM_DESC(c2io_addr, "IO address for secondary control, eg: 0x408"); module_param(splashval, ulong, 0); MODULE_PARM_DESC(splashval, "Splash pattern: 0xFF is black, 0x00 is green"); module_param(tuhold, ulong, 0); MODULE_PARM_DESC(tuhold, "Time to hold between strobing data to Arc board"); -module_param(irq, uint, 0); +module_param_hw(irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ for the Arc board"); module_init(arcfb_init); diff --git a/drivers/video/fbdev/n411.c b/drivers/video/fbdev/n411.c index 935830fea7b6..5383d70f0ce7 100644 --- a/drivers/video/fbdev/n411.c +++ b/drivers/video/fbdev/n411.c @@ -187,11 +187,11 @@ module_exit(n411_exit); module_param(nosplash, uint, 0); MODULE_PARM_DESC(nosplash, "Disable doing the splash screen"); -module_param(dio_addr, ulong, 0); +module_param_hw(dio_addr, ulong, ioport, 0); MODULE_PARM_DESC(dio_addr, "IO address for data, eg: 0x480"); -module_param(cio_addr, ulong, 0); +module_param_hw(cio_addr, ulong, ioport, 0); MODULE_PARM_DESC(cio_addr, "IO address for control, eg: 0x400"); -module_param(c2io_addr, ulong, 0); +module_param_hw(c2io_addr, ulong, ioport, 0); MODULE_PARM_DESC(c2io_addr, "IO address for secondary control, eg: 0x408"); module_param(splashval, ulong, 0); MODULE_PARM_DESC(splashval, "Splash pattern: 0x00 is black, 0x01 is white"); From patchwork Fri Jun 19 16:16:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313104 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPB60HWZzB47g; Sat, 20 Jun 2020 02:18:38 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJir-0003ht-95; Fri, 19 Jun 2020 16:18:33 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhY-0002gX-BC for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:12 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhW-0003iG-Jp for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:10 +0000 Received: by mail-il1-f199.google.com with SMTP id l20so6789788ilk.22 for ; Fri, 19 Jun 2020 09:17:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=11T5Un3eWc003MEALTUz2mj+xWeg+uTXz9p66Wq74nE=; b=J9tMHWWHNXTRilCC+gx5uF5H7XKFwfdhEnCeOuvsnfxzWOARBaiVZFBbT0rN/USWvX SKFk5jd7UEEFYf7gQKwu8awqjIn7v4HnGN52bIOe3ivngUy8N8M2+YBrYgMEiQP/70ad kH7XSidm+9YkpzH5e1Gc34+GUa+2pCxS7b+67v1Oy5RpXGq2KR/se+m41fczSzaoZjoe ULJ50GucikaQ4E8cupggP38M+mFWWXpsNg0MUPPWleCnLZtrhi6zdVg2cvlgj+nMzI2z CRYJiwvNaOlnklG203yQp8MFYdc//q/+NTlhfu84ked2h9fS5MWSwghJjGGkoheW6i4B qy6A== X-Gm-Message-State: AOAM530D0M/OBg4J0nTgfB9jm35Mq5D7JmeMQCVSaJC3rSye7Q0qhf7A FDvbop3H+IwYSFBcI5VMiZt4co3JFdNNM9tIiXkMzuWVefGg+gVQCyakLnxiWxS6uHBeLFz8Y94 n1Irdm2Fq05/Wi5zQAYykfOiY2yDZRZMaOSVI8lnKLA== X-Received: by 2002:a02:707:: with SMTP id f7mr4316563jaf.119.1592583429316; Fri, 19 Jun 2020 09:17:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwEBmjLSLpaM3G3fJh1DeDxm8B/HzcqRslTgxF97XrgJeFBm5Neate2jFPuqsk2Hf5h/9VhpA== X-Received: by 2002:a02:707:: with SMTP id f7mr4316542jaf.119.1592583428999; Fri, 19 Jun 2020 09:17:08 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id h13sm3350736ile.18.2020.06.19.09.17.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:08 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 37/57][B] Annotate hardware config module parameters in drivers/watchdog/ Date: Fri, 19 Jun 2020 11:16:01 -0500 Message-Id: <20200619161621.644540-38-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/watchdog/. Suggested-by: Alan Cox Signed-off-by: David Howells Reviewed-by: Guenter Roeck cc: Wim Van Sebroeck cc: Zwane Mwaikambo cc: linux-watchdog@vger.kernel.org (cherry picked from commit 5d1c93ce21832825acc48595a6fec8cfdb3e1453) Signed-off-by: Seth Forshee --- drivers/watchdog/cpu5wdt.c | 2 +- drivers/watchdog/eurotechwdt.c | 4 ++-- drivers/watchdog/pc87413_wdt.c | 2 +- drivers/watchdog/sc1200wdt.c | 2 +- drivers/watchdog/wdt.c | 4 ++-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/watchdog/cpu5wdt.c b/drivers/watchdog/cpu5wdt.c index 6d03e8e30f8b..6c3f78e45c26 100644 --- a/drivers/watchdog/cpu5wdt.c +++ b/drivers/watchdog/cpu5wdt.c @@ -289,7 +289,7 @@ MODULE_DESCRIPTION("sma cpu5 watchdog driver"); MODULE_SUPPORTED_DEVICE("sma cpu5 watchdog"); MODULE_LICENSE("GPL"); -module_param(port, int, 0); +module_param_hw(port, int, ioport, 0); MODULE_PARM_DESC(port, "base address of watchdog card, default is 0x91"); module_param(verbose, int, 0); diff --git a/drivers/watchdog/eurotechwdt.c b/drivers/watchdog/eurotechwdt.c index 23ee53240c4c..38e96712264f 100644 --- a/drivers/watchdog/eurotechwdt.c +++ b/drivers/watchdog/eurotechwdt.c @@ -97,9 +97,9 @@ MODULE_PARM_DESC(nowayout, #define WDT_TIMER_CFG 0xf3 -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "Eurotech WDT io port (default=0x3f0)"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "Eurotech WDT irq (default=10)"); module_param(ev, charp, 0); MODULE_PARM_DESC(ev, "Eurotech WDT event type (default is `int')"); diff --git a/drivers/watchdog/pc87413_wdt.c b/drivers/watchdog/pc87413_wdt.c index 9f15dd9435d1..06a892e36a8d 100644 --- a/drivers/watchdog/pc87413_wdt.c +++ b/drivers/watchdog/pc87413_wdt.c @@ -579,7 +579,7 @@ MODULE_AUTHOR("Marcus Junker "); MODULE_DESCRIPTION("PC87413 WDT driver"); MODULE_LICENSE("GPL"); -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, MODNAME " I/O port (default: " __MODULE_STRING(IO_DEFAULT) ")."); diff --git a/drivers/watchdog/sc1200wdt.c b/drivers/watchdog/sc1200wdt.c index 131193a7acdf..b34d3d5ba632 100644 --- a/drivers/watchdog/sc1200wdt.c +++ b/drivers/watchdog/sc1200wdt.c @@ -88,7 +88,7 @@ MODULE_PARM_DESC(isapnp, "When set to 0 driver ISA PnP support will be disabled"); #endif -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "io port"); module_param(timeout, int, 0); MODULE_PARM_DESC(timeout, "range is 0-255 minutes, default is 1"); diff --git a/drivers/watchdog/wdt.c b/drivers/watchdog/wdt.c index e0206b5b7d89..e481fbbc4ae7 100644 --- a/drivers/watchdog/wdt.c +++ b/drivers/watchdog/wdt.c @@ -78,9 +78,9 @@ static int irq = 11; static DEFINE_SPINLOCK(wdt_lock); -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "WDT io port (default=0x240)"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "WDT irq (default=11)"); /* Support for the Fan Tachometer on the WDT501-P */ From patchwork Fri Jun 19 16:16:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313099 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pP9z67gWzB47D; Sat, 20 Jun 2020 02:18:31 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJik-0003ai-9b; Fri, 19 Jun 2020 16:18:26 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhY-0002iJ-Ra for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:12 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhX-0003iL-NS for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:11 +0000 Received: by mail-il1-f197.google.com with SMTP id o4so6824409ilc.15 for ; Fri, 19 Jun 2020 09:17:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/byXRn2eQorhDQOfN73aC0U2sAzlgB+rYd118SUhqm0=; b=UT9mFcDBKFaT58EMjluhn+UsEJ0zdznCsIFVZpCcnP8FOeNBjTegq4gjUP74SNGkNa dtvT8poPzjCIFso/bqqhHop4FFtHi+hxdmdaO95hKXPH6Po8MVbn0mEZ3qyIpTtmmXbF mKJP86dpKk8zZQMex3f5swzZ6A+DEzfLWY7P2lEl9t0V1FYXYeBFr0xtChrPlK4siVv9 U9eDM0lEaiEquFe4v2H3RcsqSnktgcmofDm+4VeB85ckbQeWp5DvyL38DiWj0+lgOs1n lOI84/qTGgK7p0echhLg9CdVwNL4POEVZxaznD5gR6VK+Tv8+qWRS/tLjwE8l1L2S4J6 PuJA== X-Gm-Message-State: AOAM5316wDH0eO+AGaWQ4ZpdKyvu9LSLeTrdO8bwL1MEABXybw1fuTxc Ce7Jj8+Wuf6k8qlrR/Lw3viEqw1Q/QLspwG1s2MeqBAEpv8N0QVfizt0egkaatrl+4mDnVtEdjR JyDXdRDFGAYLRrIk18MPPCVTawPwPkx0A5/I7HttFAA== X-Received: by 2002:a05:6e02:ec3:: with SMTP id i3mr4255836ilk.211.1592583430556; Fri, 19 Jun 2020 09:17:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx/YGrpe/5xmwCPF5Of1PIZNKsBno8xbARyRaxNaHvFpRN+89KvTFF4B3FTdJsgqaL/2RS/XQ== X-Received: by 2002:a05:6e02:ec3:: with SMTP id i3mr4255811ilk.211.1592583430283; Fri, 19 Jun 2020 09:17:10 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id l9sm3256862ili.86.2020.06.19.09.17.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:09 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 38/57][B] Annotate hardware config module parameters in fs/pstore/ Date: Fri, 19 Jun 2020 11:16:02 -0500 Message-Id: <20200619161621.644540-39-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in fs/pstore/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Kees Cook cc: Anton Vorontsov cc: Colin Cross cc: Tony Luck (backported from commit b90fe0c4e0ceb52c78c17f3cfa1ff8e79275028d) Signed-off-by: Seth Forshee --- fs/pstore/ram.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c index fa0e89edb62d..10b0302c4d57 100644 --- a/fs/pstore/ram.c +++ b/fs/pstore/ram.c @@ -56,7 +56,7 @@ module_param_named(pmsg_size, ramoops_pmsg_size, ulong, 0400); MODULE_PARM_DESC(pmsg_size, "size of user space message log"); static ulong mem_address; -module_param(mem_address, ulong, 0400); +module_param_hw(mem_address, ulong, other, 0400); MODULE_PARM_DESC(mem_address, "start of reserved RAM used to store oops/panic logs"); From patchwork Fri Jun 19 16:16:03 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313105 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPB92rsQzB3ts; Sat, 20 Jun 2020 02:18:41 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJit-0003lN-W3; Fri, 19 Jun 2020 16:18:36 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhb-0002jr-0S for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:15 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhZ-0003iR-0m for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:13 +0000 Received: by mail-io1-f71.google.com with SMTP id f25so256769ioh.7 for ; Fri, 19 Jun 2020 09:17:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zPM9hT0O2bmDi1Bk5oa0hhHcnIT+iOnulvS8mpfyWzM=; b=gNQWaYy+NYuuZtD1KqwkFJX05UM7lJU4IrnPTtg2dVx6VAyF0vETYqKbEK8vppZRS9 29MfWAPIsUBRrTypWi5xEvssxn8m323c1HBqk/8I3Xs4vCOKWQIUW//pcMXFVmcxokzK FZjoHBLLaSXA9y0ae64umwAhv3rTi3gYO0vX4fZbFV7R7jvBL5aTR+SEyGFKwgLAIVXJ +UbVfKxgJlwdxFWVSjDJB4Peqkl9wwAElPxavOKyrO7QTE8FYg/eCCcf4LZ5SBwiiwPG 1H25PjKOnS3I8LIVc+A9tQYPCtbC6g7q6TkEEUEf236sIKIFVkyofTe0d/iweBJfsA/Y WPZA== X-Gm-Message-State: AOAM530mOn7GBz1WwaveIivqNa5JneKmzz3jT+yYEWGjjcWamAOV6kNl 5xZ+2VXqtH9ZxJEeTUf8uPziaANyfDXu5nDx5rOSywmyZ8kJ9Vc3IBpTNs5J4Yk+jqI1ww/Sed0 7cALPp+mvgKuUl37VmUQvps8Tx/kU3d7ugNBEj8Et7w== X-Received: by 2002:a6b:7d07:: with SMTP id c7mr5159458ioq.159.1592583431812; Fri, 19 Jun 2020 09:17:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxlAG3qO5GR8Z+rK+643IQeFSxghcbsh2OJvJQu0lCF1B2rOPt7sYl+pW4wjuGMPLoPmy/Jsw== X-Received: by 2002:a6b:7d07:: with SMTP id c7mr5159431ioq.159.1592583431544; Fri, 19 Jun 2020 09:17:11 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t72sm3532933ilk.23.2020.06.19.09.17.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:11 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 39/57][B] Annotate hardware config module parameters in sound/drivers/ Date: Fri, 19 Jun 2020 11:16:03 -0500 Message-Id: <20200619161621.644540-40-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/drivers/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Takashi Iwai cc: Jaroslav Kysela cc: alsa-devel@alsa-project.org (cherry picked from commit b11ce420c5dfc966061bc20f576c85504bb69712) Signed-off-by: Seth Forshee --- sound/drivers/mpu401/mpu401.c | 4 ++-- sound/drivers/mtpav.c | 4 ++-- sound/drivers/serial-u16550.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sound/drivers/mpu401/mpu401.c b/sound/drivers/mpu401/mpu401.c index fed7e7e2177b..9b86e00d7d95 100644 --- a/sound/drivers/mpu401/mpu401.c +++ b/sound/drivers/mpu401/mpu401.c @@ -53,9 +53,9 @@ MODULE_PARM_DESC(enable, "Enable MPU-401 device."); module_param_array(pnp, bool, NULL, 0444); MODULE_PARM_DESC(pnp, "PnP detection for MPU-401 device."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for MPU-401 device."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for MPU-401 device."); module_param_array(uart_enter, bool, NULL, 0444); MODULE_PARM_DESC(uart_enter, "Issue UART_ENTER command at open."); diff --git a/sound/drivers/mtpav.c b/sound/drivers/mtpav.c index 30e8a1d5bc87..c6bab7cf4fe7 100644 --- a/sound/drivers/mtpav.c +++ b/sound/drivers/mtpav.c @@ -86,9 +86,9 @@ module_param(index, int, 0444); MODULE_PARM_DESC(index, "Index value for MotuMTPAV MIDI."); module_param(id, charp, 0444); MODULE_PARM_DESC(id, "ID string for MotuMTPAV MIDI."); -module_param(port, long, 0444); +module_param_hw(port, long, ioport, 0444); MODULE_PARM_DESC(port, "Parallel port # for MotuMTPAV MIDI."); -module_param(irq, int, 0444); +module_param_hw(irq, int, irq, 0444); MODULE_PARM_DESC(irq, "Parallel IRQ # for MotuMTPAV MIDI."); module_param(hwports, int, 0444); MODULE_PARM_DESC(hwports, "Hardware ports # for MotuMTPAV MIDI."); diff --git a/sound/drivers/serial-u16550.c b/sound/drivers/serial-u16550.c index 1927b89e1d1f..04be126fe4e6 100644 --- a/sound/drivers/serial-u16550.c +++ b/sound/drivers/serial-u16550.c @@ -84,9 +84,9 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for Serial MIDI."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable UART16550A chip."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for UART16550A chip."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for UART16550A chip."); module_param_array(speed, int, NULL, 0444); MODULE_PARM_DESC(speed, "Speed in bauds."); From patchwork Fri Jun 19 16:16:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313106 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBC5FqpzB3tp; Sat, 20 Jun 2020 02:18:43 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiw-0003o6-EG; Fri, 19 Jun 2020 16:18:38 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhc-0002kt-LV for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:16 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJha-0003if-Hs for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:14 +0000 Received: by mail-il1-f200.google.com with SMTP id q24so6789303ili.12 for ; Fri, 19 Jun 2020 09:17:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZTedMIvHO2H7/tMJzZEIFUlfhkOn1gHkVi4XloTsipo=; b=ud6/efO62QLRLWvcPcaCfOi6SsKrWgZ28vG04/knRvd+zV4vmk9mBQCThpvj92DJJx 3BMV+/AjATc/NYdBPhFvCNGfNf6AQbnaEKcoKcEy2QwsQfnlC+PxCsA1TNZRklfhtk35 fx0XpvnXG8+BzTFzSt8T2QAw/urNvgtJGbgAok3iogvPO4c1BqHXNPtIfMSj+MThIpx7 O6eNxFwSlZ8WX/M7yugl4Zm665ngJpbsavGBgZuTNyuQIxcNYXiqtHlr4yFShSRdXkKd PwrlJHXD8LrYqmUiQt+lBI1vNB3UwAWvAPYnMCIesjtAOei3Dnec/u8njKid8VTkrzyj 25SQ== X-Gm-Message-State: AOAM5323HBfSgtZjckifMlMiv6iVH6c+Hk+vDAaWf0jGgX4DPFarrK0Y PMzdgHKxaRMe04mvSh/84ghs/nl4VYuZNGUkLIS5orWMS04402H7dnrpnzyJvdWfx65hTGwNqPP KmaZxNeQx21v4hHTSv2NQkuFbWJdjgUSAqW/hhjIVdA== X-Received: by 2002:a05:6e02:c62:: with SMTP id f2mr4402421ilj.43.1592583433145; Fri, 19 Jun 2020 09:17:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy3KnCUKBcNEMu8MeaavY1zZC6NerAX3wxn4ndqjBjm6RptKEKmSrbIvIFnVA2SF7ZxNBxFUA== X-Received: by 2002:a05:6e02:c62:: with SMTP id f2mr4402388ilj.43.1592583432649; Fri, 19 Jun 2020 09:17:12 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w4sm810928ioc.23.2020.06.19.09.17.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:12 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 40/57][B] Annotate hardware config module parameters in sound/isa/ Date: Fri, 19 Jun 2020 11:16:04 -0500 Message-Id: <20200619161621.644540-41-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/isa/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Jaroslav Kysela cc: Takashi Iwai cc: alsa-devel@alsa-project.org (cherry picked from commit e992ef5705c1e154acb248869b39e0be4c003a8b) Signed-off-by: Seth Forshee --- sound/isa/ad1848/ad1848.c | 6 +++--- sound/isa/adlib.c | 2 +- sound/isa/cmi8328.c | 12 ++++++------ sound/isa/cmi8330.c | 20 ++++++++++---------- sound/isa/cs423x/cs4231.c | 12 ++++++------ sound/isa/cs423x/cs4236.c | 18 +++++++++--------- sound/isa/es1688/es1688.c | 12 ++++++------ sound/isa/es18xx.c | 12 ++++++------ sound/isa/galaxy/galaxy.c | 16 ++++++++-------- sound/isa/gus/gusclassic.c | 8 ++++---- sound/isa/gus/gusextreme.c | 16 ++++++++-------- sound/isa/gus/gusmax.c | 8 ++++---- sound/isa/gus/interwave.c | 10 +++++----- sound/isa/msnd/msnd_pinnacle.c | 20 ++++++++++---------- sound/isa/opl3sa2.c | 16 ++++++++-------- sound/isa/opti9xx/miro.c | 14 +++++++------- sound/isa/opti9xx/opti92x-ad1848.c | 14 +++++++------- sound/isa/sb/jazz16.c | 12 ++++++------ sound/isa/sb/sb16.c | 14 +++++++------- sound/isa/sb/sb8.c | 6 +++--- sound/isa/sc6000.c | 12 ++++++------ sound/isa/sscape.c | 12 ++++++------ sound/isa/wavefront/wavefront.c | 18 +++++++++--------- 23 files changed, 145 insertions(+), 145 deletions(-) diff --git a/sound/isa/ad1848/ad1848.c b/sound/isa/ad1848/ad1848.c index f159da4ec890..c1020f917b30 100644 --- a/sound/isa/ad1848/ad1848.c +++ b/sound/isa/ad1848/ad1848.c @@ -55,11 +55,11 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); module_param_array(thinkpad, bool, NULL, 0444); MODULE_PARM_DESC(thinkpad, "Enable only for the onboard CS4248 of IBM Thinkpad 360/750/755 series."); diff --git a/sound/isa/adlib.c b/sound/isa/adlib.c index 120c524bb2a0..896398ac72f5 100644 --- a/sound/isa/adlib.c +++ b/sound/isa/adlib.c @@ -27,7 +27,7 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); static int snd_adlib_match(struct device *dev, unsigned int n) diff --git a/sound/isa/cmi8328.c b/sound/isa/cmi8328.c index 2c89d95da674..1c1a01226987 100644 --- a/sound/isa/cmi8328.c +++ b/sound/isa/cmi8328.c @@ -51,18 +51,18 @@ MODULE_PARM_DESC(index, "Index value for CMI8328 soundcard."); module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for CMI8328 soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for CMI8328 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for CMI8328 driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 for CMI8328 driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 for CMI8328 driver."); -module_param_array(mpuport, long, NULL, 0444); +module_param_hw_array(mpuport, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpuport, "MPU-401 port # for CMI8328 driver."); -module_param_array(mpuirq, int, NULL, 0444); +module_param_hw_array(mpuirq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpuirq, "IRQ # for CMI8328 MPU-401 port."); #ifdef SUPPORT_JOYSTICK module_param_array(gameport, bool, NULL, 0444); diff --git a/sound/isa/cmi8330.c b/sound/isa/cmi8330.c index dfedfd85f205..f64b29ab5cc7 100644 --- a/sound/isa/cmi8330.c +++ b/sound/isa/cmi8330.c @@ -95,27 +95,27 @@ module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(sbport, long, NULL, 0444); +module_param_hw_array(sbport, long, ioport, NULL, 0444); MODULE_PARM_DESC(sbport, "Port # for CMI8330/CMI8329 SB driver."); -module_param_array(sbirq, int, NULL, 0444); +module_param_hw_array(sbirq, int, irq, NULL, 0444); MODULE_PARM_DESC(sbirq, "IRQ # for CMI8330/CMI8329 SB driver."); -module_param_array(sbdma8, int, NULL, 0444); +module_param_hw_array(sbdma8, int, dma, NULL, 0444); MODULE_PARM_DESC(sbdma8, "DMA8 for CMI8330/CMI8329 SB driver."); -module_param_array(sbdma16, int, NULL, 0444); +module_param_hw_array(sbdma16, int, dma, NULL, 0444); MODULE_PARM_DESC(sbdma16, "DMA16 for CMI8330/CMI8329 SB driver."); -module_param_array(wssport, long, NULL, 0444); +module_param_hw_array(wssport, long, ioport, NULL, 0444); MODULE_PARM_DESC(wssport, "Port # for CMI8330/CMI8329 WSS driver."); -module_param_array(wssirq, int, NULL, 0444); +module_param_hw_array(wssirq, int, irq, NULL, 0444); MODULE_PARM_DESC(wssirq, "IRQ # for CMI8330/CMI8329 WSS driver."); -module_param_array(wssdma, int, NULL, 0444); +module_param_hw_array(wssdma, int, dma, NULL, 0444); MODULE_PARM_DESC(wssdma, "DMA for CMI8330/CMI8329 WSS driver."); -module_param_array(fmport, long, NULL, 0444); +module_param_hw_array(fmport, long, ioport, NULL, 0444); MODULE_PARM_DESC(fmport, "FM port # for CMI8330/CMI8329 driver."); -module_param_array(mpuport, long, NULL, 0444); +module_param_hw_array(mpuport, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpuport, "MPU-401 port # for CMI8330/CMI8329 driver."); -module_param_array(mpuirq, int, NULL, 0444); +module_param_hw_array(mpuirq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpuirq, "IRQ # for CMI8330/CMI8329 MPU-401 port."); #ifdef CONFIG_PNP static int isa_registered; diff --git a/sound/isa/cs423x/cs4231.c b/sound/isa/cs423x/cs4231.c index 282cd75d2235..a0c6fc60bbdf 100644 --- a/sound/isa/cs423x/cs4231.c +++ b/sound/isa/cs423x/cs4231.c @@ -55,17 +55,17 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for " CRD_NAME " driver."); static int snd_cs4231_match(struct device *dev, unsigned int n) diff --git a/sound/isa/cs423x/cs4236.c b/sound/isa/cs423x/cs4236.c index c67d379cb6d6..c2063fe06966 100644 --- a/sound/isa/cs423x/cs4236.c +++ b/sound/isa/cs423x/cs4236.c @@ -98,23 +98,23 @@ MODULE_PARM_DESC(enable, "Enable " IDENT " soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "ISA PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " IDENT " driver."); -module_param_array(cport, long, NULL, 0444); +module_param_hw_array(cport, long, ioport, NULL, 0444); MODULE_PARM_DESC(cport, "Control port # for " IDENT " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " IDENT " driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for " IDENT " driver."); -module_param_array(sb_port, long, NULL, 0444); +module_param_hw_array(sb_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(sb_port, "SB port # for " IDENT " driver (optional)."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " IDENT " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " IDENT " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " IDENT " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for " IDENT " driver."); #ifdef CONFIG_PNP diff --git a/sound/isa/es1688/es1688.c b/sound/isa/es1688/es1688.c index 1901c2bb6c3b..36320e7f2789 100644 --- a/sound/isa/es1688/es1688.c +++ b/sound/isa/es1688/es1688.c @@ -71,17 +71,17 @@ module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for ES1688 driver."); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for " CRD_NAME " driver."); #ifdef CONFIG_PNP diff --git a/sound/isa/es18xx.c b/sound/isa/es18xx.c index 5094b62d8f77..0cabe2b8974f 100644 --- a/sound/isa/es18xx.c +++ b/sound/isa/es18xx.c @@ -1999,17 +1999,17 @@ MODULE_PARM_DESC(enable, "Enable ES18xx soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for ES18xx driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for ES18xx driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for ES18xx driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for ES18xx driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA 1 # for ES18xx driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA 2 # for ES18xx driver."); #ifdef CONFIG_PNP diff --git a/sound/isa/galaxy/galaxy.c b/sound/isa/galaxy/galaxy.c index 32278847884f..e644ae713406 100644 --- a/sound/isa/galaxy/galaxy.c +++ b/sound/isa/galaxy/galaxy.c @@ -53,21 +53,21 @@ static int mpu_irq[SNDRV_CARDS] = SNDRV_DEFAULT_IRQ; static int dma1[SNDRV_CARDS] = SNDRV_DEFAULT_DMA; static int dma2[SNDRV_CARDS] = SNDRV_DEFAULT_DMA; -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(wss_port, long, NULL, 0444); +module_param_hw_array(wss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(wss_port, "WSS port # for " CRD_NAME " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "Playback DMA # for " CRD_NAME " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "Capture DMA # for " CRD_NAME " driver."); /* diff --git a/sound/isa/gus/gusclassic.c b/sound/isa/gus/gusclassic.c index f0019715d82e..1194a93657c2 100644 --- a/sound/isa/gus/gusclassic.c +++ b/sound/isa/gus/gusclassic.c @@ -58,13 +58,13 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for " CRD_NAME " driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for " CRD_NAME " driver."); diff --git a/sound/isa/gus/gusextreme.c b/sound/isa/gus/gusextreme.c index 693d95f46804..d777e38a9e91 100644 --- a/sound/isa/gus/gusextreme.c +++ b/sound/isa/gus/gusextreme.c @@ -66,21 +66,21 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(gf1_port, long, NULL, 0444); +module_param_hw_array(gf1_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(gf1_port, "GF1 port # for " CRD_NAME " driver (optional)."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(gf1_irq, int, NULL, 0444); +module_param_hw_array(gf1_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(gf1_irq, "GF1 IRQ # for " CRD_NAME " driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "GF1 DMA # for " CRD_NAME " driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for " CRD_NAME " driver."); diff --git a/sound/isa/gus/gusmax.c b/sound/isa/gus/gusmax.c index 8216e8d8f017..9f5f262c7997 100644 --- a/sound/isa/gus/gusmax.c +++ b/sound/isa/gus/gusmax.c @@ -56,13 +56,13 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for GUS MAX soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable GUS MAX soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for GUS MAX driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for GUS MAX driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for GUS MAX driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for GUS MAX driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for GUS MAX driver."); diff --git a/sound/isa/gus/interwave.c b/sound/isa/gus/interwave.c index 70d0040484c8..0687b7ef3e53 100644 --- a/sound/isa/gus/interwave.c +++ b/sound/isa/gus/interwave.c @@ -92,17 +92,17 @@ MODULE_PARM_DESC(enable, "Enable InterWave soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "ISA PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for InterWave driver."); #ifdef SNDRV_STB -module_param_array(port_tc, long, NULL, 0444); +module_param_hw_array(port_tc, long, ioport, NULL, 0444); MODULE_PARM_DESC(port_tc, "Tone control (TEA6330T - i2c bus) port # for InterWave driver."); #endif -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for InterWave driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for InterWave driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for InterWave driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for InterWave driver."); diff --git a/sound/isa/msnd/msnd_pinnacle.c b/sound/isa/msnd/msnd_pinnacle.c index 2d7379dec1f0..d8ba87c4d3d0 100644 --- a/sound/isa/msnd/msnd_pinnacle.c +++ b/sound/isa/msnd/msnd_pinnacle.c @@ -801,22 +801,22 @@ MODULE_LICENSE("GPL"); MODULE_FIRMWARE(INITCODEFILE); MODULE_FIRMWARE(PERMCODEFILE); -module_param_array(io, long, NULL, S_IRUGO); +module_param_hw_array(io, long, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(io, "IO port #"); -module_param_array(irq, int, NULL, S_IRUGO); -module_param_array(mem, long, NULL, S_IRUGO); +module_param_hw_array(irq, int, irq, NULL, S_IRUGO); +module_param_hw_array(mem, long, iomem, NULL, S_IRUGO); module_param_array(write_ndelay, int, NULL, S_IRUGO); module_param(calibrate_signal, int, S_IRUGO); #ifndef MSND_CLASSIC module_param_array(digital, int, NULL, S_IRUGO); -module_param_array(cfg, long, NULL, S_IRUGO); +module_param_hw_array(cfg, long, ioport, NULL, S_IRUGO); module_param_array(reset, int, 0, S_IRUGO); -module_param_array(mpu_io, long, NULL, S_IRUGO); -module_param_array(mpu_irq, int, NULL, S_IRUGO); -module_param_array(ide_io0, long, NULL, S_IRUGO); -module_param_array(ide_io1, long, NULL, S_IRUGO); -module_param_array(ide_irq, int, NULL, S_IRUGO); -module_param_array(joystick_io, long, NULL, S_IRUGO); +module_param_hw_array(mpu_io, long, ioport, NULL, S_IRUGO); +module_param_hw_array(mpu_irq, int, irq, NULL, S_IRUGO); +module_param_hw_array(ide_io0, long, ioport, NULL, S_IRUGO); +module_param_hw_array(ide_io1, long, ioport, NULL, S_IRUGO); +module_param_hw_array(ide_irq, int, irq, NULL, S_IRUGO); +module_param_hw_array(joystick_io, long, ioport, NULL, S_IRUGO); #endif diff --git a/sound/isa/opl3sa2.c b/sound/isa/opl3sa2.c index ae133633a420..4098e3e0353d 100644 --- a/sound/isa/opl3sa2.c +++ b/sound/isa/opl3sa2.c @@ -69,21 +69,21 @@ MODULE_PARM_DESC(enable, "Enable OPL3-SA soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for OPL3-SA driver."); -module_param_array(sb_port, long, NULL, 0444); +module_param_hw_array(sb_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(sb_port, "SB port # for OPL3-SA driver."); -module_param_array(wss_port, long, NULL, 0444); +module_param_hw_array(wss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(wss_port, "WSS port # for OPL3-SA driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for OPL3-SA driver."); -module_param_array(midi_port, long, NULL, 0444); +module_param_hw_array(midi_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(midi_port, "MIDI port # for OPL3-SA driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for OPL3-SA driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for OPL3-SA driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for OPL3-SA driver."); module_param_array(opl3sa3_ymode, int, NULL, 0444); MODULE_PARM_DESC(opl3sa3_ymode, "Speaker size selection for 3D Enhancement mode: Desktop/Large Notebook/Small Notebook/HiFi."); diff --git a/sound/isa/opti9xx/miro.c b/sound/isa/opti9xx/miro.c index 7fbac24607bc..958847371c9e 100644 --- a/sound/isa/opti9xx/miro.c +++ b/sound/isa/opti9xx/miro.c @@ -69,19 +69,19 @@ module_param(index, int, 0444); MODULE_PARM_DESC(index, "Index value for miro soundcard."); module_param(id, charp, 0444); MODULE_PARM_DESC(id, "ID string for miro soundcard."); -module_param(port, long, 0444); +module_param_hw(port, long, ioport, 0444); MODULE_PARM_DESC(port, "WSS port # for miro driver."); -module_param(mpu_port, long, 0444); +module_param_hw(mpu_port, long, ioport, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for miro driver."); -module_param(fm_port, long, 0444); +module_param_hw(fm_port, long, ioport, 0444); MODULE_PARM_DESC(fm_port, "FM Port # for miro driver."); -module_param(irq, int, 0444); +module_param_hw(irq, int, irq, 0444); MODULE_PARM_DESC(irq, "WSS irq # for miro driver."); -module_param(mpu_irq, int, 0444); +module_param_hw(mpu_irq, int, irq, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 irq # for miro driver."); -module_param(dma1, int, 0444); +module_param_hw(dma1, int, dma, 0444); MODULE_PARM_DESC(dma1, "1st dma # for miro driver."); -module_param(dma2, int, 0444); +module_param_hw(dma2, int, dma, 0444); MODULE_PARM_DESC(dma2, "2nd dma # for miro driver."); module_param(wss, int, 0444); MODULE_PARM_DESC(wss, "wss mode"); diff --git a/sound/isa/opti9xx/opti92x-ad1848.c b/sound/isa/opti9xx/opti92x-ad1848.c index 6777ae84b59e..1ce1f922d6ec 100644 --- a/sound/isa/opti9xx/opti92x-ad1848.c +++ b/sound/isa/opti9xx/opti92x-ad1848.c @@ -88,20 +88,20 @@ MODULE_PARM_DESC(id, "ID string for opti9xx based soundcard."); module_param(isapnp, bool, 0444); MODULE_PARM_DESC(isapnp, "Enable ISA PnP detection for specified soundcard."); #endif -module_param(port, long, 0444); +module_param_hw(port, long, ioport, 0444); MODULE_PARM_DESC(port, "WSS port # for opti9xx driver."); -module_param(mpu_port, long, 0444); +module_param_hw(mpu_port, long, ioport, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for opti9xx driver."); -module_param(fm_port, long, 0444); +module_param_hw(fm_port, long, ioport, 0444); MODULE_PARM_DESC(fm_port, "FM port # for opti9xx driver."); -module_param(irq, int, 0444); +module_param_hw(irq, int, irq, 0444); MODULE_PARM_DESC(irq, "WSS irq # for opti9xx driver."); -module_param(mpu_irq, int, 0444); +module_param_hw(mpu_irq, int, irq, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 irq # for opti9xx driver."); -module_param(dma1, int, 0444); +module_param_hw(dma1, int, dma, 0444); MODULE_PARM_DESC(dma1, "1st dma # for opti9xx driver."); #if defined(CS4231) || defined(OPTi93X) -module_param(dma2, int, 0444); +module_param_hw(dma2, int, dma, 0444); MODULE_PARM_DESC(dma2, "2nd dma # for opti9xx driver."); #endif /* CS4231 || OPTi93X */ diff --git a/sound/isa/sb/jazz16.c b/sound/isa/sb/jazz16.c index 6b4884d052a5..13b99acb62d5 100644 --- a/sound/isa/sb/jazz16.c +++ b/sound/isa/sb/jazz16.c @@ -50,17 +50,17 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for Media Vision Jazz16 based soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Media Vision Jazz16 based soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for jazz16 driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for jazz16 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for jazz16 driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for jazz16 driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "DMA8 # for jazz16 driver."); -module_param_array(dma16, int, NULL, 0444); +module_param_hw_array(dma16, int, dma, NULL, 0444); MODULE_PARM_DESC(dma16, "DMA16 # for jazz16 driver."); #define SB_JAZZ16_WAKEUP 0xaf diff --git a/sound/isa/sb/sb16.c b/sound/isa/sb/sb16.c index 4a7d7c89808f..3b2e4f405ff2 100644 --- a/sound/isa/sb/sb16.c +++ b/sound/isa/sb/sb16.c @@ -99,21 +99,21 @@ MODULE_PARM_DESC(enable, "Enable SoundBlaster 16 soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for SB16 driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for SB16 driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for SB16 PnP driver."); #ifdef SNDRV_SBAWE_EMU8000 -module_param_array(awe_port, long, NULL, 0444); +module_param_hw_array(awe_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(awe_port, "AWE port # for SB16 PnP driver."); #endif -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for SB16 driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for SB16 driver."); -module_param_array(dma16, int, NULL, 0444); +module_param_hw_array(dma16, int, dma, NULL, 0444); MODULE_PARM_DESC(dma16, "16-bit DMA # for SB16 driver."); module_param_array(mic_agc, int, NULL, 0444); MODULE_PARM_DESC(mic_agc, "Mic Auto-Gain-Control switch."); diff --git a/sound/isa/sb/sb8.c b/sound/isa/sb/sb8.c index 0c7fe1418447..4b770fa3708a 100644 --- a/sound/isa/sb/sb8.c +++ b/sound/isa/sb/sb8.c @@ -47,11 +47,11 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for Sound Blaster soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Sound Blaster soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for SB8 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for SB8 driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for SB8 driver."); struct snd_sb8 { diff --git a/sound/isa/sc6000.c b/sound/isa/sc6000.c index 51cfa7615f72..72c8d08e7d20 100644 --- a/sound/isa/sc6000.c +++ b/sound/isa/sc6000.c @@ -64,17 +64,17 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for sc-6000 based soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable sc-6000 based soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for sc-6000 driver."); -module_param_array(mss_port, long, NULL, 0444); +module_param_hw_array(mss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mss_port, "MSS Port # for sc-6000 driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for sc-6000 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for sc-6000 driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for sc-6000 driver."); -module_param_array(dma, int, NULL, 0444); +module_param_hw_array(dma, int, dma, NULL, 0444); MODULE_PARM_DESC(dma, "DMA # for sc-6000 driver."); module_param_array(joystick, bool, NULL, 0444); MODULE_PARM_DESC(joystick, "Enable gameport."); diff --git a/sound/isa/sscape.c b/sound/isa/sscape.c index 7b248cdf06e2..2f1eab8e0ef6 100644 --- a/sound/isa/sscape.c +++ b/sound/isa/sscape.c @@ -63,22 +63,22 @@ MODULE_PARM_DESC(index, "Index number for SoundScape soundcard"); module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "Description for SoundScape card"); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for SoundScape driver."); -module_param_array(wss_port, long, NULL, 0444); +module_param_hw_array(wss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(wss_port, "WSS Port # for SoundScape driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for SoundScape driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU401 IRQ # for SoundScape driver."); -module_param_array(dma, int, NULL, 0444); +module_param_hw_array(dma, int, dma, NULL, 0444); MODULE_PARM_DESC(dma, "DMA # for SoundScape driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for SoundScape driver."); module_param_array(joystick, bool, NULL, 0444); diff --git a/sound/isa/wavefront/wavefront.c b/sound/isa/wavefront/wavefront.c index a0987a57c8a9..da4e9a85f0af 100644 --- a/sound/isa/wavefront/wavefront.c +++ b/sound/isa/wavefront/wavefront.c @@ -63,23 +63,23 @@ MODULE_PARM_DESC(enable, "Enable WaveFront soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "ISA PnP detection for WaveFront soundcards."); #endif -module_param_array(cs4232_pcm_port, long, NULL, 0444); +module_param_hw_array(cs4232_pcm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(cs4232_pcm_port, "Port # for CS4232 PCM interface."); -module_param_array(cs4232_pcm_irq, int, NULL, 0444); +module_param_hw_array(cs4232_pcm_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(cs4232_pcm_irq, "IRQ # for CS4232 PCM interface."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for CS4232 PCM interface."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for CS4232 PCM interface."); -module_param_array(cs4232_mpu_port, long, NULL, 0444); +module_param_hw_array(cs4232_mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(cs4232_mpu_port, "port # for CS4232 MPU-401 interface."); -module_param_array(cs4232_mpu_irq, int, NULL, 0444); +module_param_hw_array(cs4232_mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(cs4232_mpu_irq, "IRQ # for CS4232 MPU-401 interface."); -module_param_array(ics2115_irq, int, NULL, 0444); +module_param_hw_array(ics2115_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(ics2115_irq, "IRQ # for ICS2115."); -module_param_array(ics2115_port, long, NULL, 0444); +module_param_hw_array(ics2115_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(ics2115_port, "Port # for ICS2115."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port #."); module_param_array(use_cs4232_midi, bool, NULL, 0444); MODULE_PARM_DESC(use_cs4232_midi, "Use CS4232 MPU-401 interface (inaccessibly located inside your computer)"); From patchwork Fri Jun 19 16:16:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313101 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPB20r7mzB47d; Sat, 20 Jun 2020 02:18:34 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJim-0003cd-8k; Fri, 19 Jun 2020 16:18:28 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhd-0002lH-3g for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:17 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhb-0003iq-B0 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:15 +0000 Received: by mail-il1-f197.google.com with SMTP id y16so6799815ilm.21 for ; Fri, 19 Jun 2020 09:17:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=mnNIuJrMAYG7AOt6CDqKTlTt9fFMHiKjQf4bD4L1VTU=; b=cA/hnpPp/adSVSh5i/WoyYSqPJr0C/wblbaoSlhvgWtTmfMtF8uB4ah1gy1kAiwClT KQL9BgkUnz+zU499t5f8c76L9kHZ48iLlsOxIJR+B9KcUNliWVbJVCb7eEOci0NovSg5 ipXACYh6PyBEzcMNR4ndvNrAo5xWuKa7eKRZGK8Umggp5gIGYsJZiTRrXuBL5Sk4plAN hWEqSpJz6immOazTSdzDzNh6QdtCsdYjSJMxQPKK2cqUzs/B2UMCwH1yJQ7gDvWJh0xW n6Mca9X5hs1r0XxlEQ1YKydSXFuN/IybRvqC3y2mKpIWd52EnR5GOaLtB4uJipepOpDz L2MQ== X-Gm-Message-State: AOAM530rwRVDGLpk2PGtJxoVMSCVfGmUvEkzo1xA83ROQmeCJlosEEAw b1lvLVeRaUknnwZTxJDByPW7njVq99hhjG50rFCcEpf5v/YjN46Cdu5hVsGrCvuC9jVIVhEFdqp SbhOo8IcKPcr+WsCf3r6gU/ohk9+O2h1/C10s9be2eQ== X-Received: by 2002:a6b:3805:: with SMTP id f5mr5080803ioa.41.1592583434097; Fri, 19 Jun 2020 09:17:14 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwu1+Legn9Py3ma39hPm9t/6QDHJ4Kpo4eSSkiUG8kVZmZAId6NFuoO10KGpJ5nmtc6eGGCJQ== X-Received: by 2002:a6b:3805:: with SMTP id f5mr5080769ioa.41.1592583433797; Fri, 19 Jun 2020 09:17:13 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id s26sm3482822ilb.81.2020.06.19.09.17.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:13 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 41/57][B] Annotate hardware config module parameters in sound/oss/ Date: Fri, 19 Jun 2020 11:16:05 -0500 Message-Id: <20200619161621.644540-42-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/oss/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Jaroslav Kysela cc: Takashi Iwai cc: Andrew Veliath cc: alsa-devel@alsa-project.org (cherry picked from commit 232b0b0829fa4f22172750a6e2a36867583da285) Signed-off-by: Seth Forshee --- sound/oss/ad1848.c | 8 ++++---- sound/oss/aedsp16.c | 12 ++++++------ sound/oss/mpu401.c | 4 ++-- sound/oss/msnd_pinnacle.c | 20 ++++++++++---------- sound/oss/opl3.c | 2 +- sound/oss/pas2_card.c | 18 +++++++++--------- sound/oss/pss.c | 14 +++++++------- sound/oss/sb_card.c | 10 +++++----- sound/oss/trix.c | 18 +++++++++--------- sound/oss/uart401.c | 4 ++-- sound/oss/uart6850.c | 4 ++-- sound/oss/waveartist.c | 8 ++++---- 12 files changed, 61 insertions(+), 61 deletions(-) diff --git a/sound/oss/ad1848.c b/sound/oss/ad1848.c index 10c8de1f8d29..f43f4c4b254b 100644 --- a/sound/oss/ad1848.c +++ b/sound/oss/ad1848.c @@ -2810,10 +2810,10 @@ static int __initdata dma = -1; static int __initdata dma2 = -1; static int __initdata type = 0; -module_param(io, int, 0); /* I/O for a raw AD1848 card */ -module_param(irq, int, 0); /* IRQ to use */ -module_param(dma, int, 0); /* First DMA channel */ -module_param(dma2, int, 0); /* Second DMA channel */ +module_param_hw(io, int, ioport, 0); /* I/O for a raw AD1848 card */ +module_param_hw(irq, int, irq, 0); /* IRQ to use */ +module_param_hw(dma, int, dma, 0); /* First DMA channel */ +module_param_hw(dma2, int, dma, 0); /* Second DMA channel */ module_param(type, int, 0); /* Card type */ module_param(deskpro_xl, bool, 0); /* Special magic for Deskpro XL boxen */ module_param(deskpro_m, bool, 0); /* Special magic for Deskpro M box */ diff --git a/sound/oss/aedsp16.c b/sound/oss/aedsp16.c index 35b5912cf3f8..89427eb60b08 100644 --- a/sound/oss/aedsp16.c +++ b/sound/oss/aedsp16.c @@ -1303,17 +1303,17 @@ static int __initdata mpu_irq = -1; static int __initdata mss_base = -1; static int __initdata mpu_base = -1; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "I/O base address (0x220 0x240)"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "IRQ line (5 7 9 10 11)"); -module_param(dma, int, 0); +module_param_hw(dma, int, dma, 0); MODULE_PARM_DESC(dma, "dma line (0 1 3)"); -module_param(mpu_irq, int, 0); +module_param_hw(mpu_irq, int, irq, 0); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ line (5 7 9 10 0)"); -module_param(mss_base, int, 0); +module_param_hw(mss_base, int, ioport, 0); MODULE_PARM_DESC(mss_base, "MSS emulation I/O base address (0x530 0xE80)"); -module_param(mpu_base, int, 0); +module_param_hw(mpu_base, int, ioport, 0); MODULE_PARM_DESC(mpu_base,"MPU-401 I/O base address (0x300 0x310 0x320 0x330)"); MODULE_AUTHOR("Riccardo Facchetti "); MODULE_DESCRIPTION("Audio Excel DSP 16 Driver Version " VERSION); diff --git a/sound/oss/mpu401.c b/sound/oss/mpu401.c index 862735005b43..20e8fa46f647 100644 --- a/sound/oss/mpu401.c +++ b/sound/oss/mpu401.c @@ -1748,8 +1748,8 @@ static struct address_info cfg; static int io = -1; static int irq = -1; -module_param(irq, int, 0); -module_param(io, int, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(io, int, ioport, 0); static int __init init_mpu401(void) { diff --git a/sound/oss/msnd_pinnacle.c b/sound/oss/msnd_pinnacle.c index a8bb4a06ba6f..8e5221d15066 100644 --- a/sound/oss/msnd_pinnacle.c +++ b/sound/oss/msnd_pinnacle.c @@ -1725,22 +1725,22 @@ static int calibrate_signal __initdata = CONFIG_MSND_CALSIGNAL; #endif /* MODULE */ -module_param (io, int, 0); -module_param (irq, int, 0); -module_param (mem, int, 0); +module_param_hw (io, int, ioport, 0); +module_param_hw (irq, int, irq, 0); +module_param_hw (mem, int, iomem, 0); module_param (write_ndelay, int, 0); module_param (fifosize, int, 0); module_param (calibrate_signal, int, 0); #ifndef MSND_CLASSIC module_param (digital, bool, 0); -module_param (cfg, int, 0); +module_param_hw (cfg, int, ioport, 0); module_param (reset, int, 0); -module_param (mpu_io, int, 0); -module_param (mpu_irq, int, 0); -module_param (ide_io0, int, 0); -module_param (ide_io1, int, 0); -module_param (ide_irq, int, 0); -module_param (joystick_io, int, 0); +module_param_hw (mpu_io, int, ioport, 0); +module_param_hw (mpu_irq, int, irq, 0); +module_param_hw (ide_io0, int, ioport, 0); +module_param_hw (ide_io1, int, ioport, 0); +module_param_hw (ide_irq, int, irq, 0); +module_param_hw (joystick_io, int, ioport, 0); #endif static int __init msnd_init(void) diff --git a/sound/oss/opl3.c b/sound/oss/opl3.c index b6d19adf8f41..f0f5b5be6314 100644 --- a/sound/oss/opl3.c +++ b/sound/oss/opl3.c @@ -1200,7 +1200,7 @@ static int me; static int io = -1; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); static int __init init_opl3 (void) { diff --git a/sound/oss/pas2_card.c b/sound/oss/pas2_card.c index b07954a79536..769fca692d2a 100644 --- a/sound/oss/pas2_card.c +++ b/sound/oss/pas2_card.c @@ -383,15 +383,15 @@ static int __initdata sb_irq = -1; static int __initdata sb_dma = -1; static int __initdata sb_dma16 = -1; -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(dma, int, 0); -module_param(dma16, int, 0); - -module_param(sb_io, int, 0); -module_param(sb_irq, int, 0); -module_param(sb_dma, int, 0); -module_param(sb_dma16, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(dma, int, dma, 0); +module_param_hw(dma16, int, dma, 0); + +module_param_hw(sb_io, int, ioport, 0); +module_param_hw(sb_irq, int, irq, 0); +module_param_hw(sb_dma, int, dma, 0); +module_param_hw(sb_dma16, int, dma, 0); module_param(joystick, bool, 0); module_param(symphony, bool, 0); diff --git a/sound/oss/pss.c b/sound/oss/pss.c index 81314f9e2ccb..33c3a442e162 100644 --- a/sound/oss/pss.c +++ b/sound/oss/pss.c @@ -1139,19 +1139,19 @@ static bool pss_no_sound = 0; /* Just configure non-sound components */ static bool pss_keep_settings = 1; /* Keep hardware settings at module exit */ static char *pss_firmware = "/etc/sound/pss_synth"; -module_param(pss_io, int, 0); +module_param_hw(pss_io, int, ioport, 0); MODULE_PARM_DESC(pss_io, "Set i/o base of PSS card (probably 0x220 or 0x240)"); -module_param(mss_io, int, 0); +module_param_hw(mss_io, int, ioport, 0); MODULE_PARM_DESC(mss_io, "Set WSS (audio) i/o base (0x530, 0x604, 0xE80, 0xF40, or other. Address must end in 0 or 4 and must be from 0x100 to 0xFF4)"); -module_param(mss_irq, int, 0); +module_param_hw(mss_irq, int, irq, 0); MODULE_PARM_DESC(mss_irq, "Set WSS (audio) IRQ (3, 5, 7, 9, 10, 11, 12)"); -module_param(mss_dma, int, 0); +module_param_hw(mss_dma, int, dma, 0); MODULE_PARM_DESC(mss_dma, "Set WSS (audio) DMA (0, 1, 3)"); -module_param(mpu_io, int, 0); +module_param_hw(mpu_io, int, ioport, 0); MODULE_PARM_DESC(mpu_io, "Set MIDI i/o base (0x330 or other. Address must be on 4 location boundaries and must be from 0x100 to 0xFFC)"); -module_param(mpu_irq, int, 0); +module_param_hw(mpu_irq, int, irq, 0); MODULE_PARM_DESC(mpu_irq, "Set MIDI IRQ (3, 5, 7, 9, 10, 11, 12)"); -module_param(pss_cdrom_port, int, 0); +module_param_hw(pss_cdrom_port, int, ioport, 0); MODULE_PARM_DESC(pss_cdrom_port, "Set the PSS CDROM port i/o base (0x340 or other)"); module_param(pss_enable_joystick, bool, 0); MODULE_PARM_DESC(pss_enable_joystick, "Enables the PSS joystick port (1 to enable, 0 to disable)"); diff --git a/sound/oss/sb_card.c b/sound/oss/sb_card.c index fb5d7250de38..2a92cfe6cfe9 100644 --- a/sound/oss/sb_card.c +++ b/sound/oss/sb_card.c @@ -61,15 +61,15 @@ static int __initdata uart401 = 0; static int __initdata pnp = 0; #endif -module_param(io, int, 000); +module_param_hw(io, int, ioport, 000); MODULE_PARM_DESC(io, "Soundblaster i/o base address (0x220,0x240,0x260,0x280)"); -module_param(irq, int, 000); +module_param_hw(irq, int, irq, 000); MODULE_PARM_DESC(irq, "IRQ (5,7,9,10)"); -module_param(dma, int, 000); +module_param_hw(dma, int, dma, 000); MODULE_PARM_DESC(dma, "8-bit DMA channel (0,1,3)"); -module_param(dma16, int, 000); +module_param_hw(dma16, int, dma, 000); MODULE_PARM_DESC(dma16, "16-bit DMA channel (5,6,7)"); -module_param(mpu_io, int, 000); +module_param_hw(mpu_io, int, ioport, 000); MODULE_PARM_DESC(mpu_io, "MPU base address"); module_param(type, int, 000); MODULE_PARM_DESC(type, "You can set this to specific card type (doesn't " \ diff --git a/sound/oss/trix.c b/sound/oss/trix.c index 3c494dc93b93..a57bc635d758 100644 --- a/sound/oss/trix.c +++ b/sound/oss/trix.c @@ -413,15 +413,15 @@ static int __initdata sb_irq = -1; static int __initdata mpu_io = -1; static int __initdata mpu_irq = -1; -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(dma, int, 0); -module_param(dma2, int, 0); -module_param(sb_io, int, 0); -module_param(sb_dma, int, 0); -module_param(sb_irq, int, 0); -module_param(mpu_io, int, 0); -module_param(mpu_irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(dma, int, dma, 0); +module_param_hw(dma2, int, dma, 0); +module_param_hw(sb_io, int, ioport, 0); +module_param_hw(sb_dma, int, dma, 0); +module_param_hw(sb_irq, int, irq, 0); +module_param_hw(mpu_io, int, ioport, 0); +module_param_hw(mpu_irq, int, irq, 0); module_param(joystick, bool, 0); static int __init init_trix(void) diff --git a/sound/oss/uart401.c b/sound/oss/uart401.c index dae4d4344407..83dcc85b8688 100644 --- a/sound/oss/uart401.c +++ b/sound/oss/uart401.c @@ -429,8 +429,8 @@ static struct address_info cfg_mpu; static int io = -1; static int irq = -1; -module_param(io, int, 0444); -module_param(irq, int, 0444); +module_param_hw(io, int, ioport, 0444); +module_param_hw(irq, int, irq, 0444); static int __init init_uart401(void) diff --git a/sound/oss/uart6850.c b/sound/oss/uart6850.c index 1079133dd6ab..eda32d7eddbd 100644 --- a/sound/oss/uart6850.c +++ b/sound/oss/uart6850.c @@ -315,8 +315,8 @@ static struct address_info cfg_mpu; static int __initdata io = -1; static int __initdata irq = -1; -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); static int __init init_uart6850(void) { diff --git a/sound/oss/waveartist.c b/sound/oss/waveartist.c index b36ea47527e8..c3489bf5630b 100644 --- a/sound/oss/waveartist.c +++ b/sound/oss/waveartist.c @@ -2038,8 +2038,8 @@ __setup("waveartist=", setup_waveartist); #endif MODULE_DESCRIPTION("Rockwell WaveArtist RWA-010 sound driver"); -module_param(io, int, 0); /* IO base */ -module_param(irq, int, 0); /* IRQ */ -module_param(dma, int, 0); /* DMA */ -module_param(dma2, int, 0); /* DMA2 */ +module_param_hw(io, int, ioport, 0); /* IO base */ +module_param_hw(irq, int, irq, 0); /* IRQ */ +module_param_hw(dma, int, dma, 0); /* DMA */ +module_param_hw(dma2, int, dma, 0); /* DMA2 */ MODULE_LICENSE("GPL"); From patchwork Fri Jun 19 16:16:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313107 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBF26MxzB47l; Sat, 20 Jun 2020 02:18:45 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJiy-0003qe-6J; Fri, 19 Jun 2020 16:18:40 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhe-0002lw-56 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:18 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhc-0003iz-If for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:16 +0000 Received: by mail-il1-f198.google.com with SMTP id l11so6837137ils.11 for ; Fri, 19 Jun 2020 09:17:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=j3f5CA+oEyKTcP5F30fKARKJfwFAa7xFq4jDPD1fLSI=; b=lk0MBFRe9Cvv/IxMHhouNdtjGIeLy4TCtQrPBgk3K/kPN9IVLfrObMW8JI/fcxjJjD Vu7pplmAIJ85OLO0N5aJeozoKjAmBv1PZyc7DsOJrn3sPUr4J92IHl5RJAvHgxK/EGeE 1MA6zMvkIlTjNMBCJ8wof6ou9MnEsnfbGb0DINXNxdWGP0ttUtAymDa4iSS3TiA9z0VA VUYX2SRIeGBhhdwJhAPk+vu25Plm2BtpQAAKLPCBjdyl9qAPkGhoLVF1ZjKmnH6J/b8y FNAd3A7krBVfXs/+mJwG4X6rAhJrnVfFE9G9xMRQkZl9+IV/buX5mrAEL7N8KMz9Bce7 FKPQ== X-Gm-Message-State: AOAM533SUunD/VMRR8Bw4aq7nLlpIfv6PLwiYTWskX8+Xb1SzdnvqYJc oz8fuP3efFHt91zP299pdQVqYMFlXF7H+byKjLWsMCavNAlEa7zLR7gBFNs/2uO6UPm4qCWJru8 mrRIM+/ogxQO9WE6ANvG4vPTWW6MzWKuFLD56XEEVow== X-Received: by 2002:a92:c98a:: with SMTP id y10mr4252535iln.152.1592583435404; Fri, 19 Jun 2020 09:17:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJya4XpXPPC969gbu/aJRLLlv1G5VBmriC8h67mobjC3tDpMRfaRLYCBpFcg00Dugx1kCdn/ng== X-Received: by 2002:a92:c98a:: with SMTP id y10mr4252514iln.152.1592583435081; Fri, 19 Jun 2020 09:17:15 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id b8sm2009906ilf.28.2020.06.19.09.17.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:14 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 42/57][B] Annotate hardware config module parameters in sound/pci/ Date: Fri, 19 Jun 2020 11:16:06 -0500 Message-Id: <20200619161621.644540-43-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/pci/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Jaroslav Kysela cc: Takashi Iwai cc: alsa-devel@alsa-project.org (cherry picked from commit 6192c41fc608b0a58d5540b015aa1672c266f3c5) Signed-off-by: Seth Forshee --- sound/pci/als4000.c | 2 +- sound/pci/cmipci.c | 6 +++--- sound/pci/ens1370.c | 2 +- sound/pci/riptide/riptide.c | 6 +++--- sound/pci/sonicvibes.c | 2 +- sound/pci/via82xx.c | 2 +- sound/pci/ymfpci/ymfpci.c | 6 +++--- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/sound/pci/als4000.c b/sound/pci/als4000.c index ff39a0c7277b..585bd7527d7d 100644 --- a/sound/pci/als4000.c +++ b/sound/pci/als4000.c @@ -102,7 +102,7 @@ MODULE_PARM_DESC(id, "ID string for ALS4000 soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable ALS4000 soundcard."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address for ALS4000 soundcard. (0 = disabled)"); #endif diff --git a/sound/pci/cmipci.c b/sound/pci/cmipci.c index 24cdcba06d27..bf079eef4c1b 100644 --- a/sound/pci/cmipci.c +++ b/sound/pci/cmipci.c @@ -68,14 +68,14 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for C-Media PCI soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable C-Media PCI soundcard."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port."); module_param_array(soft_ac3, bool, NULL, 0444); MODULE_PARM_DESC(soft_ac3, "Software-conversion of raw SPDIF packets (model 033 only)."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address."); #endif diff --git a/sound/pci/ens1370.c b/sound/pci/ens1370.c index 0dc44ebb0032..f87b403480bf 100644 --- a/sound/pci/ens1370.c +++ b/sound/pci/ens1370.c @@ -106,7 +106,7 @@ module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Ensoniq AudioPCI soundcard."); #ifdef SUPPORT_JOYSTICK #ifdef CHIP1371 -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address."); #else module_param_array(joystick, bool, NULL, 0444); diff --git a/sound/pci/riptide/riptide.c b/sound/pci/riptide/riptide.c index 94639d6b5fb5..a4ffc9a0c60f 100644 --- a/sound/pci/riptide/riptide.c +++ b/sound/pci/riptide/riptide.c @@ -137,12 +137,12 @@ MODULE_PARM_DESC(id, "ID string for Riptide soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Riptide soundcard."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port # for Riptide soundcard."); #endif -module_param_array(mpu_port, int, NULL, 0444); +module_param_hw_array(mpu_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU401 port # for Riptide driver."); -module_param_array(opl3_port, int, NULL, 0444); +module_param_hw_array(opl3_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(opl3_port, "OPL3 port # for Riptide driver."); /* diff --git a/sound/pci/sonicvibes.c b/sound/pci/sonicvibes.c index 1b6fad7d4d56..877403f85f3c 100644 --- a/sound/pci/sonicvibes.c +++ b/sound/pci/sonicvibes.c @@ -66,7 +66,7 @@ module_param_array(reverb, bool, NULL, 0444); MODULE_PARM_DESC(reverb, "Enable reverb (SRAM is present) for S3 SonicVibes soundcard."); module_param_array(mge, bool, NULL, 0444); MODULE_PARM_DESC(mge, "MIC Gain Enable for S3 SonicVibes soundcard."); -module_param(dmaio, uint, 0444); +module_param_hw(dmaio, uint, ioport, 0444); MODULE_PARM_DESC(dmaio, "DDMA i/o base address for S3 SonicVibes soundcard."); /* diff --git a/sound/pci/via82xx.c b/sound/pci/via82xx.c index 3dd038bdb204..5a2c5c75e0c4 100644 --- a/sound/pci/via82xx.c +++ b/sound/pci/via82xx.c @@ -92,7 +92,7 @@ module_param(index, int, 0444); MODULE_PARM_DESC(index, "Index value for VIA 82xx bridge."); module_param(id, charp, 0444); MODULE_PARM_DESC(id, "ID string for VIA 82xx bridge."); -module_param(mpu_port, long, 0444); +module_param_hw(mpu_port, long, ioport, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port. (VT82C686x only)"); #ifdef SUPPORT_JOYSTICK module_param(joystick, bool, 0444); diff --git a/sound/pci/ymfpci/ymfpci.c b/sound/pci/ymfpci/ymfpci.c index 812e27a1bcbc..4faf3e1ed06a 100644 --- a/sound/pci/ymfpci/ymfpci.c +++ b/sound/pci/ymfpci/ymfpci.c @@ -55,12 +55,12 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for the Yamaha DS-1 PCI soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Yamaha DS-1 soundcard."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 Port."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM OPL-3 Port."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, long, NULL, 0444); +module_param_hw_array(joystick_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address"); #endif module_param_array(rear_switch, bool, NULL, 0444); From patchwork Fri Jun 19 16:16:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313109 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBH2v8fzB47R; Sat, 20 Jun 2020 02:18:47 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJj0-0003t5-DZ; Fri, 19 Jun 2020 16:18:42 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhf-0002mv-Qn for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:20 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhd-0003j8-Rh for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:17 +0000 Received: by mail-il1-f200.google.com with SMTP id o12so6821588ilf.6 for ; Fri, 19 Jun 2020 09:17:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AF+rvn3cPMdyW88bulT7E3dojOzpYjLcJmi/uh0A8Vo=; b=bkVYET1UU/Nfcl1DG02m+aFdUdV7IEC0ldJCf6vjNFnN81x4nFnYkiFdyQ+UEkMyOb +hrz0FFxUntGPOoSTihCkYkcc2qpLIyuAxoMnSi9CRnJLHX2RQ9ECW72JUIVj0THELDY XqrbjxhnneYkB0br/2V7IBLGYqgtGwsruZkY3D36AhSMbEscY2qAsIXj8JZE0qC3GqGO lcVjfj95d0uAAhe6aN2MgtUjrtxseZf8qeyzeT70u3Bk+gaqAaKY08ni3kDisJymadrX lgvDuhLjsjn6LRFKQ4i4qnE8J25Xv6Vitx/Rf8gT5J17+ukZf1Pnnej6U+LeipgJZBqS Qkrw== X-Gm-Message-State: AOAM533fSZQIAweirwUEzTpVdPm8/BjUitqMFerlsfQBQzLfULuVKBqJ ZBHPaBQPZcMcShIoWFFHOs3GunjjwW6bEbZr3itsLXPkcXxCsEJgn6TJI2Hbs81zOkZMAdioPrU h2IOU5PzYVDgopg2Xz5QD8AP3LyOWm6g1C37sYThm8Q== X-Received: by 2002:a05:6602:2cd1:: with SMTP id j17mr5110908iow.69.1592583436709; Fri, 19 Jun 2020 09:17:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxuvaVffqfMW6abzdfXSdbOB6B2KF54mU3QPopQAWN3mipAuUWch1B9shsxhHZdW73C6tA0vA== X-Received: by 2002:a05:6602:2cd1:: with SMTP id j17mr5110888iow.69.1592583436454; Fri, 19 Jun 2020 09:17:16 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a13sm3482471ill.51.2020.06.19.09.17.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:16 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 43/57][B] UBUNTU: SAUCE: (efi-lockdown) Lock down module params that specify hardware parameters (eg. ioport) Date: Fri, 19 Jun 2020 11:16:07 -0500 Message-Id: <20200619161621.644540-44-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). Suggested-by: Alan Cox Signed-off-by: David Howells (backported from commit 33a38c67ed53106458e1858a2101cae3026486e4 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- kernel/params.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/kernel/params.c b/kernel/params.c index a6d6149c0fe6..87bbf2bdc09e 100644 --- a/kernel/params.c +++ b/kernel/params.c @@ -108,13 +108,18 @@ bool parameq(const char *a, const char *b) return parameqn(a, b, strlen(a)+1); } -static void param_check_unsafe(const struct kernel_param *kp) +static bool param_check_unsafe(const struct kernel_param *kp, + const char *doing) { if (kp->flags & KERNEL_PARAM_FL_UNSAFE) { pr_warn("Setting dangerous option %s - tainting kernel\n", kp->name); add_taint(TAINT_USER, LOCKDEP_STILL_OK); } + + if (kp->flags & KERNEL_PARAM_FL_HWPARAM && secure_modules()) + return false; + return true; } static int parse_one(char *param, @@ -144,8 +149,10 @@ static int parse_one(char *param, pr_debug("handling %s with %p\n", param, params[i].ops->set); kernel_param_lock(params[i].mod); - param_check_unsafe(¶ms[i]); - err = params[i].ops->set(val, ¶ms[i]); + if (param_check_unsafe(¶ms[i], doing)) + err = params[i].ops->set(val, ¶ms[i]); + else + err = -EPERM; kernel_param_unlock(params[i].mod); return err; } @@ -608,6 +615,12 @@ static ssize_t param_attr_show(struct module_attribute *mattr, return count; } +#ifdef CONFIG_MODULES +#define mod_name(mod) (mod)->name +#else +#define mod_name(mod) "unknown" +#endif + /* sysfs always hands a nul-terminated string in buf. We rely on that. */ static ssize_t param_attr_store(struct module_attribute *mattr, struct module_kobject *mk, @@ -620,8 +633,10 @@ static ssize_t param_attr_store(struct module_attribute *mattr, return -EPERM; kernel_param_lock(mk->mod); - param_check_unsafe(attribute->param); - err = attribute->param->ops->set(buf, attribute->param); + if (param_check_unsafe(attribute->param, mod_name(mk->mod))) + err = attribute->param->ops->set(buf, attribute->param); + else + err = -EPERM; kernel_param_unlock(mk->mod); if (!err) return len; From patchwork Fri Jun 19 16:16:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313110 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBL41LszB3t1; Sat, 20 Jun 2020 02:18:50 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJj3-0003wW-6D; Fri, 19 Jun 2020 16:18:45 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhh-0002nz-EB for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:21 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhf-0003jK-FN for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:19 +0000 Received: by mail-io1-f70.google.com with SMTP id a16so7173171iow.9 for ; Fri, 19 Jun 2020 09:17:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vRdXymHRKOI3kRnkEBUTBToBzMkSk23R3C8M32JJSys=; b=QLHz32RLZ7pXa5agSUQELuWGbkvcFGSmOH70ZQZDnme8Tz+wC8dUyJVVYHUq2nzpD+ I7M3k/QHA73/EqYfHVh0027pC4cvSoWElLVZUnLX0yu47uB0n0FudJSs2Ri5Iw6tO6dO xUIFa4guxloTIzQcGfRlTw0KahogarWRRUmuLqa/DkLb7/1LUVOU5b9ObV9+/ngxmNve Fv3WIqUYT9TSydS6m6suc9xcmmh4/ZLO0tYM2hPPIgndKN0/6YW7yvbGeQMUpUCuRxI/ OH08DQNYKHJlmM5cNv4avaU+FuFMslKIMZ+i3KiVoczd3k5ydzMqnoL0x9eDpzgu3NhO 6Nnw== X-Gm-Message-State: AOAM532mRUmvaKV3HyuvfxnGT0JWRdj+jSj3pGgapcfjHeWa8/51p8hA ckeTfDY6FRXzdzfoP7ZDc6dKrPbkdE4HjG0euOoPI4P8+pHMrDGq7C8YfpJC8PXxqbI7T3CsbbT pHJrNJcgrewgAPFsFakeJTy2NjN3Xk5K7iSTkYuuT0A== X-Received: by 2002:a92:cb4c:: with SMTP id f12mr4368389ilq.235.1592583438368; Fri, 19 Jun 2020 09:17:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzVdeq69vyprBaTvydhB5emvo3SmTu0am7Zepkscy1wno2GrUpkcDhZDjQM0Se7hMDEWKFaMw== X-Received: by 2002:a92:cb4c:: with SMTP id f12mr4368337ilq.235.1592583437669; Fri, 19 Jun 2020 09:17:17 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id q5sm3374458ile.37.2020.06.19.09.17.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:17 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 44/57][B] UBUNTU: SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked down Date: Fri, 19 Jun 2020 11:16:08 -0500 Message-Id: <20200619161621.644540-45-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Prohibit replacement of the PCMCIA Card Information Structure when the kernel is locked down. Suggested-by: Dominik Brodowski Signed-off-by: David Howells cc: linux-pcmcia@lists.infradead.org (backported from commit c5fe6d4762b16204e218f5299d232b9953c4caaa git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- drivers/pcmcia/cistpl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/pcmcia/cistpl.c b/drivers/pcmcia/cistpl.c index 55ef7d1fd8da..4ea05a5ec4b2 100644 --- a/drivers/pcmcia/cistpl.c +++ b/drivers/pcmcia/cistpl.c @@ -1578,6 +1578,9 @@ static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj, struct pcmcia_socket *s; int error; + if (secure_modules()) + return -EPERM; + s = to_socket(container_of(kobj, struct device, kobj)); if (off) From patchwork Fri Jun 19 16:16:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313111 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBN4Sc9zB47h; Sat, 20 Jun 2020 02:18:52 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJj4-0003yN-Pb; Fri, 19 Jun 2020 16:18:46 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhi-0002op-Kc for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:22 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhg-0003jk-Lu for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:20 +0000 Received: by mail-il1-f199.google.com with SMTP id c29so6805662ilf.20 for ; Fri, 19 Jun 2020 09:17:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AwYcIsdy0Sw03kYMfbvUFlWqCJhDqXXwh6mECPJ4aSs=; b=n3FSUpMKM2UUuXVN4X9NELwPSsQjiRl0FJjhPmmooJMVr0C4Mqe5g1H1SvRvcop0KV xkuFX5UTcWACD6KIIjDyg33BGfriYJhz81GpBfZjPGTuZ1L+dLyu4wmbnJTIuGcwmScV H+0ZnGUCkkuO2vVraMTSYySeDiNTTU5YT3DqJfl/WeoKFP1/NtmMJZ8oHrsZpJs+WzH7 Uhtql/QMi/6vJTrlE5NyAxrhdQN8gEHK7kVcHlCxSewFyB7swYUgIf4JHgrC2+WtvTOX oZM8m17HchYi9HprhcAGF5XdFSUxmms+cbJfnj+B+G21SOcmk+FOYwOejeiaWA+6is/x GPfQ== X-Gm-Message-State: AOAM530bqm8FQsYum1vIqrF/0jIoUh0EATuMrVb/ejzl/KwtMhdUhlSI 92rNW7ygmRPqWIo9JK1IUo7fD51eK9ye8CeeSsQSPtVQcp5o4WOUTdkXxaRcqRfyT76+whOTCvI h+odbqj5n3o9BzZvRawhY1bg7Gft1CpB8vxrxhoeL0Q== X-Received: by 2002:a02:cd2b:: with SMTP id h11mr4555102jaq.47.1592583439506; Fri, 19 Jun 2020 09:17:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyI1oot46jqyhr5Q7R/nOvmxR/uQOpl/vNKJU0uZRGboAZaNntsqJaZNY9l7CpWVLvaKILgKA== X-Received: by 2002:a02:cd2b:: with SMTP id h11mr4555081jaq.47.1592583439233; Fri, 19 Jun 2020 09:17:19 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id v20sm3494557ilc.1.2020.06.19.09.17.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:18 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 45/57][B] UBUNTU: SAUCE: (efi-lockdown) kexec_file: Disable at runtime if the kernel is locked down Date: Fri, 19 Jun 2020 11:16:09 -0500 Message-Id: <20200619161621.644540-46-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Chun-Yi Lee BugLink: https://bugs.launchpad.net/bugs/1884159 When KEXEC_VERIFY_SIG is not enabled, kernel should not load images through kexec_file systemcall if the kernel is locked down. This code was showed in Matthew's patch but not in git: https://lkml.org/lkml/2015/3/13/778 Cc: Matthew Garrett Signed-off-by: Chun-Yi Lee Signed-off-by: David Howells Reviewed-by: James Morris cc: kexec@lists.infradead.org (backported from commit 6620737c201ed7242dbb672803085b46ae600ce7 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- kernel/kexec_file.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 6030efd4a188..14d19eda9ec9 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -317,6 +317,12 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) return -EPERM; + /* Don't permit images to be loaded into trusted kernels if we're not + * going to verify the signature on them + */ + if (!IS_ENABLED(CONFIG_KEXEC_VERIFY_SIG) && secure_modules()) + return -EPERM; + /* Make sure we have a legal set of flags */ if (flags != (flags & KEXEC_FILE_FLAGS)) return -EINVAL; From patchwork Fri Jun 19 16:16:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313112 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBQ1d4qzB47r; Sat, 20 Jun 2020 02:18:54 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJj7-00041I-2n; Fri, 19 Jun 2020 16:18:49 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhj-0002pe-Ve for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:24 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhh-0003jr-VY for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:22 +0000 Received: by mail-io1-f72.google.com with SMTP id r19so850980iod.6 for ; Fri, 19 Jun 2020 09:17:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5puwuIG2UqIZTOL8V8a6BrzTcRHATl5SufIN0D2RqBM=; b=NJ5o/K7RkJH74tPapJS2VJeVbbsjKUO2mXo2E2KH4cznTyTu5KHgtdvDPlEgvDsiT8 hTmcNAi+41RcalrAMucVSCBLTdn43tBpLARcAB623sAgGseEDCPGI4O7c/m8W2IPqY8M looRRd3AE1KtsHZgKOCKyL2jKmKuaXgYeBLjiK/ZCJzVKdrxkbJaLVawYVqxnFzTRpc5 doG0JRkADAQkM6FNaWvC3hE0odT58b2268EJWW21AtQ1sGP1kkOe8+DKFhzx9m0+T8HW ULH1ETfeWB+TRNUpKrJVD69BqWd0bSgaMgXjpoSfwVHXjnK5aMjNg16MGANUbXx5AtaX v3ZA== X-Gm-Message-State: AOAM533NxRzDpHvEx4Uq//OwQGxbSGvbyqs8b0zUk+v+0RSiISMUWkMx mVfLoAKIDq5tgOudyW7ns5QynarfJwJBmx0ZWujVBc3GGG+tgDQB7ySJKzUzXWDBLyVLhPswhxR xXe2OxoCOCG1PFlf+Sa7Wfqsd3olMxtvDHe1bLj6obg== X-Received: by 2002:a02:1a08:: with SMTP id 8mr4359195jai.124.1592583440769; Fri, 19 Jun 2020 09:17:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx0e+jvyAvBscnd8s2eH9fHW9odxO3dIbmWwkjcYuJqQZ5trXbtWT4NHf382+Q2AR637eHsTA== X-Received: by 2002:a02:1a08:: with SMTP id 8mr4359171jai.124.1592583440455; Fri, 19 Jun 2020 09:17:20 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n1sm3289970ilm.55.2020.06.19.09.17.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:20 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 46/57][B] UBUNTU: SAUCE: (efi-lockdown) Lock down TIOCSSERIAL Date: Fri, 19 Jun 2020 11:16:10 -0500 Message-Id: <20200619161621.644540-47-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Lock down TIOCSSERIAL as that can be used to change the ioport and irq settings on a serial port. This only appears to be an issue for the serial drivers that use the core serial code. All other drivers seem to either ignore attempts to change port/irq or give an error. Reported-by: Greg Kroah-Hartman Signed-off-by: David Howells cc: Jiri Slaby (backported from commit 8d8c1da752c5ea837f1dbe06fa21d4ca891fcd83 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- drivers/tty/serial/serial_core.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c index 013fb874c64e..51271d62a7a1 100644 --- a/drivers/tty/serial/serial_core.c +++ b/drivers/tty/serial/serial_core.c @@ -768,6 +768,11 @@ static int uart_set_info(struct tty_struct *tty, struct tty_port *port, new_flags = new_info->flags; old_custom_divisor = uport->custom_divisor; + if ((change_port || change_irq) && secure_modules()) { + retval = -EPERM; + goto exit; + } + if (!capable(CAP_SYS_ADMIN)) { retval = -EPERM; if (change_irq || change_port || From patchwork Fri Jun 19 16:16:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313113 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBS1q63zB47s; Sat, 20 Jun 2020 02:18:56 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJj9-00043e-DA; Fri, 19 Jun 2020 16:18:51 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhk-0002qK-QG for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:24 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhj-0003jy-08 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:23 +0000 Received: by mail-io1-f70.google.com with SMTP id t23so7139273iog.21 for ; Fri, 19 Jun 2020 09:17:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=cDiUWJmO/4e623ftdF6yZteuPUtF3hoQ9IbVPfDqVWY=; b=jv35orr7XNtLUTVW05jHk5we/Qemcgg+sgcEPorELuAL4iv94zoTH3Nv4tRhhQSivf 59iIe1NcIQVbUcdjm6LuYp0QKCbchgeQHU9w4Bzl1MVfGnuAL9ZQJVXPC7I0iBNdCfKk XmiBGMY+LXI5FDLd/bOKh77LKUZhEws49/tNm7t/AaIjpsFfKkJgk2rdwxpGJhG2Jqp5 +PzuSHoyZ/PMFplJRLFI0XBtyyXREXLT+qftB9POjrl6Pov/v54z5FF6URvRZHKAhpRM CjHCjx9I2IBAiKKUBYbFTkqVWaaJg2LOyrWckfGNMHZYpf6qBCHjcNvbrL9WGzL+Cekr v5ew== X-Gm-Message-State: AOAM533BfdIZUXUG975mRems+gPpJUJRJ77aVcT4sRkq9vJnfyU3eV+r 0o+xjI3epTagTYtAGWwoTt27iPP3hdcImvYo+fNLORzLCG66hWBHo7WF+YHhCmZD53azy07eAk+ uPLEV3xbkyjuHF7SVu5toZAR4RNQBquS2jc3zC08pnA== X-Received: by 2002:a92:5fcd:: with SMTP id i74mr4299662ill.169.1592583441882; Fri, 19 Jun 2020 09:17:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzrxW7OzltWsHR0Z/DyW9K7DVfiPP9AJkEvHDK+F8mwRUDI0SCM4SEUNFy94hX/LiZxdFpwQw== X-Received: by 2002:a92:5fcd:: with SMTP id i74mr4299641ill.169.1592583441640; Fri, 19 Jun 2020 09:17:21 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n17sm3384032iom.22.2020.06.19.09.17.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:21 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 47/57][B] efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN Date: Fri, 19 Jun 2020 11:16:11 -0500 Message-Id: <20200619161621.644540-48-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Javier Martinez Canillas BugLink: https://bugs.launchpad.net/bugs/1884159 The driver exposes EFI runtime services to user-space through an IOCTL interface, calling the EFI services function pointers directly without using the efivar API. Disallow access to the /dev/efi_test character device when the kernel is locked down to prevent arbitrary user-space to call EFI runtime services. Also require CAP_SYS_ADMIN to open the chardev to prevent unprivileged users to call the EFI runtime services, instead of just relying on the chardev file mode bits for this. The main user of this driver is the fwts [0] tool that already checks if the effective user ID is 0 and fails otherwise. So this change shouldn't cause any regression to this tool. [0]: https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo Signed-off-by: Javier Martinez Canillas Signed-off-by: Ard Biesheuvel Acked-by: Laszlo Ersek Acked-by: Matthew Garrett Cc: Linus Torvalds Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: linux-efi@vger.kernel.org Link: https://lkml.kernel.org/r/20191029173755.27149-7-ardb@kernel.org Signed-off-by: Ingo Molnar (backported from commit 359efcc2c910117d2faf704ce154e91fc976d37f) Signed-off-by: Seth Forshee --- drivers/firmware/efi/test/efi_test.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/firmware/efi/test/efi_test.c b/drivers/firmware/efi/test/efi_test.c index f61bb52be318..3dc55ac0af73 100644 --- a/drivers/firmware/efi/test/efi_test.c +++ b/drivers/firmware/efi/test/efi_test.c @@ -696,6 +696,13 @@ static long efi_test_ioctl(struct file *file, unsigned int cmd, static int efi_test_open(struct inode *inode, struct file *file) { + bool locked_down = secure_modules(); + + if (locked_down) + return -EPERM; + + if (!capable(CAP_SYS_ADMIN)) + return -EACCES; /* * nothing special to do here * We do accept multiple open files at the same time as we From patchwork Fri Jun 19 16:16:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313115 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBW3mnczB47D; Sat, 20 Jun 2020 02:18:59 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjC-00047q-Oh; Fri, 19 Jun 2020 16:18:54 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhm-0002rE-1R for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:26 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhk-0003k4-Id for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:24 +0000 Received: by mail-io1-f72.google.com with SMTP id w2so7165834iom.13 for ; Fri, 19 Jun 2020 09:17:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=05KgY+b3tdoF6NU5GzlFEftZ7eE0jIzzZP9/ImIYomU=; b=eVCyFSSkiClxJNNZOIc3ztsC7TnrrMU2zj1RfV3vfriP841M9JKdMElZyBGF/QW3XN HVJ8iwF4Ax5FN5mTvuIDUH7C/LsqX5l6VZKb1xuXnTsf/igMnO0A+NCGG7bur1rN0cJ1 FYIud3H2XpmoC6PJ/pbDRTwuRtIfw+h7sNEjxsU7et6l9XyzZBmz75R4sh6HRl7X4cpb CQ+r54Ojox0hMSIZp0gu3C7rDJYuxTaD8iFlfGilV3CgfGS6MQAA5OGPxJp5nR9u1BUv y9uA14lLmYM41svgfj9kXrJdaCo2SNRXkjZ8nje2gt8mt1udMfe6BMxbJZugrO5qZFy+ R8rQ== X-Gm-Message-State: AOAM530sVC/VSTwXqB9SeBlXI4IgeTVxPjGatWY7H4b1jjJ+jXQfJrDC ThA9hz6JxGs3bTh4Begi5a6Q/lu3hsGPC2Q1DTm2xTxifQMtDCn4dPMfdMvVIhBrXc/g5yM/C+q IvLXrZNoXjg3FVSTq8j+El1IGazpX3FTbnWRbnbXcTA== X-Received: by 2002:a02:85a5:: with SMTP id d34mr4368865jai.123.1592583443235; Fri, 19 Jun 2020 09:17:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw7WODp0bt7ZcGdLrs1+hcvnzl8IG/J1qOewB3j2dJiFIwajtOiSzLVhIkNu/pErUiCvGFVzw== X-Received: by 2002:a02:85a5:: with SMTP id d34mr4368839jai.123.1592583442842; Fri, 19 Jun 2020 09:17:22 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id d1sm3291176ilq.3.2020.06.19.09.17.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:22 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 48/57][B] debugfs: prevent access to possibly dead file_operations at file open Date: Fri, 19 Jun 2020 11:16:12 -0500 Message-Id: <20200619161621.644540-49-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Nothing prevents a dentry found by path lookup before a return of __debugfs_remove() to actually get opened after that return. Now, after the return of __debugfs_remove(), there are no guarantees whatsoever regarding the memory the corresponding inode's file_operations object had been kept in. Since __debugfs_remove() is seldomly invoked, usually from module exit handlers only, the race is hard to trigger and the impact is very low. A discussion of the problem outlined above as well as a suggested solution can be found in the (sub-)thread rooted at http://lkml.kernel.org/g/20130401203445.GA20862@ZenIV.linux.org.uk ("Yet another pipe related oops.") Basically, Greg KH suggests to introduce an intermediate fops and Al Viro points out that a pointer to the original ones may be stored in ->d_fsdata. Follow this line of reasoning: - Add SRCU as a reverse dependency of DEBUG_FS. - Introduce a srcu_struct object for the debugfs subsystem. - In debugfs_create_file(), store a pointer to the original file_operations object in ->d_fsdata. - Make debugfs_remove() and debugfs_remove_recursive() wait for a SRCU grace period after the dentry has been delete()'d and before they return to their callers. - Introduce an intermediate file_operations object named "debugfs_open_proxy_file_operations". It's ->open() functions checks, under the protection of a SRCU read lock, whether the dentry is still alive, i.e. has not been d_delete()'d and if so, tries to acquire a reference on the owning module. On success, it sets the file object's ->f_op to the original file_operations and forwards the ongoing open() call to the original ->open(). - For clarity, rename the former debugfs_file_operations to debugfs_noop_file_operations -- they are in no way canonical. The choice of SRCU over "normal" RCU is justified by the fact, that the former may also be used to protect ->i_private data from going away during the execution of a file's readers and writers which may (and do) sleep. Finally, introduce the fs/debugfs/internal.h header containing some declarations internal to the debugfs implementation. Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (backported from commit 9fd4dcece43a53e5a9e65a973df5693702ee6401) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 91 ++++++++++++++++++++++++++++++++++++++++- fs/debugfs/inode.c | 13 +++++- fs/debugfs/internal.h | 24 +++++++++++ include/linux/debugfs.h | 3 -- lib/Kconfig.debug | 1 + 5 files changed, 127 insertions(+), 5 deletions(-) create mode 100644 fs/debugfs/internal.h diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index d2ba12e23ed9..736ab3c988f2 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -22,6 +22,9 @@ #include #include #include +#include + +#include "internal.h" static ssize_t default_read_file(struct file *file, char __user *buf, size_t count, loff_t *ppos) @@ -35,13 +38,99 @@ static ssize_t default_write_file(struct file *file, const char __user *buf, return count; } -const struct file_operations debugfs_file_operations = { +const struct file_operations debugfs_noop_file_operations = { .read = default_read_file, .write = default_write_file, .open = simple_open, .llseek = noop_llseek, }; +/** + * debugfs_use_file_start - mark the beginning of file data access + * @dentry: the dentry object whose data is being accessed. + * @srcu_idx: a pointer to some memory to store a SRCU index in. + * + * Up to a matching call to debugfs_use_file_finish(), any + * successive call into the file removing functions debugfs_remove() + * and debugfs_remove_recursive() will block. Since associated private + * file data may only get freed after a successful return of any of + * the removal functions, you may safely access it after a successful + * call to debugfs_use_file_start() without worrying about + * lifetime issues. + * + * If -%EIO is returned, the file has already been removed and thus, + * it is not safe to access any of its data. If, on the other hand, + * it is allowed to access the file data, zero is returned. + * + * Regardless of the return code, any call to + * debugfs_use_file_start() must be followed by a matching call + * to debugfs_use_file_finish(). + */ +static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) + __acquires(&debugfs_srcu) +{ + *srcu_idx = srcu_read_lock(&debugfs_srcu); + barrier(); + if (d_unlinked(dentry)) + return -EIO; + return 0; +} + +/** + * debugfs_use_file_finish - mark the end of file data access + * @srcu_idx: the SRCU index "created" by a former call to + * debugfs_use_file_start(). + * + * Allow any ongoing concurrent call into debugfs_remove() or + * debugfs_remove_recursive() blocked by a former call to + * debugfs_use_file_start() to proceed and return to its caller. + */ +static void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) +{ + srcu_read_unlock(&debugfs_srcu, srcu_idx); +} + +#define F_DENTRY(filp) ((filp)->f_path.dentry) + +#define REAL_FOPS_DEREF(dentry) \ + ((const struct file_operations *)(dentry)->d_fsdata) + +static int open_proxy_open(struct inode *inode, struct file *filp) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = NULL; + int srcu_idx, r; + + r = debugfs_use_file_start(dentry, &srcu_idx); + if (r) { + r = -ENOENT; + goto out; + } + + real_fops = REAL_FOPS_DEREF(dentry); + real_fops = fops_get(real_fops); + if (!real_fops) { + /* Huh? Module did not clean up after itself at exit? */ + WARN(1, "debugfs file owner did not clean up at exit: %pd", + dentry); + r = -ENXIO; + goto out; + } + replace_fops(filp, real_fops); + + if (real_fops->open) + r = real_fops->open(inode, filp); + +out: + fops_put(real_fops); + debugfs_use_file_finish(srcu_idx); + return r; +} + +const struct file_operations debugfs_open_proxy_file_operations = { + .open = open_proxy_open, +}; + static struct dentry *debugfs_create_mode(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index d7111b8ce36a..f01e61932747 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -27,9 +27,14 @@ #include #include #include +#include + +#include "internal.h" #define DEBUGFS_DEFAULT_MODE 0700 +DEFINE_SRCU(debugfs_srcu); + static struct vfsmount *debugfs_mount; static int debugfs_mount_count; static bool debugfs_registered; @@ -345,8 +350,12 @@ struct dentry *debugfs_create_file(const char *name, umode_t mode, return failed_creating(dentry); inode->i_mode = mode; - inode->i_fop = fops ? fops : &debugfs_file_operations; inode->i_private = data; + + inode->i_fop = fops ? &debugfs_open_proxy_file_operations + : &debugfs_noop_file_operations; + dentry->d_fsdata = (void *)fops; + d_instantiate(dentry, inode); fsnotify_create(d_inode(dentry->d_parent), dentry); return end_creating(dentry); @@ -570,6 +579,7 @@ void debugfs_remove(struct dentry *dentry) mutex_unlock(&d_inode(parent)->i_mutex); if (!ret) simple_release_fs(&debugfs_mount, &debugfs_mount_count); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove); @@ -647,6 +657,7 @@ void debugfs_remove_recursive(struct dentry *dentry) if (!__debugfs_remove(child, parent)) simple_release_fs(&debugfs_mount, &debugfs_mount_count); mutex_unlock(&d_inode(parent)->i_mutex); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove_recursive); diff --git a/fs/debugfs/internal.h b/fs/debugfs/internal.h new file mode 100644 index 000000000000..c7aaa5cb6685 --- /dev/null +++ b/fs/debugfs/internal.h @@ -0,0 +1,24 @@ +/* + * internal.h - declarations internal to debugfs + * + * Copyright (C) 2016 Nicolai Stange + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License version + * 2 as published by the Free Software Foundation. + * + */ + +#ifndef _DEBUGFS_INTERNAL_H_ +#define _DEBUGFS_INTERNAL_H_ + +struct file_operations; +struct srcu_struct; + +/* declared over in file.c */ +extern const struct file_operations debugfs_noop_file_operations; +extern const struct file_operations debugfs_open_proxy_file_operations; + +extern struct srcu_struct debugfs_srcu; + +#endif /* _DEBUGFS_INTERNAL_H_ */ diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h index 51362ff607fc..6215d2852a3e 100644 --- a/include/linux/debugfs.h +++ b/include/linux/debugfs.h @@ -43,9 +43,6 @@ extern struct dentry *arch_debugfs_dir; #if defined(CONFIG_DEBUG_FS) -/* declared over in file.c */ -extern const struct file_operations debugfs_file_operations; - struct dentry *debugfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 1f2d6e38dc30..8f27ef6f84e9 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -257,6 +257,7 @@ config PAGE_OWNER config DEBUG_FS bool "Debug Filesystem" + select SRCU help debugfs is a virtual file system that kernel developers use to put debugging files into. Enable this option to be able to read and From patchwork Fri Jun 19 16:16:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313116 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBY0pNSzB47w; Sat, 20 Jun 2020 02:19:01 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjE-00049f-7R; Fri, 19 Jun 2020 16:18:56 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhn-0002sJ-ML for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:27 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhm-0003kM-4p for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:26 +0000 Received: by mail-io1-f69.google.com with SMTP id a16so7173513iow.9 for ; Fri, 19 Jun 2020 09:17:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=05bEEchp6c20vSnPymXU485Qg+eAfPiT6nf4ElE/3ME=; b=f2S1OxxwtN8Bs9XimXDVEK7HMv1HW38pMGHb7m5IWLq2aFUGFuNiFqDGoOX6EIvlRg Ytl3uVzzDBCLJ0DAkZq2v8PoRLKSgXO0QrcLFBqdHosweg+iKkG1yh/yaZY2OIz4uB64 qYMA0xxLEAeGLbfYcH4ksGio9MrHuiVDbuN9Nl+CPppLZx+Qz64wqpw7lODfNfxMujWM B9y36X71w/N9nhifcvmQvG6BxhRGr3Pxg9TkMOToaUHHSd/ZGlJbrYg4RTDP8AO6Vstp D9OWKdIuDFA0nbwHmUOh+Ww3KbvGCCp1RrJyV2/WXIv8W2oTZMSPwkO3zrzn+j0byZlU Z0dA== X-Gm-Message-State: AOAM531tVjPTiB2BUZQXpcnBW2gr5sHU0XVb0AYlUr+6YoytgFGIwgT3 LCeurMUstqGfaEewAOz45vO+bk87oKFltPZwo/Pt9NVNJZlifRNOt/x6KN6vvlIQLUJVJQOvFIu paKPqildsobDtkKADJplnREXn3lDU8RePp5AZPWErgA== X-Received: by 2002:a92:7104:: with SMTP id m4mr4431639ilc.87.1592583444699; Fri, 19 Jun 2020 09:17:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx2XArMWExKPA34BQJOVJN3pZNO/IglP8T3YC7zuwYloJnRx0FLErtOSHGI1w7RS0pmF/n7Ug== X-Received: by 2002:a92:7104:: with SMTP id m4mr4431613ilc.87.1592583444234; Fri, 19 Jun 2020 09:17:24 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t14sm3270829ilp.73.2020.06.19.09.17.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:23 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 49/57][B] debugfs: prevent access to removed files' private data Date: Fri, 19 Jun 2020 11:16:13 -0500 Message-Id: <20200619161621.644540-50-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Upon return of debugfs_remove()/debugfs_remove_recursive(), it might still be attempted to access associated private file data through previously opened struct file objects. If that data has been freed by the caller of debugfs_remove*() in the meanwhile, the reading/writing process would either encounter a fault or, if the memory address in question has been reassigned again, unrelated data structures could get overwritten. However, since debugfs files are seldomly removed, usually from module exit handlers only, the impact is very low. Currently, there are ~1000 call sites of debugfs_create_file() spread throughout the whole tree and touching all of those struct file_operations in order to make them file removal aware by means of checking the result of debugfs_use_file_start() from within their methods is unfeasible. Instead, wrap the struct file_operations by a lifetime managing proxy at file open: - In debugfs_create_file(), the original fops handed in has got stashed away in ->d_fsdata already. - In debugfs_create_file(), install a proxy file_operations factory, debugfs_full_proxy_file_operations, at ->i_fop. This proxy factory has got an ->open() method only. It carries out some lifetime checks and if successful, dynamically allocates and sets up a new struct file_operations proxy at ->f_op. Afterwards, it forwards to the ->open() of the original struct file_operations in ->d_fsdata, if any. The dynamically set up proxy at ->f_op has got a lifetime managing wrapper set for each of the methods defined in the original struct file_operations in ->d_fsdata. Its ->release()er frees the proxy again and forwards to the original ->release(), if any. In order not to mislead the VFS layer, it is strictly necessary to leave those fields blank in the proxy that have been NULL in the original struct file_operations also, i.e. aren't supported. This is why there is a need for dynamically allocated proxies. The choice made not to allocate a proxy instance for every dentry at file creation, but for every struct file object instantiated thereof is justified by the expected usage pattern of debugfs, namely that in general very few files get opened more than once at a time. The wrapper methods set in the struct file_operations implement lifetime managing by means of the SRCU protection facilities already in place for debugfs: They set up a SRCU read side critical section and check whether the dentry is still alive by means of debugfs_use_file_start(). If so, they forward the call to the original struct file_operation stored in ->d_fsdata, still under the protection of the SRCU read side critical section. This SRCU read side critical section prevents any pending debugfs_remove() and friends to return to their callers. Since a file's private data must only be freed after the return of debugfs_remove(), the ongoing proxied call is guarded against any file removal race. If, on the other hand, the initial call to debugfs_use_file_start() detects that the dentry is dead, the wrapper simply returns -EIO and does not forward the call. Note that the ->poll() wrapper is special in that its signature does not allow for the return of arbitrary -EXXX values and thus, POLLHUP is returned here. In order not to pollute debugfs with wrapper definitions that aren't ever needed, I chose not to define a wrapper for every struct file_operations method possible. Instead, a wrapper is defined only for the subset of methods which are actually set by any debugfs users. Currently, these are: ->llseek() ->read() ->write() ->unlocked_ioctl() ->poll() The ->release() wrapper is special in that it does not protect the original ->release() in any way from dead files in order not to leak resources. Thus, any ->release() handed to debugfs must implement file lifetime management manually, if needed. For only 33 out of a total of 434 releasers handed in to debugfs, it could not be verified immediately whether they access data structures that might have been freed upon a debugfs_remove() return in the meanwhile. Export debugfs_use_file_start() and debugfs_use_file_finish() in order to allow any ->release() to manually implement file lifetime management. For a set of common cases of struct file_operations implemented by the debugfs_core itself, future patches will incorporate file lifetime management directly within those in order to allow for their unproxied operation. Rename the original, non-proxying "debugfs_create_file()" to "debugfs_create_file_unsafe()" and keep it for future internal use by debugfs itself. Factor out code common to both into the new __debugfs_create_file(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (backported from commit 49d200deaa680501f19a247b1fffb29301e51d2b) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 157 +++++++++++++++++++++++++++++++++++++++- fs/debugfs/inode.c | 70 ++++++++++++------ fs/debugfs/internal.h | 6 +- include/linux/debugfs.h | 20 +++++ 4 files changed, 226 insertions(+), 27 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 736ab3c988f2..6eb58a8ed03c 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -23,9 +23,12 @@ #include #include #include +#include #include "internal.h" +struct poll_table_struct; + static ssize_t default_read_file(struct file *file, char __user *buf, size_t count, loff_t *ppos) { @@ -66,7 +69,7 @@ const struct file_operations debugfs_noop_file_operations = { * debugfs_use_file_start() must be followed by a matching call * to debugfs_use_file_finish(). */ -static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) +int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) __acquires(&debugfs_srcu) { *srcu_idx = srcu_read_lock(&debugfs_srcu); @@ -75,6 +78,7 @@ static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) return -EIO; return 0; } +EXPORT_SYMBOL_GPL(debugfs_use_file_start); /** * debugfs_use_file_finish - mark the end of file data access @@ -85,10 +89,11 @@ static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) * debugfs_remove_recursive() blocked by a former call to * debugfs_use_file_start() to proceed and return to its caller. */ -static void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) +void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) { srcu_read_unlock(&debugfs_srcu, srcu_idx); } +EXPORT_SYMBOL_GPL(debugfs_use_file_finish); #define F_DENTRY(filp) ((filp)->f_path.dentry) @@ -131,6 +136,154 @@ const struct file_operations debugfs_open_proxy_file_operations = { .open = open_proxy_open, }; +#define PROTO(args...) args +#define ARGS(args...) args + +#define FULL_PROXY_FUNC(name, ret_type, filp, proto, args) \ +static ret_type full_proxy_ ## name(proto) \ +{ \ + const struct dentry *dentry = F_DENTRY(filp); \ + const struct file_operations *real_fops = \ + REAL_FOPS_DEREF(dentry); \ + int srcu_idx; \ + ret_type r; \ + \ + r = debugfs_use_file_start(dentry, &srcu_idx); \ + if (likely(!r)) \ + r = real_fops->name(args); \ + debugfs_use_file_finish(srcu_idx); \ + return r; \ +} + +FULL_PROXY_FUNC(llseek, loff_t, filp, + PROTO(struct file *filp, loff_t offset, int whence), + ARGS(filp, offset, whence)); + +FULL_PROXY_FUNC(read, ssize_t, filp, + PROTO(struct file *filp, char __user *buf, size_t size, + loff_t *ppos), + ARGS(filp, buf, size, ppos)); + +FULL_PROXY_FUNC(write, ssize_t, filp, + PROTO(struct file *filp, const char __user *buf, size_t size, + loff_t *ppos), + ARGS(filp, buf, size, ppos)); + +FULL_PROXY_FUNC(unlocked_ioctl, long, filp, + PROTO(struct file *filp, unsigned int cmd, unsigned long arg), + ARGS(filp, cmd, arg)); + +static unsigned int full_proxy_poll(struct file *filp, + struct poll_table_struct *wait) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = REAL_FOPS_DEREF(dentry); + int srcu_idx; + unsigned int r = 0; + + if (debugfs_use_file_start(dentry, &srcu_idx)) { + debugfs_use_file_finish(srcu_idx); + return POLLHUP; + } + + r = real_fops->poll(filp, wait); + debugfs_use_file_finish(srcu_idx); + return r; +} + +static int full_proxy_release(struct inode *inode, struct file *filp) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = REAL_FOPS_DEREF(dentry); + const struct file_operations *proxy_fops = filp->f_op; + int r = 0; + + /* + * We must not protect this against removal races here: the + * original releaser should be called unconditionally in order + * not to leak any resources. Releasers must not assume that + * ->i_private is still being meaningful here. + */ + if (real_fops->release) + r = real_fops->release(inode, filp); + + replace_fops(filp, d_inode(dentry)->i_fop); + kfree((void *)proxy_fops); + fops_put(real_fops); + return 0; +} + +static void __full_proxy_fops_init(struct file_operations *proxy_fops, + const struct file_operations *real_fops) +{ + proxy_fops->release = full_proxy_release; + if (real_fops->llseek) + proxy_fops->llseek = full_proxy_llseek; + if (real_fops->read) + proxy_fops->read = full_proxy_read; + if (real_fops->write) + proxy_fops->write = full_proxy_write; + if (real_fops->poll) + proxy_fops->poll = full_proxy_poll; + if (real_fops->unlocked_ioctl) + proxy_fops->unlocked_ioctl = full_proxy_unlocked_ioctl; +} + +static int full_proxy_open(struct inode *inode, struct file *filp) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = NULL; + struct file_operations *proxy_fops = NULL; + int srcu_idx, r; + + r = debugfs_use_file_start(dentry, &srcu_idx); + if (r) { + r = -ENOENT; + goto out; + } + + real_fops = REAL_FOPS_DEREF(dentry); + real_fops = fops_get(real_fops); + if (!real_fops) { + /* Huh? Module did not cleanup after itself at exit? */ + WARN(1, "debugfs file owner did not clean up at exit: %pd", + dentry); + r = -ENXIO; + goto out; + } + + proxy_fops = kzalloc(sizeof(*proxy_fops), GFP_KERNEL); + if (!proxy_fops) { + r = -ENOMEM; + goto free_proxy; + } + __full_proxy_fops_init(proxy_fops, real_fops); + replace_fops(filp, proxy_fops); + + if (real_fops->open) { + r = real_fops->open(inode, filp); + + if (filp->f_op != proxy_fops) { + /* No protection against file removal anymore. */ + WARN(1, "debugfs file owner replaced proxy fops: %pd", + dentry); + goto free_proxy; + } + } + + goto out; +free_proxy: + kfree(proxy_fops); + fops_put(real_fops); +out: + debugfs_use_file_finish(srcu_idx); + return r; +} + +const struct file_operations debugfs_full_proxy_file_operations = { + .open = full_proxy_open, +}; + static struct dentry *debugfs_create_mode(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index f01e61932747..97149d770fdb 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -304,6 +304,37 @@ static struct dentry *end_creating(struct dentry *dentry) return dentry; } +static struct dentry *__debugfs_create_file(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *proxy_fops, + const struct file_operations *real_fops) +{ + struct dentry *dentry; + struct inode *inode; + + if (!(mode & S_IFMT)) + mode |= S_IFREG; + BUG_ON(!S_ISREG(mode)); + dentry = start_creating(name, parent); + + if (IS_ERR(dentry)) + return NULL; + + inode = debugfs_get_inode(dentry->d_sb); + if (unlikely(!inode)) + return failed_creating(dentry); + + inode->i_mode = mode; + inode->i_private = data; + + inode->i_fop = proxy_fops; + dentry->d_fsdata = (void *)real_fops; + + d_instantiate(dentry, inode); + fsnotify_create(d_inode(dentry->d_parent), dentry); + return end_creating(dentry); +} + /** * debugfs_create_file - create a file in the debugfs filesystem * @name: a pointer to a string containing the name of the file to create. @@ -334,33 +365,24 @@ struct dentry *debugfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops) { - struct dentry *dentry; - struct inode *inode; - - if (!(mode & S_IFMT)) - mode |= S_IFREG; - BUG_ON(!S_ISREG(mode)); - dentry = start_creating(name, parent); - - if (IS_ERR(dentry)) - return NULL; - - inode = debugfs_get_inode(dentry->d_sb); - if (unlikely(!inode)) - return failed_creating(dentry); - inode->i_mode = mode; - inode->i_private = data; + return __debugfs_create_file(name, mode, parent, data, + fops ? &debugfs_full_proxy_file_operations : + &debugfs_noop_file_operations, + fops); +} +EXPORT_SYMBOL_GPL(debugfs_create_file); - inode->i_fop = fops ? &debugfs_open_proxy_file_operations - : &debugfs_noop_file_operations; - dentry->d_fsdata = (void *)fops; +struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *fops) +{ - d_instantiate(dentry, inode); - fsnotify_create(d_inode(dentry->d_parent), dentry); - return end_creating(dentry); + return __debugfs_create_file(name, mode, parent, data, + fops ? &debugfs_open_proxy_file_operations : + &debugfs_noop_file_operations, + fops); } -EXPORT_SYMBOL_GPL(debugfs_create_file); /** * debugfs_create_file_size - create a file in the debugfs filesystem @@ -579,6 +601,7 @@ void debugfs_remove(struct dentry *dentry) mutex_unlock(&d_inode(parent)->i_mutex); if (!ret) simple_release_fs(&debugfs_mount, &debugfs_mount_count); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove); @@ -657,6 +680,7 @@ void debugfs_remove_recursive(struct dentry *dentry) if (!__debugfs_remove(child, parent)) simple_release_fs(&debugfs_mount, &debugfs_mount_count); mutex_unlock(&d_inode(parent)->i_mutex); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove_recursive); diff --git a/fs/debugfs/internal.h b/fs/debugfs/internal.h index c7aaa5cb6685..bba52634b995 100644 --- a/fs/debugfs/internal.h +++ b/fs/debugfs/internal.h @@ -13,12 +13,14 @@ #define _DEBUGFS_INTERNAL_H_ struct file_operations; -struct srcu_struct; /* declared over in file.c */ extern const struct file_operations debugfs_noop_file_operations; extern const struct file_operations debugfs_open_proxy_file_operations; +extern const struct file_operations debugfs_full_proxy_file_operations; -extern struct srcu_struct debugfs_srcu; +struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *fops); #endif /* _DEBUGFS_INTERNAL_H_ */ diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h index 6215d2852a3e..3b3177148b11 100644 --- a/include/linux/debugfs.h +++ b/include/linux/debugfs.h @@ -19,9 +19,11 @@ #include #include +#include struct device; struct file_operations; +struct srcu_struct; struct debugfs_blob_wrapper { void *data; @@ -41,6 +43,8 @@ struct debugfs_regset32 { extern struct dentry *arch_debugfs_dir; +extern struct srcu_struct debugfs_srcu; + #if defined(CONFIG_DEBUG_FS) struct dentry *debugfs_create_file(const char *name, umode_t mode, @@ -66,6 +70,11 @@ struct dentry *debugfs_create_automount(const char *name, void debugfs_remove(struct dentry *dentry); void debugfs_remove_recursive(struct dentry *dentry); +int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) + __acquires(&debugfs_srcu); + +void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu); + struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, const char *new_name); @@ -166,6 +175,17 @@ static inline void debugfs_remove(struct dentry *dentry) static inline void debugfs_remove_recursive(struct dentry *dentry) { } +static inline int debugfs_use_file_start(const struct dentry *dentry, + int *srcu_idx) + __acquires(&debugfs_srcu) +{ + return 0; +} + +static inline void debugfs_use_file_finish(int srcu_idx) + __releases(&debugfs_srcu) +{ } + static inline struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, char *new_name) { From patchwork Fri Jun 19 16:16:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313119 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBc3NLZzB3tw; Sat, 20 Jun 2020 02:19:04 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjI-0004EI-58; Fri, 19 Jun 2020 16:19:00 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJho-0002ss-KK for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:28 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhm-0003kO-Si for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:27 +0000 Received: by mail-io1-f72.google.com with SMTP id l22so7089977iob.23 for ; Fri, 19 Jun 2020 09:17:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HZuIsB9CDIGbnF51QhDyO1QPJww0jLruwzox58Orqwo=; b=Tm5KXPNSDUo4iCQlL+DTNG/IBgIyvO/fSekLku4Ou/Hh+nwFKP01XilBHs1LmqsWt3 Ny0Rj6dj/J4UhsCQ7X+MModye/0F/OcCWk7gEnK8qqZtCApQr8r4EnV31w3yVIKmBLs9 iL47kC6b5krFupQI9aQjSRoAL2hUINXgxzkE9VLL/ifoSTrbLYqhs1SUwaR7vWpm9jFn 3poXeAqyu2RnOSVxx1librX5qDZut3lxgAky1h9a1DyPvUDOk/wlZkvXx4YiN+0P+cqT k0FDVgmuqu+H0VcqFFKMBI18KwiU++6keOf7XV4e1AsGPPmwTASjexTrTD1to09IXulJ ILNA== X-Gm-Message-State: AOAM532asdEJaN0Q1hmemk5+0bUotYWbN+iCVTatT8W08EnwieFFPPRv DE8Q/2K1x/WXuYZVojygoXqBopruQk/2cTaQUrLphmcraiBrOAxJ4Ie2p00fr80cPeP2bvLjleo l28YUutXE2wRkFjOaqt9RMYQLGPrP7NdT7N1U/nYaGw== X-Received: by 2002:a6b:440d:: with SMTP id r13mr4889656ioa.95.1592583445658; Fri, 19 Jun 2020 09:17:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwjMozjSEAkurLxeN14tilCXliq+D3P3f7dFWxrpsNyJYjNLFz2GFI97C1mbYHveIzJ/LVL6g== X-Received: by 2002:a6b:440d:: with SMTP id r13mr4889630ioa.95.1592583445309; Fri, 19 Jun 2020 09:17:25 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id k5sm3312633ili.80.2020.06.19.09.17.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:24 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 50/57][B] debugfs: add support for self-protecting attribute file fops Date: Fri, 19 Jun 2020 11:16:14 -0500 Message-Id: <20200619161621.644540-51-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 In order to protect them against file removal issues, debugfs_create_file() creates a lifetime managing proxy around each struct file_operations handed in. In cases where this struct file_operations is able to manage file lifetime by itself already, the proxy created by debugfs is a waste of resources. The most common class of struct file_operations given to debugfs are those defined by means of the DEFINE_SIMPLE_ATTRIBUTE() macro. Introduce a DEFINE_DEBUGFS_ATTRIBUTE() macro to allow any struct file_operations of this class to be easily made file lifetime aware and thus, to be operated unproxied. Specifically, introduce debugfs_attr_read() and debugfs_attr_write() which wrap simple_attr_read() and simple_attr_write() under the protection of a debugfs_use_file_start()/debugfs_use_file_finish() pair. Make DEFINE_DEBUGFS_ATTRIBUTE() set the defined struct file_operations' ->read() and ->write() members to these wrappers. Export debugfs_create_file_unsafe() in order to allow debugfs users to create their files in non-proxying operation mode. Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit c64688081490321f2d23a292ef24e60bb321f3f1) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 28 ++++++++++++++++++++++++++++ fs/debugfs/inode.c | 28 ++++++++++++++++++++++++++++ include/linux/debugfs.h | 26 ++++++++++++++++++++++++++ 3 files changed, 82 insertions(+) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 6eb58a8ed03c..8ef56d9499a4 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -284,6 +284,34 @@ const struct file_operations debugfs_full_proxy_file_operations = { .open = full_proxy_open, }; +ssize_t debugfs_attr_read(struct file *file, char __user *buf, + size_t len, loff_t *ppos) +{ + ssize_t ret; + int srcu_idx; + + ret = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!ret)) + ret = simple_attr_read(file, buf, len, ppos); + debugfs_use_file_finish(srcu_idx); + return ret; +} +EXPORT_SYMBOL_GPL(debugfs_attr_read); + +ssize_t debugfs_attr_write(struct file *file, const char __user *buf, + size_t len, loff_t *ppos) +{ + ssize_t ret; + int srcu_idx; + + ret = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!ret)) + ret = simple_attr_write(file, buf, len, ppos); + debugfs_use_file_finish(srcu_idx); + return ret; +} +EXPORT_SYMBOL_GPL(debugfs_attr_write); + static struct dentry *debugfs_create_mode(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index 97149d770fdb..72f3052f61c5 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -373,6 +373,33 @@ struct dentry *debugfs_create_file(const char *name, umode_t mode, } EXPORT_SYMBOL_GPL(debugfs_create_file); +/** + * debugfs_create_file_unsafe - create a file in the debugfs filesystem + * @name: a pointer to a string containing the name of the file to create. + * @mode: the permission that the file should have. + * @parent: a pointer to the parent dentry for this file. This should be a + * directory dentry if set. If this parameter is NULL, then the + * file will be created in the root of the debugfs filesystem. + * @data: a pointer to something that the caller will want to get to later + * on. The inode.i_private pointer will point to this value on + * the open() call. + * @fops: a pointer to a struct file_operations that should be used for + * this file. + * + * debugfs_create_file_unsafe() is completely analogous to + * debugfs_create_file(), the only difference being that the fops + * handed it will not get protected against file removals by the + * debugfs core. + * + * It is your responsibility to protect your struct file_operation + * methods against file removals by means of debugfs_use_file_start() + * and debugfs_use_file_finish(). ->open() is still protected by + * debugfs though. + * + * Any struct file_operations defined by means of + * DEFINE_DEBUGFS_ATTRIBUTE() is protected against file removals and + * thus, may be used here. + */ struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops) @@ -383,6 +410,7 @@ struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, &debugfs_noop_file_operations, fops); } +EXPORT_SYMBOL_GPL(debugfs_create_file_unsafe); /** * debugfs_create_file_size - create a file in the debugfs filesystem diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h index 3b3177148b11..008083421fa9 100644 --- a/include/linux/debugfs.h +++ b/include/linux/debugfs.h @@ -50,6 +50,9 @@ extern struct srcu_struct debugfs_srcu; struct dentry *debugfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops); +struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *fops); struct dentry *debugfs_create_file_size(const char *name, umode_t mode, struct dentry *parent, void *data, @@ -75,6 +78,26 @@ int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu); +ssize_t debugfs_attr_read(struct file *file, char __user *buf, + size_t len, loff_t *ppos); +ssize_t debugfs_attr_write(struct file *file, const char __user *buf, + size_t len, loff_t *ppos); + +#define DEFINE_DEBUGFS_ATTRIBUTE(__fops, __get, __set, __fmt) \ +static int __fops ## _open(struct inode *inode, struct file *file) \ +{ \ + __simple_attr_check_format(__fmt, 0ull); \ + return simple_attr_open(inode, file, __get, __set, __fmt); \ +} \ +static const struct file_operations __fops = { \ + .owner = THIS_MODULE, \ + .open = __fops ## _open, \ + .release = simple_attr_release, \ + .read = debugfs_attr_read, \ + .write = debugfs_attr_write, \ + .llseek = generic_file_llseek, \ +} + struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, const char *new_name); @@ -186,6 +209,9 @@ static inline void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) { } +#define DEFINE_DEBUGFS_ATTRIBUTE(__fops, __get, __set, __fmt) \ + static const struct file_operations __fops = { 0 } + static inline struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, char *new_name) { From patchwork Fri Jun 19 16:16:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313120 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBf2yNwzB47H; Sat, 20 Jun 2020 02:19:06 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjJ-0004Fx-Lj; Fri, 19 Jun 2020 16:19:01 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhq-0002uK-K4 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:30 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJho-0003kY-VW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:29 +0000 Received: by mail-io1-f69.google.com with SMTP id l22so7090057iob.23 for ; Fri, 19 Jun 2020 09:17:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fVvDiICdHPyAgpj2dmKxXXYbP6jDr0PxMtWuLjcaTAo=; b=D3i8jag9B+7apIvx5APQmuStQP2oK2i/6Vk3bg1YuqHIn5qgelL4bN4e3wnu3o0UNe 7z2ma9iXb53+IYbDmL6X7sSDFYCh4eT0XUAt4BoKO8aQ0yyP+2/udaiaMTBiD2R2gGpk 1Kc1kM8lI/Ho5zy3nhfU+mi80Jq0d8PydJVwCoyIqVJ60nyGfy2hDKAmt8e6ueu4vQSC tut9MebiTosE/X/pUSg3vRs1vShpLgUgZLL+XphhoF00Do0Kp/vsTkGUmrHRuMdzDOGC UX79kz6Ech8gsdJbogtyYvLTcpohnlSxwVwtol1trfuHzDdfsXYrV02cMF9MlkDGdykf T0Xg== X-Gm-Message-State: AOAM531j1t0C2K3jTlwY988i/cvZJVAPl/pwa2aA+Kl4ME0Vbm9JovM8 1U4iJW2Xc+SVeqIUQ+8Za95mKu7em+PQY7l5N6BSvQdZIG42rp/9FrMhjUdP50mqDyYvHxuMTM/ vWCY6s/J84og/nwCDbXPsB8YVFuN148IGJbwiJKaZVw== X-Received: by 2002:a05:6e02:543:: with SMTP id i3mr3963245ils.63.1592583446984; Fri, 19 Jun 2020 09:17:26 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyRaGS9u4vWlUTmxB5lySmJOOR6q9SkPnBUIc0vrbnmXIEqIGklW5cwj5+XH5aJIjlu3I8Xnw== X-Received: by 2002:a05:6e02:543:: with SMTP id i3mr3963219ils.63.1592583446589; Fri, 19 Jun 2020 09:17:26 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r10sm3465867ile.36.2020.06.19.09.17.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:25 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 51/57][B] debugfs: unproxify integer attribute files Date: Fri, 19 Jun 2020 11:16:15 -0500 Message-Id: <20200619161621.644540-52-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Currently, the struct file_operations associated with the integer attribute style files created through the debugfs_create_*() helpers are not file lifetime aware as they are defined by means of DEFINE_SIMPLE_ATTRIBUTE(). Thus, a lifetime managing proxy is created around the original fops each time such a file is opened which is an unnecessary waste of resources. Migrate all usages of DEFINE_SIMPLE_ATTRIBUTE() within debugfs itself to DEFINE_DEBUGFS_ATTRIBUTE() in order to implement file lifetime managing within the struct file_operations thus defined. Introduce the debugfs_create_mode_unsafe() helper, analogous to debugfs_create_mode(), but distinct in that it creates the files in non-proxying operation mode through debugfs_create_file_unsafe(). Feed all struct file_operations migrated to DEFINE_DEBUGFS_ATTRIBUTE() into debugfs_create_mode_unsafe() instead of former debugfs_create_mode(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 4909f168104b24f592fb8d502e2a6520346a3927) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 123 ++++++++++++++++++++++++++++------------------ 1 file changed, 75 insertions(+), 48 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 8ef56d9499a4..4b3967e86e97 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -328,6 +328,24 @@ static struct dentry *debugfs_create_mode(const char *name, umode_t mode, return debugfs_create_file(name, mode, parent, value, fops); } +static struct dentry *debugfs_create_mode_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *value, + const struct file_operations *fops, + const struct file_operations *fops_ro, + const struct file_operations *fops_wo) +{ + /* if there are no write bits set, make read only */ + if (!(mode & S_IWUGO)) + return debugfs_create_file_unsafe(name, mode, parent, value, + fops_ro); + /* if there are no read bits set, make write only */ + if (!(mode & S_IRUGO)) + return debugfs_create_file_unsafe(name, mode, parent, value, + fops_wo); + + return debugfs_create_file_unsafe(name, mode, parent, value, fops); +} + static int debugfs_u8_set(void *data, u64 val) { *(u8 *)data = val; @@ -338,9 +356,9 @@ static int debugfs_u8_get(void *data, u64 *val) *val = *(u8 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u8, debugfs_u8_get, debugfs_u8_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u8_ro, debugfs_u8_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u8_wo, NULL, debugfs_u8_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u8, debugfs_u8_get, debugfs_u8_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u8_ro, debugfs_u8_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u8_wo, NULL, debugfs_u8_set, "%llu\n"); /** * debugfs_create_u8 - create a debugfs file that is used to read and write an unsigned 8-bit value @@ -369,7 +387,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u8_wo, NULL, debugfs_u8_set, "%llu\n"); struct dentry *debugfs_create_u8(const char *name, umode_t mode, struct dentry *parent, u8 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u8, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u8, &fops_u8_ro, &fops_u8_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u8); @@ -384,9 +402,9 @@ static int debugfs_u16_get(void *data, u64 *val) *val = *(u16 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u16, debugfs_u16_get, debugfs_u16_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u16_ro, debugfs_u16_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u16_wo, NULL, debugfs_u16_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u16, debugfs_u16_get, debugfs_u16_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u16_ro, debugfs_u16_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u16_wo, NULL, debugfs_u16_set, "%llu\n"); /** * debugfs_create_u16 - create a debugfs file that is used to read and write an unsigned 16-bit value @@ -415,7 +433,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u16_wo, NULL, debugfs_u16_set, "%llu\n"); struct dentry *debugfs_create_u16(const char *name, umode_t mode, struct dentry *parent, u16 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u16, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u16, &fops_u16_ro, &fops_u16_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u16); @@ -430,9 +448,9 @@ static int debugfs_u32_get(void *data, u64 *val) *val = *(u32 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u32, debugfs_u32_get, debugfs_u32_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u32_ro, debugfs_u32_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u32_wo, NULL, debugfs_u32_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u32, debugfs_u32_get, debugfs_u32_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u32_ro, debugfs_u32_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u32_wo, NULL, debugfs_u32_set, "%llu\n"); /** * debugfs_create_u32 - create a debugfs file that is used to read and write an unsigned 32-bit value @@ -461,7 +479,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u32_wo, NULL, debugfs_u32_set, "%llu\n"); struct dentry *debugfs_create_u32(const char *name, umode_t mode, struct dentry *parent, u32 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u32, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u32, &fops_u32_ro, &fops_u32_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u32); @@ -477,9 +495,9 @@ static int debugfs_u64_get(void *data, u64 *val) *val = *(u64 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u64, debugfs_u64_get, debugfs_u64_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u64_ro, debugfs_u64_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u64_wo, NULL, debugfs_u64_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u64, debugfs_u64_get, debugfs_u64_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u64_ro, debugfs_u64_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u64_wo, NULL, debugfs_u64_set, "%llu\n"); /** * debugfs_create_u64 - create a debugfs file that is used to read and write an unsigned 64-bit value @@ -508,7 +526,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u64_wo, NULL, debugfs_u64_set, "%llu\n"); struct dentry *debugfs_create_u64(const char *name, umode_t mode, struct dentry *parent, u64 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u64, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u64, &fops_u64_ro, &fops_u64_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u64); @@ -524,9 +542,10 @@ static int debugfs_ulong_get(void *data, u64 *val) *val = *(unsigned long *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_ulong, debugfs_ulong_get, debugfs_ulong_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_ulong_ro, debugfs_ulong_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_ulong_wo, NULL, debugfs_ulong_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_ulong, debugfs_ulong_get, debugfs_ulong_set, + "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_ulong_ro, debugfs_ulong_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_ulong_wo, NULL, debugfs_ulong_set, "%llu\n"); /** * debugfs_create_ulong - create a debugfs file that is used to read and write @@ -556,26 +575,30 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_ulong_wo, NULL, debugfs_ulong_set, "%llu\n"); struct dentry *debugfs_create_ulong(const char *name, umode_t mode, struct dentry *parent, unsigned long *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_ulong, - &fops_ulong_ro, &fops_ulong_wo); + return debugfs_create_mode_unsafe(name, mode, parent, value, + &fops_ulong, &fops_ulong_ro, + &fops_ulong_wo); } EXPORT_SYMBOL_GPL(debugfs_create_ulong); -DEFINE_SIMPLE_ATTRIBUTE(fops_x8, debugfs_u8_get, debugfs_u8_set, "0x%02llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x8_ro, debugfs_u8_get, NULL, "0x%02llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x8_wo, NULL, debugfs_u8_set, "0x%02llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x8, debugfs_u8_get, debugfs_u8_set, "0x%02llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x8_ro, debugfs_u8_get, NULL, "0x%02llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x8_wo, NULL, debugfs_u8_set, "0x%02llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x16, debugfs_u16_get, debugfs_u16_set, "0x%04llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x16_ro, debugfs_u16_get, NULL, "0x%04llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x16_wo, NULL, debugfs_u16_set, "0x%04llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x16, debugfs_u16_get, debugfs_u16_set, + "0x%04llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x16_ro, debugfs_u16_get, NULL, "0x%04llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x16_wo, NULL, debugfs_u16_set, "0x%04llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x32, debugfs_u32_get, debugfs_u32_set, "0x%08llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x32_ro, debugfs_u32_get, NULL, "0x%08llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x32_wo, NULL, debugfs_u32_set, "0x%08llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x32, debugfs_u32_get, debugfs_u32_set, + "0x%08llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x32_ro, debugfs_u32_get, NULL, "0x%08llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x32_wo, NULL, debugfs_u32_set, "0x%08llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x64, debugfs_u64_get, debugfs_u64_set, "0x%016llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x64_ro, debugfs_u64_get, NULL, "0x%016llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x64_wo, NULL, debugfs_u64_set, "0x%016llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x64, debugfs_u64_get, debugfs_u64_set, + "0x%016llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x64_ro, debugfs_u64_get, NULL, "0x%016llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x64_wo, NULL, debugfs_u64_set, "0x%016llx\n"); /* * debugfs_create_x{8,16,32,64} - create a debugfs file that is used to read and write an unsigned {8,16,32,64}-bit value @@ -598,7 +621,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_x64_wo, NULL, debugfs_u64_set, "0x%016llx\n"); struct dentry *debugfs_create_x8(const char *name, umode_t mode, struct dentry *parent, u8 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x8, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x8, &fops_x8_ro, &fops_x8_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x8); @@ -616,7 +639,7 @@ EXPORT_SYMBOL_GPL(debugfs_create_x8); struct dentry *debugfs_create_x16(const char *name, umode_t mode, struct dentry *parent, u16 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x16, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x16, &fops_x16_ro, &fops_x16_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x16); @@ -634,7 +657,7 @@ EXPORT_SYMBOL_GPL(debugfs_create_x16); struct dentry *debugfs_create_x32(const char *name, umode_t mode, struct dentry *parent, u32 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x32, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x32, &fops_x32_ro, &fops_x32_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x32); @@ -652,7 +675,7 @@ EXPORT_SYMBOL_GPL(debugfs_create_x32); struct dentry *debugfs_create_x64(const char *name, umode_t mode, struct dentry *parent, u64 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x64, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x64, &fops_x64_ro, &fops_x64_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x64); @@ -668,10 +691,10 @@ static int debugfs_size_t_get(void *data, u64 *val) *val = *(size_t *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_size_t, debugfs_size_t_get, debugfs_size_t_set, - "%llu\n"); /* %llu and %zu are more or less the same */ -DEFINE_SIMPLE_ATTRIBUTE(fops_size_t_ro, debugfs_size_t_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_size_t_wo, NULL, debugfs_size_t_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_size_t, debugfs_size_t_get, debugfs_size_t_set, + "%llu\n"); /* %llu and %zu are more or less the same */ +DEFINE_DEBUGFS_ATTRIBUTE(fops_size_t_ro, debugfs_size_t_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_size_t_wo, NULL, debugfs_size_t_set, "%llu\n"); /** * debugfs_create_size_t - create a debugfs file that is used to read and write an size_t value @@ -686,8 +709,9 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_size_t_wo, NULL, debugfs_size_t_set, "%llu\n"); struct dentry *debugfs_create_size_t(const char *name, umode_t mode, struct dentry *parent, size_t *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_size_t, - &fops_size_t_ro, &fops_size_t_wo); + return debugfs_create_mode_unsafe(name, mode, parent, value, + &fops_size_t, &fops_size_t_ro, + &fops_size_t_wo); } EXPORT_SYMBOL_GPL(debugfs_create_size_t); @@ -701,10 +725,12 @@ static int debugfs_atomic_t_get(void *data, u64 *val) *val = atomic_read((atomic_t *)data); return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t, debugfs_atomic_t_get, +DEFINE_DEBUGFS_ATTRIBUTE(fops_atomic_t, debugfs_atomic_t_get, debugfs_atomic_t_set, "%lld\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t_ro, debugfs_atomic_t_get, NULL, "%lld\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t_wo, NULL, debugfs_atomic_t_set, "%lld\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_atomic_t_ro, debugfs_atomic_t_get, NULL, + "%lld\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_atomic_t_wo, NULL, debugfs_atomic_t_set, + "%lld\n"); /** * debugfs_create_atomic_t - create a debugfs file that is used to read and @@ -720,8 +746,9 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t_wo, NULL, debugfs_atomic_t_set, "%lld\n"); struct dentry *debugfs_create_atomic_t(const char *name, umode_t mode, struct dentry *parent, atomic_t *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_atomic_t, - &fops_atomic_t_ro, &fops_atomic_t_wo); + return debugfs_create_mode_unsafe(name, mode, parent, value, + &fops_atomic_t, &fops_atomic_t_ro, + &fops_atomic_t_wo); } EXPORT_SYMBOL_GPL(debugfs_create_atomic_t); From patchwork Fri Jun 19 16:16:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313121 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBh31N6zB3th; Sat, 20 Jun 2020 02:19:08 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjL-0004IJ-Ch; Fri, 19 Jun 2020 16:19:03 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhq-0002uM-LE for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:30 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhp-0003kZ-3i for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:29 +0000 Received: by mail-il1-f197.google.com with SMTP id c11so6824302ilq.0 for ; Fri, 19 Jun 2020 09:17:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hwPoeli+qzwZJfZXH+AlISZky/JO0Rc4ZflE8juiyA4=; b=tq9SlCrvYUYnDsqeinoGVkor0+P1QA8NO07Rwe+hMLtiQ1/oSMGfPqGA0gJTrD4q0V DUl8TFmE43sSLl1CwEdhU3LP3Jn4gA6Gi4u7azwBhlDdFZBdtzA26cyvZbPMVbvodeh2 JFVQf7q8kAGEbe2rGiuXzswFiQR7jMYXEcD+znpLerAHE8fWVlenSX1iQz1m1C/ge8JW b5vhzHRt1rTwdyrJjvocUPD+wFw3TEP1wWOy1K2unusYQQbBXwhegPT1/9TWg68yHRaa A03JkJIHC3liZE1Suxv273N0qLma7R8rwlS8X22FSwYHEvz6u0PhO/HuJKtSEjeiNTvR x2SA== X-Gm-Message-State: AOAM5311ivoNAAWmwiZ9i96gs1pLhtmWibmBbVG3Y60fQw4TaQROTCc/ VuS6EjRwGeb20Q62Mz5ooAM040ce/5HqC9gz9lEzgT8lw/MwMt1o9QwyD3PBj6eefWWjlANL18G a7UEp3IHv1dq1hzkIG+bvitRBCMQx1aIYhuf1yEfYBw== X-Received: by 2002:a92:4899:: with SMTP id j25mr4591267ilg.168.1592583447909; Fri, 19 Jun 2020 09:17:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxzz9ky9nEWHgHajezYkP9yQZTwVENE17JA7Jx2gyu7qURsWszDgJLvg3vnY/orVSqhaMSmSA== X-Received: by 2002:a92:4899:: with SMTP id j25mr4591245ilg.168.1592583447623; Fri, 19 Jun 2020 09:17:27 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id i14sm118604ioa.32.2020.06.19.09.17.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:27 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 52/57][B] debugfs: unproxify files created through debugfs_create_bool() Date: Fri, 19 Jun 2020 11:16:16 -0500 Message-Id: <20200619161621.644540-53-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Currently, the struct file_operations fops_bool associated with files created through the debugfs_create_bool() helpers are not file lifetime aware. Thus, a lifetime managing proxy is created around fops_bool each time such a file is opened which is an unnecessary waste of resources. Implement file lifetime management for the fops_bool file_operations. Namely, make debugfs_read_file_bool() and debugfs_write_file_bool() safe against file removals by means of debugfs_use_file_start() and debugfs_use_file_finish(). Make debugfs_create_bool() create its files in non-proxying operation mode through debugfs_create_mode_unsafe(). Finally, purge debugfs_create_mode() as debugfs_create_bool() had been its last user. Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 4d45f7974ccf0aa783034fef2661573b3a28609e) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 4b3967e86e97..8a548bee1b3d 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -312,22 +312,6 @@ ssize_t debugfs_attr_write(struct file *file, const char __user *buf, } EXPORT_SYMBOL_GPL(debugfs_attr_write); -static struct dentry *debugfs_create_mode(const char *name, umode_t mode, - struct dentry *parent, void *value, - const struct file_operations *fops, - const struct file_operations *fops_ro, - const struct file_operations *fops_wo) -{ - /* if there are no write bits set, make read only */ - if (!(mode & S_IWUGO)) - return debugfs_create_file(name, mode, parent, value, fops_ro); - /* if there are no read bits set, make write only */ - if (!(mode & S_IRUGO)) - return debugfs_create_file(name, mode, parent, value, fops_wo); - - return debugfs_create_file(name, mode, parent, value, fops); -} - static struct dentry *debugfs_create_mode_unsafe(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, @@ -756,9 +740,17 @@ ssize_t debugfs_read_file_bool(struct file *file, char __user *user_buf, size_t count, loff_t *ppos) { char buf[3]; - bool *val = file->private_data; + bool val; + int r, srcu_idx; + + r = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!r)) + val = *(bool *)file->private_data; + debugfs_use_file_finish(srcu_idx); + if (r) + return r; - if (*val) + if (val) buf[0] = 'Y'; else buf[0] = 'N'; @@ -774,6 +766,7 @@ ssize_t debugfs_write_file_bool(struct file *file, const char __user *user_buf, char buf[32]; size_t buf_size; bool bv; + int r, srcu_idx; bool *val = file->private_data; buf_size = min(count, (sizeof(buf)-1)); @@ -781,8 +774,14 @@ ssize_t debugfs_write_file_bool(struct file *file, const char __user *user_buf, return -EFAULT; buf[buf_size] = '\0'; - if (strtobool(buf, &bv) == 0) - *val = bv; + if (strtobool(buf, &bv) == 0) { + r = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!r)) + *val = bv; + debugfs_use_file_finish(srcu_idx); + if (r) + return r; + } return count; } @@ -834,7 +833,7 @@ static const struct file_operations fops_bool_wo = { struct dentry *debugfs_create_bool(const char *name, umode_t mode, struct dentry *parent, bool *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_bool, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_bool, &fops_bool_ro, &fops_bool_wo); } EXPORT_SYMBOL_GPL(debugfs_create_bool); From patchwork Fri Jun 19 16:16:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313118 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBZ2qwmzB47d; Sat, 20 Jun 2020 02:19:02 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjF-0004BC-Jh; Fri, 19 Jun 2020 16:18:57 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhr-0002vJ-R3 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:31 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhq-0003kh-Cp for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:30 +0000 Received: by mail-il1-f197.google.com with SMTP id x63so6767235ilk.8 for ; Fri, 19 Jun 2020 09:17:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=XzwOXmbfK6RgJET7yluQITNNBvpNYT1x45HKFsZumcM=; b=XJ9HHcU8nZFHCQLd14XiwoWR+NX9KZD2QZF7Fpaqbr5uAshz4VO5AfMbu4zO3/vc8J gOjcUpKDuVq7F41ov/8AYGXmaVK56GzzZ8X65URUjx1DixNoyykqcaNq+fjD19gL+cbZ FRWpwSgEmtmzcH59oyCJvWq7el/JYuYZ81IoCsEVJyDbzHEOxokRW+sx+lOfcZPUWXcw RrrbCqc+/uXQRrJTmlVmMG2Uh5deaoEjnJG2qBWcAHgwkJbwP2eGlABXViQ1+M1z3HmM 1eO2XI8bo/kGhcdPz7mM3GajG8uB5sQzbPpI+nBCIkm9vbhbPrVnqjJP5ern6TWHzGDu 0Vbg== X-Gm-Message-State: AOAM533tZPXeWqVxEX4bgx7jBJbRl0y7BoDrqSKdoti3HnzSRLH1DhZx aHHcZjjnKGam2K7sd0kbX5xz/0KuH55B0vAFsP4WLBpcuInKTWHq+K+gv4H7P9whxIbobIkOCWD 1LuSULkPntm39ViPBaxKEl/Hl1nojEDtE/xLrdIst0A== X-Received: by 2002:a05:6638:bd4:: with SMTP id g20mr4452252jad.92.1592583449281; Fri, 19 Jun 2020 09:17:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzSCfeJfOT802nVVpd5Xbd26x5tMdK/oGoPwfNx6nwHuB5a6nwCg2IAZQ4q3DsBh5LOk+Comw== X-Received: by 2002:a05:6638:bd4:: with SMTP id g20mr4452234jad.92.1592583448956; Fri, 19 Jun 2020 09:17:28 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id u1sm3494814iol.42.2020.06.19.09.17.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:28 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 53/57][B] debugfs: unproxify files created through debugfs_create_blob() Date: Fri, 19 Jun 2020 11:16:17 -0500 Message-Id: <20200619161621.644540-54-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Currently, the struct file_operations fops_blob associated with files created through the debugfs_create_blob() helpers are not file lifetime aware. Thus, a lifetime managing proxy is created around fops_blob each time such a file is opened which is an unnecessary waste of resources. Implement file lifetime management for the fops_bool file_operations. Namely, make read_file_blob() safe gainst file removals by means of debugfs_use_file_start() and debugfs_use_file_finish(). Make debugfs_create_blob() create its files in non-proxying operation mode by means of debugfs_create_file_unsafe(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 83b711cbf4ff42a9996c5f092762b3967d307d73) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 8a548bee1b3d..2e86d66f7850 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -842,8 +842,15 @@ static ssize_t read_file_blob(struct file *file, char __user *user_buf, size_t count, loff_t *ppos) { struct debugfs_blob_wrapper *blob = file->private_data; - return simple_read_from_buffer(user_buf, count, ppos, blob->data, - blob->size); + ssize_t r; + int srcu_idx; + + r = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!r)) + r = simple_read_from_buffer(user_buf, count, ppos, blob->data, + blob->size); + debugfs_use_file_finish(srcu_idx); + return r; } static const struct file_operations fops_blob = { @@ -880,7 +887,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode, struct dentry *parent, struct debugfs_blob_wrapper *blob) { - return debugfs_create_file(name, mode, parent, blob, &fops_blob); + return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob); } EXPORT_SYMBOL_GPL(debugfs_create_blob); From patchwork Fri Jun 19 16:16:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313124 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBm4BkCzB3ts; Sat, 20 Jun 2020 02:19:12 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjP-0004NG-Cs; Fri, 19 Jun 2020 16:19:07 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJht-0002wE-6e for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:33 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhr-0003kr-N3 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:31 +0000 Received: by mail-io1-f69.google.com with SMTP id x2so7163911iof.0 for ; Fri, 19 Jun 2020 09:17:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hyVHJKie/5Sw3NQbB0E04ssa1p3ARWri39eh4JiTFU8=; b=Vw5qql5Snr0wglbRpgh6ESbchryD3E4bzJYVQIIlZvApbMROb5MJS2RcY3qNjOQeUc U04yvM+HG2oZ6Oqf9SUULjfznETX3hytU0qhUMG+X292R2wUdqifB8CcyQH+S+FJv/ZB qfG4ciiXf7UpRgAw9L+D94dZZ9U40RCi2MOwbp2OugFE4DqauRT9Jgtom9Pw0kCuhDnI bHvjJMLehUbMuhRxTxKn9+id4ijxZh5OgaDeRIs9GfdxIsv5+T5gHT13K4Gw3B1nJ2UE s//M1JOfKfjKRIwKFkHr7vMic4eQYKWpJwNnrlqs3mXQ+bSmZRYXc2lywDha++IhUNdL 9Nqg== X-Gm-Message-State: AOAM531vJVCjWIl8vcAi+uwgZnxi2h3p4c6+liUuuQjEf9LMaSCs9ILI DzKcYk62YqsbD7Z+qDC39MICghKO4Z16nt7v+GXjQ1O6aRH8v0ppouukmyKNIpNE3zyo20oTAm0 3bN2r5xLtpEDEH9mvH/RfL8dwUrfXqe1Mi9PhWBJWWA== X-Received: by 2002:a5d:9cc2:: with SMTP id w2mr5245992iow.42.1592583450538; Fri, 19 Jun 2020 09:17:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyHm4HvhI0gc3h/silWAa8IpKSwob07QehWvqx9631ZRuNdUQqQgk/2gkAXCtmo50PhIO7r3w== X-Received: by 2002:a5d:9cc2:: with SMTP id w2mr5245974iow.42.1592583450327; Fri, 19 Jun 2020 09:17:30 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n17sm3384199iom.22.2020.06.19.09.17.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:29 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 54/57][B] debugfs: unproxify files created through debugfs_create_u32_array() Date: Fri, 19 Jun 2020 11:16:18 -0500 Message-Id: <20200619161621.644540-55-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 The struct file_operations u32_array_fops associated with files created through debugfs_create_u32_array() has been lifetime aware already: everything needed for subsequent operation is copied to a ->f_private buffer at file opening time in u32_array_open(). Now, ->open() is always protected against file removal issues by the debugfs core. There is no need for the debugfs core to wrap the u32_array_fops with a file lifetime managing proxy. Make debugfs_create_u32_array() create its files in non-proxying operation mode by means of debugfs_create_file_unsafe(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit c4a74f63dfd2e75e7d40a9aaa4052b0ef26e617c) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 2e86d66f7850..9c1c9a01b7e5 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -992,7 +992,8 @@ struct dentry *debugfs_create_u32_array(const char *name, umode_t mode, data->array = array; data->elements = elements; - return debugfs_create_file(name, mode, parent, data, &u32_array_fops); + return debugfs_create_file_unsafe(name, mode, parent, data, + &u32_array_fops); } EXPORT_SYMBOL_GPL(debugfs_create_u32_array); From patchwork Fri Jun 19 16:16:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313125 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBn6JH0zB47c; Sat, 20 Jun 2020 02:19:13 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjR-0004Pj-N1; Fri, 19 Jun 2020 16:19:09 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhu-0002xw-Jf for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:34 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJht-0003kx-8C for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:33 +0000 Received: by mail-il1-f199.google.com with SMTP id o12so6822410ilf.6 for ; Fri, 19 Jun 2020 09:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GW8aNucHHFLoEUw3v2p4Pf8Cy1GhbghS0McjHxyj78c=; b=QXHWLrt+RRk6ZRlHUaEueDQtOuy0g7OBTPPmSpgh4flyQDrlzrU7Ux4OeF9c+it+U6 Wlo3vwk9j65FEev6L7ebLd0Ll8pr2Qb0qbSiZlczA5NGWf/rIbnvF/bu0+dwiY5qwMmu W9LzNskaURrvyX2FjSvxegAkc04SZVECxdO18bxRHE+lymMfI9aYvL0CfH5OM8O+t8wg zrW/fX3uaeMFCoHKSYJRobuG7ikjt8V61AWLMis2aZCbadRpkDPVYvumnIhTP/oV7rhJ mc6RvRmkTzhBoRWPO7w06QzYkJbTU+zuRZzce+WaA9EY9WhwbVri1PRQyl+v/vMopFhB s0Bg== X-Gm-Message-State: AOAM5339UgSiiDN4TN+xeukL9cKFjTz75qXDsWaNgbYL1+f3Amduhrcv D3BW0BwjEffW/bOHGCy8AfiKrKTM0u5iu4bUFIN8/fmQM+3mqhrGBXw0jFd+qkH0ZAIC9utu1vt mM6zlvxnWUTslekDYZYeDUG8QB73fqW3LaBcrodv1rA== X-Received: by 2002:a05:6602:2f0f:: with SMTP id q15mr5261100iow.23.1592583451741; Fri, 19 Jun 2020 09:17:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwRkfbQIboKcGjExLu780OJh+tJsuL2y19WdWbAg3hCLinwLr5erfiL+gWyapSmlHf8jyQC5g== X-Received: by 2002:a05:6602:2f0f:: with SMTP id q15mr5261077iow.23.1592583451446; Fri, 19 Jun 2020 09:17:31 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id b9sm3284964ils.84.2020.06.19.09.17.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:31 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 55/57][B] debugfs: full_proxy_open(): free proxy on ->open() failure Date: Fri, 19 Jun 2020 11:16:19 -0500 Message-Id: <20200619161621.644540-56-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Debugfs' full_proxy_open(), the ->open() installed at all inodes created through debugfs_create_file(), - grabs a reference to the original struct file_operations instance passed to debugfs_create_file(), - dynamically allocates a proxy struct file_operations instance wrapping the original - and installs this at the file's ->f_op. Afterwards, it calls the original ->open() and passes its return value back to the VFS layer. Now, if that return value indicates failure, the VFS layer won't ever call ->release() and thus, neither the reference to the original file_operations nor the memory for the proxy file_operations will get released, i.e. both are leaked. Upon failure of the original fops' ->open(), undo the proxy installation. That is: - Set the struct file ->f_op to what it had been when full_proxy_open() was entered. - Drop the reference to the original file_operations. - Free the memory holding the proxy file_operations. Fixes: 49d200deaa68 ("debugfs: prevent access to removed files' private data") Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit b10e3e90485e32e4cea9e35d2295ee7bffaeff73) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 9c1c9a01b7e5..d1ec80331414 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -262,8 +262,10 @@ static int full_proxy_open(struct inode *inode, struct file *filp) if (real_fops->open) { r = real_fops->open(inode, filp); - - if (filp->f_op != proxy_fops) { + if (r) { + replace_fops(filp, d_inode(dentry)->i_fop); + goto free_proxy; + } else if (filp->f_op != proxy_fops) { /* No protection against file removal anymore. */ WARN(1, "debugfs file owner replaced proxy fops: %pd", dentry); From patchwork Fri Jun 19 16:16:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313126 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBr4XgkzB47g; Sat, 20 Jun 2020 02:19:16 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjU-0004Tf-8s; Fri, 19 Jun 2020 16:19:12 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhw-0002yj-Dd for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:36 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJht-0003l5-Vf for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:34 +0000 Received: by mail-io1-f71.google.com with SMTP id r19so851587iod.6 for ; Fri, 19 Jun 2020 09:17:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=iXVclPAD8uNllTdfblB19QyRLXGDcDn+13nF6xefZYo=; b=RghKtAt1k+QJBhqGK90+a7YNDGDcfMAN2/eiKKXzLP6DMrfLV3hQHzh9/37rBZGzwl c7DaygRVSQKLjoACipZyl39p0od5GGJoQBiVqXovjUR1wdDvz9KGveuB32LOxDei3s1s H3IuoGlZKsP+nOZHhkEUvE62SJERFn4EWzzUW/iadwP2GUR+JdW+SpLI6M/tKRr06o93 IUVGyQQFnGLqf8TryJ4iRFM9eqPVbGvqp2U+MLfmwOQh5+isaBunXFy/ciXrMqSn4w8Y vMozstsuVVw1eQh4CFtvZm57A7uT97UIhWBBLRUv1MhoPvGFCYFj/RQpQ48kkbKZI/pX glRQ== X-Gm-Message-State: AOAM531ryCmA7zbtpeDLEQj46XrTTPuCGxXfKyalpNFj+rd/87xvoexR zOKaU62DNTGJJkdmN5bDL5Vs29YxtHsooyWapq/ixVv1suDrlDyWAOQLMwU1jnsDnRZ+T4SgNqW QmF8WmKQwpRJWhpc99f3Xobw9Fv+KjVcJr1FceZWQ2w== X-Received: by 2002:a02:ce38:: with SMTP id v24mr4555640jar.137.1592583452835; Fri, 19 Jun 2020 09:17:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyM5MyHuxqrc77Ti5O60nU3rqzGshmWdRGhdACH2Oa1xGKo2mXrFvIjaN1yMe3sDV/yL8VLvw== X-Received: by 2002:a02:ce38:: with SMTP id v24mr4555619jar.137.1592583452549; Fri, 19 Jun 2020 09:17:32 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r19sm3645035ioj.12.2020.06.19.09.17.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:32 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 56/57][B] debugfs: open_proxy_open(): avoid double fops release Date: Fri, 19 Jun 2020 11:16:20 -0500 Message-Id: <20200619161621.644540-57-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Debugfs' open_proxy_open(), the ->open() installed at all inodes created through debugfs_create_file_unsafe(), - grabs a reference to the original file_operations instance passed to debugfs_create_file_unsafe() via fops_get(), - installs it at the file's ->f_op by means of replace_fops() - and calls fops_put() on it. Since the semantics of replace_fops() are such that the reference's ownership is transferred, the subsequent fops_put() will result in a double release when the file is eventually closed. Currently, this is not an issue since fops_put() basically does a module_put() on the file_operations' ->owner only and there don't exist any modules calling debugfs_create_file_unsafe() yet. This is expected to change in the future though, c.f. commit c64688081490 ("debugfs: add support for self-protecting attribute file fops"). Remove the call to fops_put() from open_proxy_open(). Fixes: 9fd4dcece43a ("debugfs: prevent access to possibly dead file_operations at file open") Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 75f0b68b75dabb3ff551440163fd67b3fc62901a) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index d1ec80331414..592059f88e04 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -127,7 +127,6 @@ static int open_proxy_open(struct inode *inode, struct file *filp) r = real_fops->open(inode, filp); out: - fops_put(real_fops); debugfs_use_file_finish(srcu_idx); return r; } From patchwork Fri Jun 19 16:16:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313127 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPBt3yN9zB47t; Sat, 20 Jun 2020 02:19:18 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmJjV-0004V0-7m; Fri, 19 Jun 2020 16:19:13 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhx-0002zS-H5 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:37 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmJhv-0003lI-0A for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:17:35 +0000 Received: by mail-io1-f70.google.com with SMTP id b3so4900971ion.17 for ; Fri, 19 Jun 2020 09:17:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=roBK7cpLNQtrnpZr2CAYrqD8UQ+4lo5VUZHRSmMqhRM=; b=B+P7zlDgw55S+4LW3aW6ipSIjphJuq+UJixN9+2bzX2XhBkMmvbL5a7xSzUSHQXbR0 IiJTTqoIj5+7zQfRu4DYQg0KPXerBTUqWd517jciy4xTUKjvlh7UyOTVABdRYbFn4b7d SY6zA3DXmKZeCvSQoWA9NhxEdR0YrTN3AFFRjPoglCnIwojsfhRKk2KCBjivOBaMOa59 5tHov+VU6chnLBywPGYaWPQcghQ25uIV13AwElTlTROyy17V3rldyiyEwurDSNtjKVOj pOBIsOMyY9V0Rr3zIXq6DXZUDQNmqRiwU+QOPGLVGc1qhJdLPiCMNiZqKy2R9hDcakIk rc+Q== X-Gm-Message-State: AOAM532nNj/k3v66ZFaOPDiPdpCHJqyfkCJFi42KzOx647M2eS7x5mJ1 hLSeHeEkEHBM+A9Ch/z84qwyDWpgHKcL4pc3RrQfXKX1NHeBkWqWSDsJokOJrV/NOpJYABkpKe2 FCKkJFFGakh98UbVdK0aVQNKCAxUtm891cox6MjfiOA== X-Received: by 2002:a05:6e02:eee:: with SMTP id j14mr4365894ilk.261.1592583453865; Fri, 19 Jun 2020 09:17:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx3yVTa3WhZwE+fRCp7cv3Pc6ECZS9XvncwwaagGcfl87luLnfUgmjszg8gn/4bqi/nbKLhjg== X-Received: by 2002:a05:6e02:eee:: with SMTP id j14mr4365873ilk.261.1592583453655; Fri, 19 Jun 2020 09:17:33 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r2sm3060956iop.34.2020.06.19.09.17.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:17:33 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 57/57][B] UBUNTU: SAUCE: (efi-lockdown) debugfs: Disallow use of debugfs files when the kernel is locked down Date: Fri, 19 Jun 2020 11:16:21 -0500 Message-Id: <20200619161621.644540-58-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619161621.644540-1-seth.forshee@canonical.com> References: <20200619161621.644540-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Disallow opening of debugfs files when the kernel is locked down as various drivers give raw access to hardware through debugfs. Accesses to tracefs should use /sys/kernel/tracing/ rather than /sys/kernel/debug/tracing/. Possibly a symlink should be emplaced. Normal device interaction should be done through configfs or a miscdev, not debugfs. Note that this makes it unnecessary to specifically lock down show_dsts(), show_devs() and show_call() in the asus-wmi driver. Signed-off-by: David Howells cc: Andy Shevchenko cc: acpi4asus-user@lists.sourceforge.net cc: platform-driver-x86@vger.kernel.org cc: Matthew Garrett cc: Thomas Gleixner (backported from commit 125da2e1c5d0a6aca5faafba336c8e8506a4e000 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 592059f88e04..98521a791504 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -106,6 +106,9 @@ static int open_proxy_open(struct inode *inode, struct file *filp) const struct file_operations *real_fops = NULL; int srcu_idx, r; + if (secure_modules()) + return -EPERM; + r = debugfs_use_file_start(dentry, &srcu_idx); if (r) { r = -ENOENT; @@ -235,6 +238,9 @@ static int full_proxy_open(struct inode *inode, struct file *filp) struct file_operations *proxy_fops = NULL; int srcu_idx, r; + if (secure_modules()) + return -EPERM; + r = debugfs_use_file_start(dentry, &srcu_idx); if (r) { r = -ENOENT;