From patchwork Fri Jun 19 16:49:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313150 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtr3Gn1zB3wn; Sat, 20 Jun 2020 02:50:28 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDg-0006nz-Sy; Fri, 19 Jun 2020 16:50:24 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDW-0006iS-MH for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:14 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDW-0006JS-Bq for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:14 +0000 Received: by mail-io1-f71.google.com with SMTP id l22so7158637iob.23 for ; Fri, 19 Jun 2020 09:50:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=D7YsGSyHRip+TZFLXlLyMc+vJKnHoZ1C6gCCK6mFUz0=; b=PLd5hte+f3wyDuyc6kOrwmMGSHzUylM9xyHzFkTigXjzpx8u3nochfkSPw6kBYJTQB 7osrRnrz9VGaVgOqUUv8AP+4peMlckzp8GDK/Kjbzx8SvweUkQxxI6zPwljz86ijR/bR 31znD8kGRujhbAF4Ue0ga/sWMxT0cb1oVtuHwafTsnVdALD3N0DHN9D+gUB3glj4MRp4 DUhtwCDk/a+bZkYyXeWXXJF6MIDkekWT1avLkxxpLR7m7YzHr+EerU+wh+YtCXHaBBfW 4mfXTb36vmiElyrarXg32t6/XM4C0VEnmF6PwgZVeS7st+Z1AyG0Nwy8S/kdo31Hdb72 Exgg== X-Gm-Message-State: AOAM530O6DoVRwOF1OVwC48uYqAqoVsEev75UEHyuss8w0hMxbuSVjP8 gKKix8JLxkmzn8nvtMLBRiezX/tdX+Nc3AXEN4mraEsgaNfByq3d7/XYKOMa7ij9H9kADQvizl0 dVbVwt3BMyOnoAM2UChd9th5SgIoj2Fhscq9z7eZoYg== X-Received: by 2002:a6b:5906:: with SMTP id n6mr5271401iob.202.1592585413202; Fri, 19 Jun 2020 09:50:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxLGg6xKQDj8NNrM3sdruR275gB3Z8JmGQWJqL2+I+hgoT9NTLcAGiqTkqtomJ4HirwE/WqtQ== X-Received: by 2002:a6b:5906:: with SMTP id n6mr5271386iob.202.1592585412947; Fri, 19 Jun 2020 09:50:12 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id v18sm3514771ilk.6.2020.06.19.09.50.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:12 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 01/57][X] acpi: Disable ACPI table override if the kernel is locked down Date: Fri, 19 Jun 2020 11:49:14 -0500 Message-Id: <20200619165010.645925-2-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Linn Crosetto BugLink: https://bugs.launchpad.net/bugs/1884159 >From the kernel documentation (initrd_table_override.txt): If the ACPI_INITRD_TABLE_OVERRIDE compile option is true, it is possible to override nearly any ACPI table provided by the BIOS with an instrumented, modified one. When lockdown is enabled, the kernel should disallow any unauthenticated changes to kernel space. ACPI tables contain code invoked by the kernel, so do not allow ACPI tables to be overridden if the kernel is locked down. Signed-off-by: Linn Crosetto Signed-off-by: David Howells Signed-off-by: Matthew Garrett Reviewed-by: Kees Cook cc: linux-acpi@vger.kernel.org Signed-off-by: James Morris (backported from commit 6ea0e815fc5e18597724169caa6e4d46dd8e693d) Signed-off-by: Seth Forshee --- drivers/acpi/osl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c index 62a2a564a46e..3b6d3247a4c9 100644 --- a/drivers/acpi/osl.c +++ b/drivers/acpi/osl.c @@ -675,6 +675,11 @@ void __init acpi_initrd_override(void *data, size_t size) if (table_nr == 0) return; + if (secure_modules()) { + pr_notice("kernel is locked down, ignoring table override\n"); + return; + } + acpi_tables_addr = memblock_find_in_range(0, max_low_pfn_mapped << PAGE_SHIFT, all_tables_size, PAGE_SIZE); From patchwork Fri Jun 19 16:49:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313147 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtk2ztlzB4CB; Sat, 20 Jun 2020 02:50:22 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDa-0006jY-WB; Fri, 19 Jun 2020 16:50:18 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDY-0006if-5d for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:16 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDX-0006JZ-Ra for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:15 +0000 Received: by mail-il1-f199.google.com with SMTP id k13so6820991ilh.23 for ; Fri, 19 Jun 2020 09:50:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7+N/3IGNUElCMKhuqQh0YmGeJxPkGVioopUl579fCfQ=; b=TSJ7FgdSlcLrXkUP1iTzc3Bq+NQSlGqpIzrOM7M/JjemqH2sXHrA1kX7BVW3VlzbHs cEvOoL4Nq3irngokTn/KBX2k6U9ZkK4t1AqVPfwfvoeziM3jJz5hrBvRH17sMi1DxQT+ lkFvAtpf5cmLqfcNQs1mwsSSLlTaaMTGTiRSOXPnvrC/u2BdWjlCleuPblSIjq6gj0ft 2ohlFipnO97e42gTBllRK4j1W5FrGGjifSWLw5MDypRajuOjnORVTCPFovVft2xs+Bxq bOkCfa6aN/012YheRborUVybllQdwUsrAcrfBsbYRtLBd+IeGf3sDwc1ZyA7wFPHmb1I 6m7w== X-Gm-Message-State: AOAM533lRlgOilBPwVgHiAdoUO/WH24y2NXj8Kvrnuon3kZR2oYhz2oq GVDJg/ZYQIefIuivGDiqzXSwxj5BcJgDww/Tq8OiG5buo8u520rIbalvwhsAcaYxjAVKVqYehNz Hx+rQEtUbhWTQnMLQsNh/OMYT/JK8CFqkdfF1IRv8HQ== X-Received: by 2002:a92:8b90:: with SMTP id i138mr4694347ild.286.1592585414498; Fri, 19 Jun 2020 09:50:14 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy8trqMdEEe2uEpgFGBexBQ86zQtQmZlZF8TYXKzkkQhhmerKj355sWXIY+O0ZR2Gu5zs/zQg== X-Received: by 2002:a92:8b90:: with SMTP id i138mr4694325ild.286.1592585414211; Fri, 19 Jun 2020 09:50:14 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id 12sm3322421ill.30.2020.06.19.09.50.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:13 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 02/57][X] UBUNTU: SAUCE: (efi-lockdown) x86/mmiotrace: Lock down the testmmiotrace module Date: Fri, 19 Jun 2020 11:49:15 -0500 Message-Id: <20200619165010.645925-3-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 The testmmiotrace module shouldn't be permitted when the kernel is locked down as it can be used to arbitrarily read and write MMIO space. Suggested-by: Thomas Gleixner Signed-off-by: David Howells cc: Steven Rostedt cc: Ingo Molnar cc: "H. Peter Anvin" cc: x86@kernel.org (backported from commit 64ce4fc1ef16d4dd818eca47701f803e58444ab2 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- arch/x86/mm/testmmiotrace.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c index 38868adf07ea..dd2a4ce7b541 100644 --- a/arch/x86/mm/testmmiotrace.c +++ b/arch/x86/mm/testmmiotrace.c @@ -115,6 +115,9 @@ static int __init init(void) { unsigned long size = (read_far) ? (8 << 20) : (16 << 10); + if (secure_modules()) + return -EPERM; + if (mmio_address == 0) { pr_err("you have to use the module argument mmio_address.\n"); pr_err("DO NOT LOAD THIS MODULE UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!\n"); From patchwork Fri Jun 19 16:49:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313148 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtl1q2WzB4C8; Sat, 20 Jun 2020 02:50:23 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDc-0006kN-69; Fri, 19 Jun 2020 16:50:20 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDZ-0006j3-DE for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:17 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDZ-0006Je-0l for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:17 +0000 Received: by mail-il1-f197.google.com with SMTP id q24so6862914ili.12 for ; Fri, 19 Jun 2020 09:50:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AiOPnvOwqnyUNLD7jFJAgnOTqSxAvEOwg9Op5kONhfo=; b=GJkdgn7I5SRTNbbhTamaw7Y4TeikDQ88V3aS8P1EJxG9Z/+k57lGtdDjF00urcaFFL obbbcxfvV6kC4GSzGN+lMerXLPyFa1qVxJwQKr2a5dcAbP55WWon0Ug6Qrp0OTaWCeQw IwLsZ+LrG0F8cTtdLiP2YxDoo72JciXjKqzsbr99tInGZKseUrUzanAkHDxe+gMmPAGv WYxeVvS/YCJusdfcLs3iTFoLBIblnMYq0xjymvpFqBwnxzzPm0ZR4Zot71PaJ0sP/5i+ 0w8Idq5Z+e71E9zdYTPRo1Ayrv/AHz1LZ1/M8KUawYbrbBb+lM15TZs4EnXRY9nLWtZA Hz0A== X-Gm-Message-State: AOAM5300DgU6ROoMNq1RYQpe1t2kvJjqY9UEVvNIddyV0mkWPhR70bfs hWOwPYTJafodRZ/iy+x3Ag4wMwj0KTFBNhLctBv93LCD5Uzl/q9F8ng68wkQafCLjMkNeW/Vtey CnbaTsSDfHYH8cikKrwg7b6ziow9morsi16MEzmIOLw== X-Received: by 2002:a05:6602:2cc9:: with SMTP id j9mr5246549iow.181.1592585415944; Fri, 19 Jun 2020 09:50:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyflaVbr72q+9wYnprhiiGIr/+rWtumBMbBcoQXPKbWX6pE3/5SpfGaCeT8Kic4kvAAALD7rw== X-Received: by 2002:a05:6602:2cc9:: with SMTP id j9mr5246528iow.181.1592585415642; Fri, 19 Jun 2020 09:50:15 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id c20sm3635985iot.33.2020.06.19.09.50.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:15 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 03/57][X] Revert "Restrict /dev/mem and /dev/kmem when module loading is restricted" Date: Fri, 19 Jun 2020 11:49:16 -0500 Message-Id: <20200619165010.645925-4-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1884159 This reverts commit 517d6c3a5c1454115dd705e084a88818df3ad7e2 to backport an updated version. Signed-off-by: Seth Forshee --- drivers/char/mem.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index a59fe7264c39..76997a645da8 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -188,9 +188,6 @@ static ssize_t write_mem(struct file *file, const char __user *buf, if (p != *ppos) return -EFBIG; - if (secure_modules()) - return -EPERM; - if (!valid_phys_addr_range(p, count)) return -EFAULT; @@ -558,9 +555,6 @@ static ssize_t write_kmem(struct file *file, const char __user *buf, char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */ int err = 0; - if (secure_modules()) - return -EPERM; - if (p < (unsigned long) high_memory) { unsigned long to_write = min_t(unsigned long, count, (unsigned long)high_memory - p); From patchwork Fri Jun 19 16:49:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313149 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtm2HpczB4CF; Sat, 20 Jun 2020 02:50:24 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDc-0006ka-BD; Fri, 19 Jun 2020 16:50:20 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDa-0006jK-IA for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:18 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDa-0006Jj-7G for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:18 +0000 Received: by mail-io1-f69.google.com with SMTP id t23so7209579iog.21 for ; Fri, 19 Jun 2020 09:50:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WEuf8q9Ui1Qo38StPYjSnD8jVS7icNLfdBHhJabzpDk=; b=WyWJtKiJw1dKY8FVs90k6s8B0iHbZdE4q0xaF4TF9UOFhOSd9mlOTNqamCGKMwXs29 AS5J8QpkTX0wa37Re1+b1YuxdPFLJasSGuLsLr2OyhcbnDjvwGmmuG0wubqdthOBrr+v sRo7X8M6z0IDOIt918Ouk6lL7BKBS/qbm65xi2StNWA82njGrQdzhwWENq3Zy+6n+jzy 3EzKygh7YrvH6zoqEYNudcW8EWCsrzkePA4obcjEmqLALWfrO5HJq10BQveAy8GLppkZ w0CeJ/oLC1iOA69bIdLM4mzjasRYwfA2sDlA+w03e4AB/SqCRktwRLa0QDNMXk04fMt9 2tIg== X-Gm-Message-State: AOAM530t43JRkOmNwtiw5YQG+XGQrRl93E3A4f8O2jnBuiy/Jj2PrSbx eNtXsSZva7hMD3sWZjwevNdkT4V+sR7++32GB5IATof357VXQsQvqWDZLhrYMm/lHD06u6RB1Z+ GOUlg/iKGAVEjffF28eo8BeCOTmeZEp1cmCPlQJqrCQ== X-Received: by 2002:a92:8488:: with SMTP id y8mr4520386ilk.262.1592585417026; Fri, 19 Jun 2020 09:50:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJznkXcVB0mV1lHOJCCfHT1PYnEslW/m17ppIhkAcYCdF0UbctagISSyHhcj2n65j+o8DqsinQ== X-Received: by 2002:a92:8488:: with SMTP id y8mr4520373ilk.262.1592585416795; Fri, 19 Jun 2020 09:50:16 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id u11sm1594237iob.43.2020.06.19.09.50.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:16 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 04/57][X] Revert "x86: Lock down IO port access when module security is enabled" Date: Fri, 19 Jun 2020 11:49:17 -0500 Message-Id: <20200619165010.645925-5-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1884159 This reverts commit cc223b88b8e59fca362b426b0cccfe580fd8a68e to backport an updated version. Signed-off-by: Seth Forshee --- arch/x86/kernel/ioport.c | 5 ++--- drivers/char/mem.c | 4 ---- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/arch/x86/kernel/ioport.c b/arch/x86/kernel/ioport.c index ab8372443efb..589b3193f102 100644 --- a/arch/x86/kernel/ioport.c +++ b/arch/x86/kernel/ioport.c @@ -15,7 +15,6 @@ #include #include #include -#include #include /* @@ -29,7 +28,7 @@ asmlinkage long sys_ioperm(unsigned long from, unsigned long num, int turn_on) if ((from + num <= from) || (from + num > IO_BITMAP_BITS)) return -EINVAL; - if (turn_on && (!capable(CAP_SYS_RAWIO) || secure_modules())) + if (turn_on && !capable(CAP_SYS_RAWIO)) return -EPERM; /* @@ -109,7 +108,7 @@ SYSCALL_DEFINE1(iopl, unsigned int, level) return -EINVAL; /* Trying to gain more privileges? */ if (level > old) { - if (!capable(CAP_SYS_RAWIO) || secure_modules()) + if (!capable(CAP_SYS_RAWIO)) return -EPERM; } regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | diff --git a/drivers/char/mem.c b/drivers/char/mem.c index 76997a645da8..6ebe2b86d8eb 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -27,7 +27,6 @@ #include #include #include -#include #include @@ -622,9 +621,6 @@ static ssize_t write_port(struct file *file, const char __user *buf, unsigned long i = *ppos; const char __user *tmp = buf; - if (secure_modules()) - return -EPERM; - if (!access_ok(VERIFY_READ, buf, count)) return -EFAULT; while (count-- > 0 && i < 65536) { From patchwork Fri Jun 19 16:49:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313153 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtz21H9zB4C9; Sat, 20 Jun 2020 02:50:35 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDl-0006s9-Tq; Fri, 19 Jun 2020 16:50:29 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDb-0006jv-N6 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:19 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDb-0006Jn-Bf for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:19 +0000 Received: by mail-io1-f69.google.com with SMTP id b11so7184555ioh.22 for ; Fri, 19 Jun 2020 09:50:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=lL07rwurVYtXkhzWxKeOOQZ47YdptFYj5Aagl9IHMEQ=; b=FJHA5scPF/QSCIrrWYWuSWgcmkkUKTpZz8i/s9hEoEzkSe5AiJ5qVLTz2r3i209SY8 FToAGfizPER883D1EGgVbjK0KLhyMjN/5utnMgBHhTYy1y/eoHfzZr4hDhRzYI154W6j cjwflDRRWANZiP2wXju6aCKebBk3aej+F9x5yctR3/RzCMszTlGOP3/mMPzH8tB/aJd+ 2c4AZu5geUco8Xf5uEpZhY6PKH3Do4GL7Y2v7ay/oxyYkeqN76bM2UfuDcAZuZ3vQho+ BxQkSUvJ/bL85oKDWuhZwPC1Hgbws6T90A/X81CJksnWeGlFryeI1wfNsfEPR/NfivaB OOQw== X-Gm-Message-State: AOAM532edxnsCnt3NnhEamheaeY3BW9dLcgOzUOcPKKa9BxM5w0W4pO/ nNbKt55q9/VHZqBqvJeOjQXzRLfR4Ys18H0eV672YtO1nyOCb+TWeZZYw0tCnjpbb1VJontuTtR MzPB00/1SGFa8bo0dF5mcmveuahxn9jAkD/fYoZDV/w== X-Received: by 2002:a05:6e02:151:: with SMTP id j17mr4222284ilr.252.1592585418229; Fri, 19 Jun 2020 09:50:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxh+7bp/7dF6l0Uix7qBiSXJG1A9rEwzPbtmjS1dq8U2JX971SgmUXNhYybL1DOnRBI53HqXA== X-Received: by 2002:a05:6e02:151:: with SMTP id j17mr4222268ilr.252.1592585418007; Fri, 19 Jun 2020 09:50:18 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x18sm3333311ilq.46.2020.06.19.09.50.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:17 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 05/57][X] UBUNTU: SAUCE: (efi-lockdown) Restrict /dev/{mem, kmem, port} when the kernel is locked down Date: Fri, 19 Jun 2020 11:49:18 -0500 Message-Id: <20200619165010.645925-6-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Matthew Garrett BugLink: https://bugs.launchpad.net/bugs/1884159 Allowing users to read and write to core kernel memory makes it possible for the kernel to be subverted, avoiding module loading restrictions, and also to steal cryptographic information. Disallow /dev/mem and /dev/kmem from being opened this when the kernel has been locked down to prevent this. Also disallow /dev/port from being opened to prevent raw ioport access and thus DMA from being used to accomplish the same thing. Signed-off-by: Matthew Garrett Signed-off-by: David Howells Reviewed-by: "Lee, Chun-Yi" (backported from commit 2eada4c7af2d4e9522a47523d2a5106d96271cd9 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- drivers/char/mem.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index 6ebe2b86d8eb..f41ad9aa5e0a 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -8,6 +8,7 @@ * Shared /dev/zero mmapping support, Feb 2000, Kanoj Sarcar */ +#include #include #include #include @@ -756,6 +757,8 @@ static loff_t memory_lseek(struct file *file, loff_t offset, int orig) static int open_port(struct inode *inode, struct file *filp) { + if (secure_modules()) + return -EPERM; return capable(CAP_SYS_RAWIO) ? 0 : -EPERM; } From patchwork Fri Jun 19 16:49:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313152 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtw5db7zB4C6; Sat, 20 Jun 2020 02:50:32 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDj-0006qj-Pu; Fri, 19 Jun 2020 16:50:27 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDd-0006lQ-Vn for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:22 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDc-0006Jv-KH for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:20 +0000 Received: by mail-io1-f69.google.com with SMTP id d197so7249794iog.3 for ; Fri, 19 Jun 2020 09:50:20 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=natZifhHBRSPfPEq8XSBeJqGGzLOpuiO7hOp7iGnnug=; b=k5ivAtwoGXYHgThWDTux1bgnCe6zJDq1Vnrv1X9ijlnPUdEPn7cu/7Ly0QnpCatkgS HaTWZQ0N+NHtxW71nB5g+zNMXuSjZaUhzLP8KSxCxznHsHtejNzAZ7Bg8thl8B78OwCb wqSeZyY0xTnyI9h1COPogR/Z/2/lIKIF2kRJm6nAWoAk10wUnKOrPpAP/ySH+JSAmHKj ik3QqssUxTSSTYSyOVFFECfaG3B9Y0d0DErxVpY3UaXM/SGze+uoc4yqDnlKtN3GWZ39 YoYGsKThi6QnxN9RNLmVym1zw43aiCoijvabKVOXse5XN4GV28jIld/GF/ko0eEN7DvQ onOA== X-Gm-Message-State: AOAM531ndqowRFBbwq8SwL84h7H93r7lMTUboztgW7LfOyi1c1s+WVqC oKSR3mZ8FydNUM6nMDChC2Fi4j/Od2kHrE3utaBaKPcJ0oCOlWjbPU9qkEIRauUi/rL+S4+dGnW Vlg6uAZkQK5D172KQVZA/gEV4YSi4OIQX4UMHAZJZew== X-Received: by 2002:a05:6e02:ef2:: with SMTP id j18mr4533167ilk.69.1592585419406; Fri, 19 Jun 2020 09:50:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxEoIT2bbcCd2xxaocorSmRhez9IKOhgaJ6xMmSWzDQ/CPKc+uDrT61Xd8kK/D8jddhN882SQ== X-Received: by 2002:a05:6e02:ef2:: with SMTP id j18mr4533150ilk.69.1592585419090; Fri, 19 Jun 2020 09:50:19 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y19sm3681946iod.41.2020.06.19.09.50.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:18 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 06/57][X] Annotate module params that specify hardware parameters (eg. ioport) Date: Fri, 19 Jun 2020 11:49:19 -0500 Message-Id: <20200619165010.645925-7-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). This will enable such parameters to be locked down in the core parameter parser for secure boot support. I've also included annotations as to what sort of hardware configuration each module is dealing with for future use. Some of these are straightforward (ioport, iomem, irq, dma), but there are also: (1) drivers that switch the semantics of a parameter between ioport and iomem depending on a second parameter, (2) drivers that appear to reserve a CPU memory buffer at a fixed address, (3) other parameters, such as bus types and irq selection bitmasks. For the moment, the hardware configuration type isn't actually stored, though its validity is checked. Signed-off-by: David Howells (cherry picked from commit bf616d21f41174389c6d720ae21bf40f154474c8) Signed-off-by: Seth Forshee --- include/linux/moduleparam.h | 65 ++++++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h index 52666d90ca94..6be1949ebcdf 100644 --- a/include/linux/moduleparam.h +++ b/include/linux/moduleparam.h @@ -60,9 +60,11 @@ struct kernel_param_ops { * Flags available for kernel_param * * UNSAFE - the parameter is dangerous and setting it will taint the kernel + * HWPARAM - Hardware param not permitted in lockdown mode */ enum { - KERNEL_PARAM_FL_UNSAFE = (1 << 0) + KERNEL_PARAM_FL_UNSAFE = (1 << 0), + KERNEL_PARAM_FL_HWPARAM = (1 << 1), }; struct kernel_param { @@ -451,6 +453,67 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp); perm, -1, 0); \ __MODULE_PARM_TYPE(name, "array of " #type) +enum hwparam_type { + hwparam_ioport, /* Module parameter configures an I/O port */ + hwparam_iomem, /* Module parameter configures an I/O mem address */ + hwparam_ioport_or_iomem, /* Module parameter could be either, depending on other option */ + hwparam_irq, /* Module parameter configures an I/O port */ + hwparam_dma, /* Module parameter configures a DMA channel */ + hwparam_dma_addr, /* Module parameter configures a DMA buffer address */ + hwparam_other, /* Module parameter configures some other value */ +}; + +/** + * module_param_hw_named - A parameter representing a hw parameters + * @name: a valid C identifier which is the parameter name. + * @value: the actual lvalue to alter. + * @type: the type of the parameter + * @hwtype: what the value represents (enum hwparam_type) + * @perm: visibility in sysfs. + * + * Usually it's a good idea to have variable names and user-exposed names the + * same, but that's harder if the variable must be non-static or is inside a + * structure. This allows exposure under a different name. + */ +#define module_param_hw_named(name, value, type, hwtype, perm) \ + param_check_##type(name, &(value)); \ + __module_param_call(MODULE_PARAM_PREFIX, name, \ + ¶m_ops_##type, &value, \ + perm, -1, \ + KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ + __MODULE_PARM_TYPE(name, #type) + +#define module_param_hw(name, type, hwtype, perm) \ + module_param_hw_named(name, name, type, hwtype, perm) + +/** + * module_param_hw_array - A parameter representing an array of hw parameters + * @name: the name of the array variable + * @type: the type, as per module_param() + * @hwtype: what the value represents (enum hwparam_type) + * @nump: optional pointer filled in with the number written + * @perm: visibility in sysfs + * + * Input and output are as comma-separated values. Commas inside values + * don't work properly (eg. an array of charp). + * + * ARRAY_SIZE(@name) is used to determine the number of elements in the + * array, so the definition must be visible. + */ +#define module_param_hw_array(name, type, hwtype, nump, perm) \ + param_check_##type(name, &(name)[0]); \ + static const struct kparam_array __param_arr_##name \ + = { .max = ARRAY_SIZE(name), .num = nump, \ + .ops = ¶m_ops_##type, \ + .elemsize = sizeof(name[0]), .elem = name }; \ + __module_param_call(MODULE_PARAM_PREFIX, name, \ + ¶m_array_ops, \ + .arr = &__param_arr_##name, \ + perm, -1, \ + KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ + __MODULE_PARM_TYPE(name, "array of " #type) + + extern const struct kernel_param_ops param_array_ops; extern const struct kernel_param_ops param_ops_string; From patchwork Fri Jun 19 16:49:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313154 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPv15F34zB4CD; Sat, 20 Jun 2020 02:50:37 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDn-0006tt-SS; Fri, 19 Jun 2020 16:50:31 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDe-0006m4-MW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:22 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDd-0006Jz-Lk for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:21 +0000 Received: by mail-io1-f69.google.com with SMTP id b11so7184613ioh.22 for ; Fri, 19 Jun 2020 09:50:21 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=dLvxkhn3bA30ypWAEYKfeHm/e/CerthZlVTzfMbd5yw=; b=afIldlxdT/X6/YFBhIuksFOwyn6Vfb8420DX2HocZ52qSY0/7OkYCiOfEdjSrHo7Ad mPA1lNhJIc/p43FZMFxPJJ2wU7B0hFSYHrzPUXdsriV/0Taw1sbCBc2WQ4ol6KXlkxgx FjmAqPiq95RKq9fmwpKonEhKjydQU00bBe+mRHWp5hUYcV4oYDNMQ/eacS2kNc1HAWvg IbIq4+VUu0MN2njh3RnHSGcRrhOIt+y7XZLyJ8DOi/ew8KlfTAkT2wDw+k88rDxZhsCj EoZNwMb/NKEt1msVSuoQT/hK3j0EMEX5mdPspDiZVMyteBWWqNqmlQpZtj/oNgnWvQHm W5Aw== X-Gm-Message-State: AOAM532wKtFae2rs7RyOP/U7y5+sGfnOmz2wboQVTbnLEDvMgoEvgWw3 iuwTxqbaol0J45eY0BPB6cFHLvDa8QHirhy/Z/QMoj5cYxHXKC8WdXE8SI1P19XVNmcWn2HaIhb qWiLdG8zLokbEurAjqjqlqc61q959rxmapzayshngDQ== X-Received: by 2002:a92:d3ce:: with SMTP id c14mr4053652ilh.62.1592585420567; Fri, 19 Jun 2020 09:50:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzyBn/b7/eRZ2FRf1y15JlEAniXyE+17iLdWvLEPhpYDujIXyk3OHmzIKr6xeklONUlmSDxaw== X-Received: by 2002:a92:d3ce:: with SMTP id c14mr4053636ilh.62.1592585420329; Fri, 19 Jun 2020 09:50:20 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id l12sm3358751ilj.8.2020.06.19.09.50.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:19 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 07/57][X] Annotate hardware config module parameters in arch/x86/mm/ Date: Fri, 19 Jun 2020 11:49:20 -0500 Message-Id: <20200619165010.645925-8-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in arch/x86/mm/. [Note: With respect to testmmiotrace, an additional patch will be added separately that makes the module refuse to load if the kernel is locked down.] Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Steven Rostedt cc: Ingo Molnar cc: Thomas Gleixner cc: "H. Peter Anvin" cc: x86@kernel.org cc: linux-kernel@vger.kernel.org cc: nouveau@lists.freedesktop.org (cherry picked from commit 3c2e2e6816930e25c755f2e4fc298a0d05d223cf) Signed-off-by: Seth Forshee --- arch/x86/mm/testmmiotrace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c index dd2a4ce7b541..a9b62c9c1a8f 100644 --- a/arch/x86/mm/testmmiotrace.c +++ b/arch/x86/mm/testmmiotrace.c @@ -9,7 +9,7 @@ #include static unsigned long mmio_address; -module_param(mmio_address, ulong, 0); +module_param_hw(mmio_address, ulong, iomem, 0); MODULE_PARM_DESC(mmio_address, " Start address of the mapping of 16 kB " "(or 8 MB if read_far is non-zero)."); From patchwork Fri Jun 19 16:49:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313155 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPv61XrQz9sVX; Sat, 20 Jun 2020 02:50:42 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDq-0006ve-Dz; Fri, 19 Jun 2020 16:50:34 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDf-0006n9-HO for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:23 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDf-0006K3-6Y for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:23 +0000 Received: by mail-io1-f70.google.com with SMTP id g3so7218448ioc.20 for ; Fri, 19 Jun 2020 09:50:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=WaJ+TCKyD480FFhOLIbJ1LVxgEC2QVUS97vXY12PbRc=; b=mJJfDCpwgxQmAyfeP0o9fmvBiNbca1mZpdzjMiQrBfOy51msL+kIRR3WFzUy/AzxNv 9TZTt470m26Q7mgeTUzKJdGuoICpIhEi2UgG9w6s87asZ+U3ZJ/K4Lzldwv+Iia4J6Mh PkEtboajfa3WEw0RjQHBK3rEC9lbHRCols0AHtMpcBXwCBB5g0+EGDZQUFTqYxrsAnta t3dHdbkSqhvUAH4Ly+Oz9WPWLk2U5SBgZVqrVTtpejxddfstP9KogNJd6dz2F+Lkcgn3 PG+tgMgS56tbrYYr4s/mmHWJ38zz50Ci/tkoAFVT8CehoOFVs4QySmJkTMFI5AGuXxN+ Xl5g== X-Gm-Message-State: AOAM532HWIX3qRsDB0F+lG8C+uHnCK6XArRZlGR5W12+1TyrLJTUCXaw uo2ZExIMpxgZOq4vQvS3Xl9Vy1YKHOOYWX+Q9cc1/A4CLvZnYaGldrrYuqJvZzht+68XF/qfoWY A3T7HObqbhkCC6GKErv/XDjFHGu5S4LYRQZUYfe7uuQ== X-Received: by 2002:a6b:740b:: with SMTP id s11mr5372185iog.10.1592585421919; Fri, 19 Jun 2020 09:50:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJynup7NkC8ZuiVzDrrlOxK+9nSHXHus7VxHfPEcHGr102C785oUL+ee2U6qm5M2HjRsQpK5IA== X-Received: by 2002:a6b:740b:: with SMTP id s11mr5372160iog.10.1592585421551; Fri, 19 Jun 2020 09:50:21 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id l3sm3873664iow.55.2020.06.19.09.50.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:21 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 08/57][X] Annotate hardware config module parameters in drivers/char/ipmi/ Date: Fri, 19 Jun 2020 11:49:21 -0500 Message-Id: <20200619165010.645925-9-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/char/ipmi/. Suggested-by: Alan Cox Signed-off-by: David Howells Reviewed-by: Corey Minyard cc: openipmi-developer@lists.sourceforge.net (cherry picked from commit 684497bfe8b4485325554b96b160b5ddb6e9ebaf) Signed-off-by: Seth Forshee --- drivers/char/ipmi/ipmi_si_intf.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c index 2f8ff63bbbe4..ab672b947bd6 100644 --- a/drivers/char/ipmi/ipmi_si_intf.c +++ b/drivers/char/ipmi/ipmi_si_intf.c @@ -1392,39 +1392,39 @@ MODULE_PARM_DESC(type, "Defines the type of each interface, each" " interface separated by commas. The types are 'kcs'," " 'smic', and 'bt'. For example si_type=kcs,bt will set" " the first interface to kcs and the second to bt"); -module_param_array(addrs, ulong, &num_addrs, 0); +module_param_hw_array(addrs, ulong, iomem, &num_addrs, 0); MODULE_PARM_DESC(addrs, "Sets the memory address of each interface, the" " addresses separated by commas. Only use if an interface" " is in memory. Otherwise, set it to zero or leave" " it blank."); -module_param_array(ports, uint, &num_ports, 0); +module_param_hw_array(ports, uint, ioport, &num_ports, 0); MODULE_PARM_DESC(ports, "Sets the port address of each interface, the" " addresses separated by commas. Only use if an interface" " is a port. Otherwise, set it to zero or leave" " it blank."); -module_param_array(irqs, int, &num_irqs, 0); +module_param_hw_array(irqs, int, irq, &num_irqs, 0); MODULE_PARM_DESC(irqs, "Sets the interrupt of each interface, the" " addresses separated by commas. Only use if an interface" " has an interrupt. Otherwise, set it to zero or leave" " it blank."); -module_param_array(regspacings, int, &num_regspacings, 0); +module_param_hw_array(regspacings, int, other, &num_regspacings, 0); MODULE_PARM_DESC(regspacings, "The number of bytes between the start address" " and each successive register used by the interface. For" " instance, if the start address is 0xca2 and the spacing" " is 2, then the second address is at 0xca4. Defaults" " to 1."); -module_param_array(regsizes, int, &num_regsizes, 0); +module_param_hw_array(regsizes, int, other, &num_regsizes, 0); MODULE_PARM_DESC(regsizes, "The size of the specific IPMI register in bytes." " This should generally be 1, 2, 4, or 8 for an 8-bit," " 16-bit, 32-bit, or 64-bit register. Use this if you" " the 8-bit IPMI register has to be read from a larger" " register."); -module_param_array(regshifts, int, &num_regshifts, 0); +module_param_hw_array(regshifts, int, other, &num_regshifts, 0); MODULE_PARM_DESC(regshifts, "The amount to shift the data read from the." " IPMI register, in bits. For instance, if the data" " is read from a 32-bit word and the IPMI data is in" " bit 8-15, then the shift would be 8"); -module_param_array(slave_addrs, int, &num_slave_addrs, 0); +module_param_hw_array(slave_addrs, int, other, &num_slave_addrs, 0); MODULE_PARM_DESC(slave_addrs, "Set the default IPMB slave address for" " the controller. Normally this is 0x20, but can be" " overridden by this parm. This is an array indexed" From patchwork Fri Jun 19 16:49:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313151 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPtt6CMqzB4C5; Sat, 20 Jun 2020 02:50:30 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDi-0006pf-JY; Fri, 19 Jun 2020 16:50:26 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDh-0006nt-8R for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:25 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDg-0006K7-8V for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:24 +0000 Received: by mail-il1-f199.google.com with SMTP id p11so6925550iln.3 for ; Fri, 19 Jun 2020 09:50:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AzqbAC/ES63EnFAvo4b4A9hsSBPEa2/RCHMG4gU+vck=; b=AnDWB2h2S0RjuZqb7aNeZRlobjO5I3n3fhQvJujJdKMEoNpJIPBSV38/wq8sjOQyKR w6FjcS3y4nZgk7eqyOfSYM4EYlqaO6fklWjC/yDsbnUc0PyGIoYYIdl4redpNNRZnAkp 7MOkC7GA+iV2hqI+0y8lkrkU3Vy1ZzjIXH4f/RjGt9mPtgPihCada5K8if4Ca8fPrw3o HJ5kd42mTr+zZ2xMNBbfX1aHCDWz7APAXxPthjYQNIsTz8Wd49lAWg0ywdcvz3NAB8s/ mCzGuJUGtvugXh3erR+T19tGsattLqH1v2g3IXBdYSgub3F5vXVVXrA3d4JG2/bQ0EYU k8nw== X-Gm-Message-State: AOAM530iiVyUuFpw4gyUr1gOLYLLOUMh0TDxDHNKVeuJG7doLEdaPXE2 2UIE7rO5NTQuSJwVTLIYGl0JkiLAXQZOiaJ0MIiekZ044k6Gx5sOnhZ+6SjEF+d6YRLAbysZThl MLJ8J/yz69rr7gQhCLpByKSVfN2wVoxJvAJGi96vU8A== X-Received: by 2002:a92:c84f:: with SMTP id b15mr4208356ilq.123.1592585423133; Fri, 19 Jun 2020 09:50:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzenhCELfkPLGoCi+gBjPI4CMNFlrwX/hv0dZozN8/GEqgMuaZTuSfmoe7RxDAoON0E0nL4hg== X-Received: by 2002:a92:c84f:: with SMTP id b15mr4208340ilq.123.1592585422892; Fri, 19 Jun 2020 09:50:22 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id 18sm3641534ion.17.2020.06.19.09.50.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:22 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 09/57][X] Annotate hardware config module parameters in drivers/char/mwave/ Date: Fri, 19 Jun 2020 11:49:22 -0500 Message-Id: <20200619165010.645925-10-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/char/mwave/. Suggested-by: Alan Cox Signed-off-by: David Howells (cherry picked from commit 94b599bc07c3c4f365f546218918dcbc363111b2) Signed-off-by: Seth Forshee --- drivers/char/mwave/mwavedd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/char/mwave/mwavedd.c b/drivers/char/mwave/mwavedd.c index 618f3df6c3b9..19c11efe78b1 100644 --- a/drivers/char/mwave/mwavedd.c +++ b/drivers/char/mwave/mwavedd.c @@ -81,10 +81,10 @@ int mwave_3780i_io = 0; int mwave_uart_irq = 0; int mwave_uart_io = 0; module_param(mwave_debug, int, 0); -module_param(mwave_3780i_irq, int, 0); -module_param(mwave_3780i_io, int, 0); -module_param(mwave_uart_irq, int, 0); -module_param(mwave_uart_io, int, 0); +module_param_hw(mwave_3780i_irq, int, irq, 0); +module_param_hw(mwave_3780i_io, int, ioport, 0); +module_param_hw(mwave_uart_irq, int, irq, 0); +module_param_hw(mwave_uart_io, int, ioport, 0); static int mwave_open(struct inode *inode, struct file *file); static int mwave_close(struct inode *inode, struct file *file); From patchwork Fri Jun 19 16:49:23 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313156 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvB5mKxzB4C8; Sat, 20 Jun 2020 02:50:46 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKDv-0006zu-F9; Fri, 19 Jun 2020 16:50:39 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDi-0006p6-D6 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:26 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDh-0006KB-L2 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:25 +0000 Received: by mail-io1-f70.google.com with SMTP id b3so4969679ion.17 for ; Fri, 19 Jun 2020 09:50:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=w2J9bq1jc2+eFfA0FNWUc5i8SCn0Cg7uiLuKmEbT3so=; b=KABFTsEN49uglCkg+pliXIT1YjxhJemRqJPxGMT3z02egMEOyhWMIxKasPEt2CnC2K SD6qDbnbe/Hlsf3bbMfyxHYwmrbzAfgpUNf1GoEkrYuLPP2a0CCj5mK4e8kfLUP+fTt8 xaXyAiBO/5hY/INA328WKA4gyzsZmWMLrn7mlKz3hNBiZFtFuSBbS87f+GPHfmtGNQGU IDmvfFYmIiS9olDWhe8YVJulU9PP0hUBkaWMX0yPuBJavQgSmLjyoKlxPY0HpTFGCg26 fzdrm7heiI2W36YxkBJHM9VFBE9gQdPg3awRGfuWzZHeVCS2o2fynFE5qyOcoSULCF8T 9JsQ== X-Gm-Message-State: AOAM533RyFGL/ywRosA8TeJkhlWGM2YSTmQvfWdidqII1dpWLmLWDPl3 WOtf5AehXRQLdXvUXwNoxgUZJTLswMmmf48kvu7QB0ehwcn2d56P4SLLfySPDrSl4Qout1nYVfX yGUEkW/4hdD+wP3gpV1GuC2zkO+7bcpJSMuif6zYbpQ== X-Received: by 2002:a05:6638:216f:: with SMTP id p15mr4685530jak.86.1592585424512; Fri, 19 Jun 2020 09:50:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy74D4zH+LotId9bwEltp1ZhdHZWVv9F7wBzPOSu2n2Z0RV3jIbeLJBlK46dSZKWIx21XCuhA== X-Received: by 2002:a05:6638:216f:: with SMTP id p15mr4685509jak.86.1592585424192; Fri, 19 Jun 2020 09:50:24 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id c8sm1890345ile.2.2020.06.19.09.50.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:23 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 10/57][X] Annotate hardware config module parameters in drivers/char/ Date: Fri, 19 Jun 2020 11:49:23 -0500 Message-Id: <20200619165010.645925-11-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/char/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: Arnd Bergmann (cherry picked from commit 1c37ab5e51792a5419bdc84804aec6379cb43adb) Signed-off-by: Seth Forshee --- drivers/char/applicom.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/char/applicom.c b/drivers/char/applicom.c index 9fcd51095d13..aeb0b876bb19 100644 --- a/drivers/char/applicom.c +++ b/drivers/char/applicom.c @@ -95,9 +95,9 @@ static struct applicom_board { static unsigned int irq = 0; /* interrupt number IRQ */ static unsigned long mem = 0; /* physical segment of board */ -module_param(irq, uint, 0); +module_param_hw(irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ of the Applicom board"); -module_param(mem, ulong, 0); +module_param_hw(mem, ulong, iomem, 0); MODULE_PARM_DESC(mem, "Shared Memory Address of Applicom board"); static unsigned int numboards; /* number of installed boards */ From patchwork Fri Jun 19 16:49:24 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313157 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvH2fNvzB4C4; Sat, 20 Jun 2020 02:50:51 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKE0-00073k-7o; Fri, 19 Jun 2020 16:50:44 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDj-0006qN-Sc for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:27 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDi-0006KK-Qb for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:27 +0000 Received: by mail-io1-f70.google.com with SMTP id i204so4702631ioa.2 for ; Fri, 19 Jun 2020 09:50:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uGMkQ07+7bx1FU5yI2G6Hy0lRKlEMcGlWA8E+bd5ZVA=; b=ioThZlzCigIZ9dU5b/wLHdANi0VhKAUssBhos9BOIKfOpseQ8xGmvNYwZwCYnSgiEj tp+7kMyyQpcXhKeLvkfNPQXTYQVjGQEC0eqx6uw7bTe4tyDlgMNjl5FUOyql2rYMzIyA 9bVm+aEhX9Vc2/Pl+rSi3ZeLJkRREWONKkHecJ8YNZ1iekbpvP9Wk76jv4NcG/BWKlfq HioQZnd5lNFOFTtENoBUDmVqzIwHUXlBz37OeHDPiSE/4/IMxOpSqMzZMFn+fjG4qL+W G6bq7Pmx8BFDkmHY1iuMcC4NTTsnTYxqol1dCkFn1qkrWnrNq5/S7CXT/8Hh4ZbBrPmF qing== X-Gm-Message-State: AOAM533V4KoXn2JI6hwIRC+cWlW/CVe267UC9YTXtmev11W2jWoDkPSf IHWTl+GTIGJU0ay/1TjGxpcAmFnez44c8Kaohz/Nrf7jqhLZbPbOQ2xEwf1bE/SGnoVaLGmZnVa JLxgEt85/tgy6N9j380oiIWg+Ziax89pKKpc9o3VsTA== X-Received: by 2002:a02:23cb:: with SMTP id u194mr4749281jau.63.1592585425644; Fri, 19 Jun 2020 09:50:25 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzadm2jTfJA25xdM6LxFOsXHTDVtDjQvURSFbOsJwX15mP3nDKrkYDuQ1DD0oCge8mtVYx1JA== X-Received: by 2002:a02:23cb:: with SMTP id u194mr4749265jau.63.1592585425389; Fri, 19 Jun 2020 09:50:25 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a20sm251064ila.5.2020.06.19.09.50.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:24 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 11/57][X] Annotate hardware config module parameters in drivers/clocksource/ Date: Fri, 19 Jun 2020 11:49:24 -0500 Message-Id: <20200619165010.645925-12-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/clocksource/. [Note: With regard to cs5535-clockevt.c, Thomas Gleixner asked whether the timer_irq parameter is required for the driver to work on anything other than arbitrary hardware which has it mapped to 0. Jens Rottmann replied that the parameter defaults to 0, which means: 1. autodetect (=keep IRQ BIOS has set up) 2. if that fails use CONFIG_CS5535_MFGPT_DEFAULT_IRQ (see drivers/misc/cs5535-mfgpt.c: cs5535_mfgpt_set_irq()) Jens further noted that there may not be any systems that have CS5535/36 devices that support EFI and secure boot.] Suggested-by: Alan Cox Signed-off-by: David Howells cc: Daniel Lezcano cc: Thomas Gleixner cc: Jens Rottmann cc: linux-kernel@vger.kernel.org (cherry picked from commit cc9c617557cd0442294138188ac8611659768a10) Signed-off-by: Seth Forshee --- drivers/clocksource/cs5535-clockevt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clocksource/cs5535-clockevt.c b/drivers/clocksource/cs5535-clockevt.c index e1d7373e63e0..1de8cac99a0e 100644 --- a/drivers/clocksource/cs5535-clockevt.c +++ b/drivers/clocksource/cs5535-clockevt.c @@ -22,7 +22,7 @@ #define DRV_NAME "cs5535-clockevt" static int timer_irq; -module_param_named(irq, timer_irq, int, 0644); +module_param_hw_named(irq, timer_irq, int, irq, 0644); MODULE_PARM_DESC(irq, "Which IRQ to use for the clock source MFGPT ticks."); /* From patchwork Fri Jun 19 16:49:25 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313158 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvM00N3zB4C6; Sat, 20 Jun 2020 02:50:54 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKE4-00076m-4J; Fri, 19 Jun 2020 16:50:48 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDl-0006rS-8q for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:29 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDk-0006KP-25 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:28 +0000 Received: by mail-il1-f198.google.com with SMTP id a4so6898071ilq.2 for ; Fri, 19 Jun 2020 09:50:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=2LUEeHhPc0QLdUDAtM7h+fXX/Xde04MwmYmNnrJbCSs=; b=L1j2jYJiBv1EcaSk6ZtLpSHMG+YfhuB0885SaKutDzm/iWX9y7UQbrWmGf5quusJGv BQCUFQefAcReFOAEzcWlbVvDvKIBxSP+D/rm1dy8VnVXdkDnccCGFqA/5TXSs8oSYHhu UdBmiUYBST/F6tZOdizTf6zNqAwveRBJl7Ar+k9uLo1txoNCk1GGMFqQnIiwqsrliBOw plQ9UUKUlVIseTt5ePo7EPlqrxkdMbWIbzW6CdBdqQcVwb80/z+ZNYbc1uUIeOn7YWic FrjbWnCilnCMItvFbQrilFXnnawhH2a2Nfye3SgiyA3lRstbEDInz5ReZXNcQShKSgmO GP6w== X-Gm-Message-State: AOAM530Kt2He1c5lr0rgvjYLjKJbjbyXpsyh1NbAQ1czuNRcHSvyntNm 4Q3FxhKkbWj2gPNwKRO65whBi6trYaNzGJ3nz+wo0qxBIcGqvw2mZFPwKpmtQdls30qUqc7iIGa 7bLYxnNh+ga2MwGrHTBAMjzdUBCBhJgF9KEFXk592HA== X-Received: by 2002:a92:db49:: with SMTP id w9mr4147030ilq.188.1592585426922; Fri, 19 Jun 2020 09:50:26 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx9YGQ8YTM1Fbr4KYxn/yqNakPb9eBHKZMTalxZ009Al3m+EhiBpZ5WuwF6FmvHrOe6Wy/Jrw== X-Received: by 2002:a92:db49:: with SMTP id w9mr4147017ilq.188.1592585426655; Fri, 19 Jun 2020 09:50:26 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n17sm3401489ilq.13.2020.06.19.09.50.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:26 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 12/57][X] Annotate hardware config module parameters in drivers/cpufreq/ Date: Fri, 19 Jun 2020 11:49:25 -0500 Message-Id: <20200619165010.645925-13-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/cpufreq/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: "Rafael J. Wysocki" Acked-by: Viresh Kumar cc: linux-pm@vger.kernel.org (cherry picked from commit 40059ec6701bd10d7d972ed302cca61cf8b6f2cf) Signed-off-by: Seth Forshee --- drivers/cpufreq/speedstep-smi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/cpufreq/speedstep-smi.c b/drivers/cpufreq/speedstep-smi.c index 819229e824fb..b5691317b6dd 100644 --- a/drivers/cpufreq/speedstep-smi.c +++ b/drivers/cpufreq/speedstep-smi.c @@ -377,7 +377,7 @@ static void __exit speedstep_exit(void) cpufreq_unregister_driver(&speedstep_driver); } -module_param(smi_port, int, 0444); +module_param_hw(smi_port, int, ioport, 0444); module_param(smi_cmd, int, 0444); module_param(smi_sig, uint, 0444); From patchwork Fri Jun 19 16:49:26 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313159 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvQ5MrrzB4CJ; Sat, 20 Jun 2020 02:50:58 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKE7-00079r-KS; Fri, 19 Jun 2020 16:50:51 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDm-0006s8-C6 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:30 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDl-0006Kb-93 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:29 +0000 Received: by mail-io1-f70.google.com with SMTP id z12so7250332iow.15 for ; Fri, 19 Jun 2020 09:50:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BL5yL7oY/9Qnleyl5Itl0tw0Tibek5I6ZYbO8678NgE=; b=QyR2KUaW5Kgb9VugQ33dKokuc7/Hjo1+Et3y2OqR/c7bd+cxoHstodjnTKq2MdVTHT j08Ttkr3UdO8Oi2DNqv/Htxzk556oQJitDyvupUlOY6/O9ueE1aTAcDIxLsTTKn8QD54 J3ZkeSl14bjptK8w1kqw8jrhBSTrwA3Qkie0z9XJPTCIAnjCyRHhgufWLSBIYSh5V6Xv mbxBTHd965L5KBwWXUaNQZZLkEGBMBJSM/LScen5y5t7Aqt2Bvols7iXWpIBPjErq/rf ir29OZm1FfyvavBgA6VadFz3tdbF1rcqjLFZgcIXFrIjlGwnhPR7h+d2Xtii8yrTbWF/ gBlQ== X-Gm-Message-State: AOAM530OQ/DZ70Xqbg6QKsc1nIiSAl+VG8nNHqZkYuy2DKEurQ5cyXap lKgEhXQoLTkIN2mvIEzrQBoWnqvG+joxr/Z2JYOO2lz6v1p0AAIRTzctY/IW84ECARMtYM/w7fP oyWSMuFYOGeMaAxXCblfgW0G3jWC2I3w2dt537eggbQ== X-Received: by 2002:a5d:8f0b:: with SMTP id f11mr3065799iof.200.1592585428131; Fri, 19 Jun 2020 09:50:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyt4WW51uE8X3VWcSamxiF3YuB7/Q2nTqQMtWWdjiUM+UzV3lxpsunIVJpz9Tbuz5cyVCoMfQ== X-Received: by 2002:a5d:8f0b:: with SMTP id f11mr3065779iof.200.1592585427819; Fri, 19 Jun 2020 09:50:27 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id j11sm3514092iof.25.2020.06.19.09.50.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:27 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 13/57][X] Annotate hardware config module parameters in drivers/gpio/ Date: Fri, 19 Jun 2020 11:49:26 -0500 Message-Id: <20200619165010.645925-14-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/gpio/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: William Breathitt Gray Acked-by: Linus Walleij cc: Alexandre Courbot cc: linux-gpio@vger.kernel.org (backported from commit d759f906794b3b2894780870227c3c05895d83c1) Signed-off-by: Seth Forshee --- drivers/gpio/gpio-104-idio-16.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpio/gpio-104-idio-16.c b/drivers/gpio/gpio-104-idio-16.c index 5400d7d4d8fd..f48f72e20f2e 100644 --- a/drivers/gpio/gpio-104-idio-16.c +++ b/drivers/gpio/gpio-104-idio-16.c @@ -23,7 +23,7 @@ #include static unsigned idio_16_base; -module_param(idio_16_base, uint, 0); +module_param_hw(idio_16_base, uint, ioport, 0); MODULE_PARM_DESC(idio_16_base, "ACCES 104-IDIO-16 base address"); /** From patchwork Fri Jun 19 16:49:27 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313161 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvX0RHtzB4CF; Sat, 20 Jun 2020 02:51:04 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEB-0007Cn-Rq; Fri, 19 Jun 2020 16:50:55 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDo-0006tN-5C for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:32 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDm-0006Kf-GV for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:30 +0000 Received: by mail-il1-f197.google.com with SMTP id y16so6874982ilm.21 for ; Fri, 19 Jun 2020 09:50:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=A1Fcvn23JBd+n0F4D5ztp3w3AN0IlJH/19qO+Q+8nBE=; b=N3A09NVTilQHIJuYyG+A1ktw/xqR8woMBCl4RV0GCjPA9OyhPgetRSH/sErAgY/4NE fq9bAwu+l8w0AHzc0RZ2vE2gIUqgyVjnMBTFpLBu+WktqDNxGKUBb1+aA4mVzqHhewnt s/ELIrj2HG5f6FNs2vYkV/81YUNPLmXBS9Euo/NZZZPT+sdDFZ6ZMq4v4dIOAyGqNfsz 5FnbezmgZsyTaE9+UdL2Y7LCLa9QnscBUg4+h/Axci8Risn0zURzPzhfxfkIqb+fSnF/ 77TcVi1/pHRMQXfo9n8xic9ggqECTsD4uEhGNW7a8mk3ywQSd9hnXjJQ/R/Ywl5YauHh Kw0g== X-Gm-Message-State: AOAM532MkRiDJw2TCkNIPpVJ98FDa4bZmEOB4aVsA85tW9fRyNtvlowV UK0hdO79BjFKz+m7vFNMlRrT+/ad+cOsAKCO2n2YQpgRqXmsnxjHGGZ83T0XX5CMagtFzx8Zk9J hoiMOg61IwWmb2gQPFW2b+H1uVRE/fNoLM2gLVSNocA== X-Received: by 2002:a92:c987:: with SMTP id y7mr4225655iln.127.1592585429281; Fri, 19 Jun 2020 09:50:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw/DPdajQ0H1XA43gruPNTW79SSKbW9HMq+Gpqg1qE6eI6pKLCEPFCQYlAk8bHGQrneUVRoCw== X-Received: by 2002:a92:c987:: with SMTP id y7mr4225630iln.127.1592585428948; Fri, 19 Jun 2020 09:50:28 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n1sm3329581ilm.55.2020.06.19.09.50.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:28 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 14/57][X] Annotate hardware config module parameters in drivers/i2c/ Date: Fri, 19 Jun 2020 11:49:27 -0500 Message-Id: <20200619165010.645925-15-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/i2c/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Wolfram Sang Acked-by: Jean Delvare cc: linux-i2c@vger.kernel.org (backported from commit c78babcc7d25ffd44a579c796fb4e9a313c0b127) Signed-off-by: Seth Forshee --- drivers/i2c/busses/i2c-ali15x3.c | 2 +- drivers/i2c/busses/i2c-elektor.c | 6 +++--- drivers/i2c/busses/i2c-parport-light.c | 4 ++-- drivers/i2c/busses/i2c-pca-isa.c | 4 ++-- drivers/i2c/busses/i2c-piix4.c | 2 +- drivers/i2c/busses/i2c-sis5595.c | 2 +- drivers/i2c/busses/i2c-viapro.c | 2 +- drivers/i2c/busses/scx200_acb.c | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/i2c/busses/i2c-ali15x3.c b/drivers/i2c/busses/i2c-ali15x3.c index 45c5c4883022..6e6bf46bcb52 100644 --- a/drivers/i2c/busses/i2c-ali15x3.c +++ b/drivers/i2c/busses/i2c-ali15x3.c @@ -119,7 +119,7 @@ /* If force_addr is set to anything different from 0, we forcibly enable the device at the given address. */ static u16 force_addr; -module_param(force_addr, ushort, 0); +module_param_hw(force_addr, ushort, ioport, 0); MODULE_PARM_DESC(force_addr, "Initialize the base address of the i2c controller"); diff --git a/drivers/i2c/busses/i2c-elektor.c b/drivers/i2c/busses/i2c-elektor.c index 92e8c0ce1625..af4eedef733e 100644 --- a/drivers/i2c/busses/i2c-elektor.c +++ b/drivers/i2c/busses/i2c-elektor.c @@ -333,11 +333,11 @@ MODULE_AUTHOR("Hans Berglund "); MODULE_DESCRIPTION("I2C-Bus adapter routines for PCF8584 ISA bus adapter"); MODULE_LICENSE("GPL"); -module_param(base, int, 0); -module_param(irq, int, 0); +module_param_hw(base, int, ioport_or_iomem, 0); +module_param_hw(irq, int, irq, 0); module_param(clock, int, 0); module_param(own, int, 0); -module_param(mmapped, int, 0); +module_param_hw(mmapped, int, other, 0); module_init(i2c_pcfisa_init); module_exit(i2c_pcfisa_exit); diff --git a/drivers/i2c/busses/i2c-parport-light.c b/drivers/i2c/busses/i2c-parport-light.c index 1bcdd10b68b9..faa8fb8f2b8f 100644 --- a/drivers/i2c/busses/i2c-parport-light.c +++ b/drivers/i2c/busses/i2c-parport-light.c @@ -38,11 +38,11 @@ static struct platform_device *pdev; static u16 base; -module_param(base, ushort, 0); +module_param_hw(base, ushort, ioport, 0); MODULE_PARM_DESC(base, "Base I/O address"); static int irq; -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "IRQ (optional)"); /* ----- Low-level parallel port access ----------------------------------- */ diff --git a/drivers/i2c/busses/i2c-pca-isa.c b/drivers/i2c/busses/i2c-pca-isa.c index e0eb4ca0102e..2e1931d5ca76 100644 --- a/drivers/i2c/busses/i2c-pca-isa.c +++ b/drivers/i2c/busses/i2c-pca-isa.c @@ -207,10 +207,10 @@ MODULE_AUTHOR("Ian Campbell "); MODULE_DESCRIPTION("ISA base PCA9564/PCA9665 driver"); MODULE_LICENSE("GPL"); -module_param(base, ulong, 0); +module_param_hw(base, ulong, ioport, 0); MODULE_PARM_DESC(base, "I/O base address"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "IRQ"); module_param(clock, int, 0); MODULE_PARM_DESC(clock, "Clock rate in hertz.\n\t\t" diff --git a/drivers/i2c/busses/i2c-piix4.c b/drivers/i2c/busses/i2c-piix4.c index b61db9db3ca5..45cb33360522 100644 --- a/drivers/i2c/busses/i2c-piix4.c +++ b/drivers/i2c/busses/i2c-piix4.c @@ -86,7 +86,7 @@ MODULE_PARM_DESC(force, "Forcibly enable the PIIX4. DANGEROUS!"); /* If force_addr is set to anything different from 0, we forcibly enable the PIIX4 at the given address. VERY DANGEROUS! */ static int force_addr; -module_param (force_addr, int, 0); +module_param_hw(force_addr, int, ioport, 0); MODULE_PARM_DESC(force_addr, "Forcibly enable the PIIX4 at the given address. " "EXTREMELY DANGEROUS!"); diff --git a/drivers/i2c/busses/i2c-sis5595.c b/drivers/i2c/busses/i2c-sis5595.c index 7d58a40faf2d..d543a9867ba4 100644 --- a/drivers/i2c/busses/i2c-sis5595.c +++ b/drivers/i2c/busses/i2c-sis5595.c @@ -119,7 +119,7 @@ static int blacklist[] = { /* If force_addr is set to anything different from 0, we forcibly enable the device at the given address. */ static u16 force_addr; -module_param(force_addr, ushort, 0); +module_param_hw(force_addr, ushort, ioport, 0); MODULE_PARM_DESC(force_addr, "Initialize the base address of the i2c controller"); static struct pci_driver sis5595_driver; diff --git a/drivers/i2c/busses/i2c-viapro.c b/drivers/i2c/busses/i2c-viapro.c index 0ee2646f3b00..0dc45e12bb1d 100644 --- a/drivers/i2c/busses/i2c-viapro.c +++ b/drivers/i2c/busses/i2c-viapro.c @@ -94,7 +94,7 @@ MODULE_PARM_DESC(force, "Forcibly enable the SMBus. DANGEROUS!"); /* If force_addr is set to anything different from 0, we forcibly enable the VT596 at the given address. VERY DANGEROUS! */ static u16 force_addr; -module_param(force_addr, ushort, 0); +module_param_hw(force_addr, ushort, ioport, 0); MODULE_PARM_DESC(force_addr, "Forcibly enable the SMBus at the given address. " "EXTREMELY DANGEROUS!"); diff --git a/drivers/i2c/busses/scx200_acb.c b/drivers/i2c/busses/scx200_acb.c index 0a7e410b6195..e0923bee8d1f 100644 --- a/drivers/i2c/busses/scx200_acb.c +++ b/drivers/i2c/busses/scx200_acb.c @@ -42,7 +42,7 @@ MODULE_LICENSE("GPL"); #define MAX_DEVICES 4 static int base[MAX_DEVICES] = { 0x820, 0x840 }; -module_param_array(base, int, NULL, 0); +module_param_hw_array(base, int, ioport, NULL, 0); MODULE_PARM_DESC(base, "Base addresses for the ACCESS.bus controllers"); #define POLL_TIMEOUT (HZ/5) From patchwork Fri Jun 19 16:49:28 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313164 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvk4BNXz9sWT; Sat, 20 Jun 2020 02:51:14 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEO-0007Lq-Mp; Fri, 19 Jun 2020 16:51:08 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDo-0006uC-Hm for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:32 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDn-0006Kn-Kf for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:31 +0000 Received: by mail-il1-f197.google.com with SMTP id q14so6849521ils.18 for ; Fri, 19 Jun 2020 09:50:31 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=sQA4RNjeOAFL8ZvSpU90F10ame2j3xG6L97Q7eOgZ3o=; b=PAeq6xZ2u4x2nvRsZmC2k1ZE0WzHj6KFgzgZkMdP6EK5fs1sZ9NEu44X3TzLGZb2n7 NSUPXoowz74Kf/KCKz03xIcv0reSoV/QpvmtlM7FkpWsZKdAp+9ThkmKAt9+A2Aq32WW La3FBSZ3Y8rGd0eagIsbjoIQ+4GBZgfWkrhdXm9HaPltJoNWkQslS1ztTNAeSDb6iQed 3z2rglYqWDwaZA/SKRAPfLHu0wb/GxDYpFEffQAIuki5hH8MJPc479XXHmiNVL9ZIzvu rjFsrpgiesSufbiNQtdr5yL8vpP7jYDgzztkTtbuaqnubuWotavAwtscKn3DVsSeuf5F i++Q== X-Gm-Message-State: AOAM532fOYgVNDciftY/j4BdDcprQgtwTpD5wBrRMLRmFNJlfPKVMErb 57J6dI2+0IN2XIvcN7jWqGcEmrhuA60K7Al6ss9CvZIgb2MFvOfs4gtFCBHTDJ/k+rmk9JKJLdp gW34vYAAIuQQfMsyXGqGmEaAS/fiTGkGYZ+5o/AN9ig== X-Received: by 2002:a6b:740b:: with SMTP id s11mr5372781iog.10.1592585430488; Fri, 19 Jun 2020 09:50:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz88D2i0tPOgmlrC774c8DebKsFLJJ5lGQng2OEF7Pji1LUNrW09DS3Epz38MnJbd9Y9HIqeQ== X-Received: by 2002:a6b:740b:: with SMTP id s11mr5372755iog.10.1592585430188; Fri, 19 Jun 2020 09:50:30 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id l16sm3309292ilm.58.2020.06.19.09.50.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:29 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 15/57][X] Annotate hardware config module parameters in drivers/input/ Date: Fri, 19 Jun 2020 11:49:28 -0500 Message-Id: <20200619165010.645925-16-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/input/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Dmitry Torokhov cc: linux-input@vger.kernel.org (cherry picked from commit f6b12d04346cfcc926756ded982c91c25eff0333) Signed-off-by: Seth Forshee --- drivers/input/mouse/inport.c | 2 +- drivers/input/mouse/logibm.c | 2 +- drivers/input/touchscreen/mk712.c | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/input/mouse/inport.c b/drivers/input/mouse/inport.c index 3827a22362de..9ce71dfa0de1 100644 --- a/drivers/input/mouse/inport.c +++ b/drivers/input/mouse/inport.c @@ -78,7 +78,7 @@ MODULE_LICENSE("GPL"); #define INPORT_IRQ 5 static int inport_irq = INPORT_IRQ; -module_param_named(irq, inport_irq, uint, 0); +module_param_hw_named(irq, inport_irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ number (5=default)"); static struct input_dev *inport_dev; diff --git a/drivers/input/mouse/logibm.c b/drivers/input/mouse/logibm.c index e2413113df22..6f165e053f4d 100644 --- a/drivers/input/mouse/logibm.c +++ b/drivers/input/mouse/logibm.c @@ -69,7 +69,7 @@ MODULE_LICENSE("GPL"); #define LOGIBM_IRQ 5 static int logibm_irq = LOGIBM_IRQ; -module_param_named(irq, logibm_irq, uint, 0); +module_param_hw_named(irq, logibm_irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ number (5=default)"); static struct input_dev *logibm_dev; diff --git a/drivers/input/touchscreen/mk712.c b/drivers/input/touchscreen/mk712.c index 36e57deacd03..bd5352824f77 100644 --- a/drivers/input/touchscreen/mk712.c +++ b/drivers/input/touchscreen/mk712.c @@ -50,11 +50,11 @@ MODULE_DESCRIPTION("ICS MicroClock MK712 TouchScreen driver"); MODULE_LICENSE("GPL"); static unsigned int mk712_io = 0x260; /* Also 0x200, 0x208, 0x300 */ -module_param_named(io, mk712_io, uint, 0); +module_param_hw_named(io, mk712_io, uint, ioport, 0); MODULE_PARM_DESC(io, "I/O base address of MK712 touchscreen controller"); static unsigned int mk712_irq = 10; /* Also 12, 14, 15 */ -module_param_named(irq, mk712_irq, uint, 0); +module_param_hw_named(irq, mk712_irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ of MK712 touchscreen controller"); /* eight 8-bit registers */ From patchwork Fri Jun 19 16:49:29 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313160 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvc0n0ZzB4CD; Sat, 20 Jun 2020 02:51:08 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEH-0007GA-9V; Fri, 19 Jun 2020 16:51:01 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDr-0006vl-IX for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:35 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDp-0006Ky-2N for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:33 +0000 Received: by mail-io1-f70.google.com with SMTP id t23so7210010iog.21 for ; Fri, 19 Jun 2020 09:50:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=21D9e3VSqCE7i8xDSLjIEWPWTfu0JPqpi2POaHrpW0w=; b=tHAIz2gvkA+cvGlJ3tYlPh92xBEK4sYxWvZZKEDaep8xQIYNydMQY+sHDRlsNDVWSs VRvADhTnZuYpoe/Bj4Khe0TPqwY8ic3ALh2fjlOB61d4L9a5OJZYKHpKVBheJfLIF4+2 o4Qfe3V6HT9Ir8jj8+4b+GED1kyt7mvUqbriNhD8OHhC4yzQqUajhVvLzDLUuwTuhxG/ CZxI45qpQ6x8fIQWZMqH8yBfSo+nENA47fYVAQ59vJYfidolQcd0GXx0pxTb8wJQofpz g1YI1PubibBbAew8LLc9BcnQik7cjk1sSDC+SEsd424NDjFaaGM4x4zvzLgfoYmAA5Ht QslQ== X-Gm-Message-State: AOAM532hakrcAeduQ2PXH3Ximh51kzn4JV3RpNLjEwOeVsEqBkXmV3yy ZgBKvQaHVweb0WakGKeERzbhYKSHXqKiPYd9HD2tDNpkDYDYSG94cmWrw6BiNiyjjxn+zBcuLdE ITDMw5/dSYDFHUds/LCXhwgEMtKNtzTvoeMAMbq5X1w== X-Received: by 2002:a5d:9dd2:: with SMTP id 18mr5295602ioo.196.1592585431716; Fri, 19 Jun 2020 09:50:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzsA2rio5Eo1v21/uCyYNh15InAJiLPu+zx24SGlCbSMYcRc7V6SdhUG9JPdSWFdgrSx+2ALw== X-Received: by 2002:a5d:9dd2:: with SMTP id 18mr5295585ioo.196.1592585431467; Fri, 19 Jun 2020 09:50:31 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t28sm3586370ilb.49.2020.06.19.09.50.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:30 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 16/57][X] Annotate hardware config module parameters in drivers/isdn/ Date: Fri, 19 Jun 2020 11:49:29 -0500 Message-Id: <20200619165010.645925-17-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/isdn/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Karsten Keil cc: netdev@vger.kernel.org (cherry picked from commit b9351f7e51dbbf1d850281142a55d848301d482d) Signed-off-by: Seth Forshee --- drivers/isdn/hardware/avm/b1isa.c | 4 ++-- drivers/isdn/hardware/avm/t1isa.c | 4 ++-- drivers/isdn/hisax/config.c | 10 +++++----- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/isdn/hardware/avm/b1isa.c b/drivers/isdn/hardware/avm/b1isa.c index 31ef8130a87f..54e871a47387 100644 --- a/drivers/isdn/hardware/avm/b1isa.c +++ b/drivers/isdn/hardware/avm/b1isa.c @@ -169,8 +169,8 @@ static struct pci_dev isa_dev[MAX_CARDS]; static int io[MAX_CARDS]; static int irq[MAX_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/isdn/hardware/avm/t1isa.c b/drivers/isdn/hardware/avm/t1isa.c index 72ef18853951..9516203c735f 100644 --- a/drivers/isdn/hardware/avm/t1isa.c +++ b/drivers/isdn/hardware/avm/t1isa.c @@ -516,8 +516,8 @@ static int io[MAX_CARDS]; static int irq[MAX_CARDS]; static int cardnr[MAX_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(cardnr, int, NULL, 0); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/isdn/hisax/config.c b/drivers/isdn/hisax/config.c index bf04d2a3cf4a..30da1bc106f0 100644 --- a/drivers/isdn/hisax/config.c +++ b/drivers/isdn/hisax/config.c @@ -350,13 +350,13 @@ MODULE_AUTHOR("Karsten Keil"); MODULE_LICENSE("GPL"); module_param_array(type, int, NULL, 0); module_param_array(protocol, int, NULL, 0); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); -module_param_array(mem, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); +module_param_hw_array(mem, int, iomem, NULL, 0); module_param(id, charp, 0); #ifdef IO0_IO1 -module_param_array(io0, int, NULL, 0); -module_param_array(io1, int, NULL, 0); +module_param_hw_array(io0, int, ioport, NULL, 0); +module_param_hw_array(io1, int, ioport, NULL, 0); #endif #endif /* MODULE */ From patchwork Fri Jun 19 16:49:30 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313165 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvs3DNvzB4C8; Sat, 20 Jun 2020 02:51:21 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEU-0007QT-Pw; Fri, 19 Jun 2020 16:51:14 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDs-0006wP-C4 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:36 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDq-0006L7-7B for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:34 +0000 Received: by mail-il1-f199.google.com with SMTP id s4so6893764ilc.7 for ; Fri, 19 Jun 2020 09:50:34 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=oZjnHxKTRX1BIAALuvjimTbveYb60wqvLXYE53tpma0=; b=IHhhuH/SFlgZQKxPgoGZlsIzZs36lJS24ciZK8sRAi2cahxMA8Asr4RMjpKNL9Z7f+ AmbinW+KyANwwAKVpXEqQQrlewQCGDw7dJqX+i1OvtIl712aMOZVq9EaslSqUvLfQtJA lPnDeWJEem+59JixJhXfGMN16KyrVyeyCAqZMGOC8rQB6I4mMHBlfDPVT9OyRsxiar2a OYaRWjSyE4yI7maLpxzM6DSRYrV+esP1Jpw+RHDirqCak3Nokt7Da0FQguVdUMjpwx9j r6AWGc3POJug+zjgJP/CL3COY1DIRvTTqDYK5QuY+2H0NUWJSTiIoZzusiQnPFlF8hHv PAIw== X-Gm-Message-State: AOAM531NbpIaj0ykA3CULqhtE+b1Ik38Td3OA/EIjr6rhT05sxYSvzlg a5BnvqVyuxVNSi0z0/W7N23IgIFIM6J84x8oKxEj0XGg5NqmjdgR6FaWnx7Z5ztoga9F2m8e+Xc d48T+yEIY6jYWBaPHHYSp3yJNnkK0Ab3QNuVJOWD1aw== X-Received: by 2002:a05:6e02:cd0:: with SMTP id c16mr4731175ilj.78.1592585433079; Fri, 19 Jun 2020 09:50:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyOUe94p1dse5lT8P0DzBe6TFtpUSD9waktfcXJsdJLGmWeb2neuVw+rbF4tICWSx5XGBm75Q== X-Received: by 2002:a05:6e02:cd0:: with SMTP id c16mr4731165ilj.78.1592585432781; Fri, 19 Jun 2020 09:50:32 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a20sm251254ila.5.2020.06.19.09.50.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:32 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 17/57][X] Annotate hardware config module parameters in drivers/media/ Date: Fri, 19 Jun 2020 11:49:30 -0500 Message-Id: <20200619165010.645925-18-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/media/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Mauro Carvalho Chehab cc: mjpeg-users@lists.sourceforge.net cc: linux-media@vger.kernel.org (backported from commit 5a8fc6a3cebb0dde27584603c5c4b5c72c6d810f) Signed-off-by: Seth Forshee --- drivers/media/pci/zoran/zoran_card.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/media/pci/zoran/zoran_card.c b/drivers/media/pci/zoran/zoran_card.c index 1136d92af642..4dc81cca7cdb 100644 --- a/drivers/media/pci/zoran/zoran_card.c +++ b/drivers/media/pci/zoran/zoran_card.c @@ -73,7 +73,7 @@ MODULE_PARM_DESC(card, "Card type"); */ static unsigned long vidmem; /* default = 0 - Video memory base address */ -module_param(vidmem, ulong, 0444); +module_param_hw(vidmem, ulong, iomem, 0444); MODULE_PARM_DESC(vidmem, "Default video memory base address"); /* From patchwork Fri Jun 19 16:49:31 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313163 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvp0cqRz9sVX; Sat, 20 Jun 2020 02:51:18 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKER-0007Ny-K4; Fri, 19 Jun 2020 16:51:11 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDu-0006x7-3P for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:38 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDr-0006LB-FC for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:35 +0000 Received: by mail-il1-f199.google.com with SMTP id g8so6911742ilr.1 for ; Fri, 19 Jun 2020 09:50:35 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=d+chaEpPEvOe7XOrWdcQB4G4HUo1yXAnP7ryyJDse38=; b=AgXSLydv0N/h+xa+MNa/6fijjefA/vZaCIJJRvxs1MCkFwosg9Ad4uTM1zNEEPZsgv YskEN8RO/pSUfZT0EyOeiAV4RG/oD8I5JCuT68TRD5EwrMK91PFdwMXp+wWG7pA8Gihm KaE3b4Gf2mdyCK529AgJQ2T0wj6DcxkguCFKVlF80u5zJSqLSWWw1kQxXzB3gLc0G1c0 0KB/3cTsy+z905kWYc25dxAzPJg4RXkFFUMvK1e+F2cD3sJRRPUGqB0spUH4uhfwqldN Xr1VI0fvaad/nuiQ0M8nIb56bSlM+JTJQteyV8Jw8RPst0+jGT2MmjhnmBBI0SbA1JPX QRhQ== X-Gm-Message-State: AOAM532fqu9sYq4PLPqts1ag9tmsY9ZPtd/w+f9v7EF2s2jcw/eLFzuO KY816ToRaC2OZT5dfBITriebwAE/wcNzm6sE4+WgEuor0Ynvu62FwrxSvpnS4D9nNNRS34nsOfj Wq6/ZJgdro/EYWWqPj/GTb0oPNpKSmRkDWgLIagYw1w== X-Received: by 2002:a92:de0d:: with SMTP id x13mr4533337ilm.256.1592585434268; Fri, 19 Jun 2020 09:50:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxXdKukSbbscqV8mx3DB0fk6usmz91Bb1BDpnAOJeBnZ7Uaaj1ux7q5dfUJdG4El/67D/1Img== X-Received: by 2002:a92:de0d:: with SMTP id x13mr4533312ilm.256.1592585433993; Fri, 19 Jun 2020 09:50:33 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a20sm251287ila.5.2020.06.19.09.50.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:33 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 18/57][X] Annotate hardware config module parameters in drivers/misc/ Date: Fri, 19 Jun 2020 11:49:31 -0500 Message-Id: <20200619165010.645925-19-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/misc/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: Arnd Bergmann (cherry picked from commit 4f1927dcbf79f6c7c153c8ec9beeb17364649f0c) Signed-off-by: Seth Forshee --- drivers/misc/dummy-irq.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/misc/dummy-irq.c b/drivers/misc/dummy-irq.c index acbbe0390be4..76a1015d5783 100644 --- a/drivers/misc/dummy-irq.c +++ b/drivers/misc/dummy-irq.c @@ -59,6 +59,6 @@ module_exit(dummy_irq_exit); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Jiri Kosina"); -module_param(irq, uint, 0444); +module_param_hw(irq, uint, irq, 0444); MODULE_PARM_DESC(irq, "The IRQ to register for"); MODULE_DESCRIPTION("Dummy IRQ handler driver"); From patchwork Fri Jun 19 16:49:32 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313166 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvw6KdCzB4CS; Sat, 20 Jun 2020 02:51:24 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEY-0007T4-H5; Fri, 19 Jun 2020 16:51:18 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDu-0006yI-Qw for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:38 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDs-0006LF-F1 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:36 +0000 Received: by mail-il1-f199.google.com with SMTP id a4so6898386ilq.2 for ; Fri, 19 Jun 2020 09:50:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=tbI6OR9nO9H0Cyk/Yf25ljA+851AY89QAaFmaeHBgqc=; b=bRlBt3k0yQwP1QW2GY8pWPQVmXUIebzhV/2agmq3wmEDD2kNMY3jfc26BusanKyur9 /VB+G9wWYYsFFdpbIiPi0sJN61CDAOYuOwudibV7E8lxU306mcNPApSyiIh7Q9QXaSaZ LiUMsh9cwPlmDDhBR87h9noK8id/lNTf5lbjHOG6YWu0XUGGh3ZmlRKNkKrjyA8m/g74 DhH/eaoKvfufj2rPREiz7gnX7EoJn3J3THQy+jOBQSSJg4fq6tXKAB+K5RjFBSrEtlT1 pUjy0JOZUayu0UlA040xjAKxNGpPlfGumIv8K4Bl4qZQF0mt2vnwBlDU0IuSjOcTMFEy kong== X-Gm-Message-State: AOAM530Ls84hXwXUoGlKYCVcP+j6RyXUwHgg7p9FG3AH2OYgd6Hj28Sq yOvNp3QkmoEJp3wXYSP4mtBrHqYX1YSdzHFe3TJavzKINQOgeDmqF/nq8Z0L8Bykti2AMdvvgBv RQahDCODVdVj8VfIPpL1zriqeoiPtaDy7K/HJkzsm2A== X-Received: by 2002:a92:c6c5:: with SMTP id v5mr4543295ilm.1.1592585435331; Fri, 19 Jun 2020 09:50:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx9hAMfY8nl7F8vs5ZvE4utyYiQy7tKOhiwP8LRgvs5ynfNL1y+QqHjmOFXfxWYy7v/o1H56Q== X-Received: by 2002:a92:c6c5:: with SMTP id v5mr4543273ilm.1.1592585435101; Fri, 19 Jun 2020 09:50:35 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id 13sm3383105ilg.24.2020.06.19.09.50.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:34 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 19/57][X] Annotate hardware config module parameters in drivers/mmc/host/ Date: Fri, 19 Jun 2020 11:49:32 -0500 Message-Id: <20200619165010.645925-20-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/mmc/host/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Pierre Ossman cc: Ulf Hansson cc: linux-mmc@vger.kernel.org (cherry picked from commit dac562fc5ff4956d779029d2ae379e34c791f011) Signed-off-by: Seth Forshee --- drivers/mmc/host/wbsd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/mmc/host/wbsd.c b/drivers/mmc/host/wbsd.c index c3fd16d997ca..76c7f643fab5 100644 --- a/drivers/mmc/host/wbsd.c +++ b/drivers/mmc/host/wbsd.c @@ -1995,11 +1995,11 @@ static void __exit wbsd_drv_exit(void) module_init(wbsd_drv_init); module_exit(wbsd_drv_exit); #ifdef CONFIG_PNP -module_param_named(nopnp, param_nopnp, uint, 0444); +module_param_hw_named(nopnp, param_nopnp, uint, other, 0444); #endif -module_param_named(io, param_io, uint, 0444); -module_param_named(irq, param_irq, uint, 0444); -module_param_named(dma, param_dma, int, 0444); +module_param_hw_named(io, param_io, uint, ioport, 0444); +module_param_hw_named(irq, param_irq, uint, irq, 0444); +module_param_hw_named(dma, param_dma, int, dma, 0444); MODULE_LICENSE("GPL"); MODULE_AUTHOR("Pierre Ossman "); From patchwork Fri Jun 19 16:49:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313162 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPvg3rDwzB4CL; Sat, 20 Jun 2020 02:51:11 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEL-0007Jd-Sp; Fri, 19 Jun 2020 16:51:05 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDv-0006yt-KK for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:39 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDt-0006LT-KO for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:37 +0000 Received: by mail-io1-f72.google.com with SMTP id x2so7232975iof.0 for ; Fri, 19 Jun 2020 09:50:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=LOz31QKtwpZHTHIZ41bGny0068Zy9Jo/VOjVe5Ks4zQ=; b=ckSQdTsdaaywZy+TLz+KZZ6L3aGQgED514vo7OEKg4MK1UJI1XhmiG8DBbijV/0HM7 67PKfiMdf+FoBfRSvY7TD+R0njK5gkQtGDT1ITQV66BYC/5Q20gHM52zEKAPAoWcIL7c fnx/KOEt5Q4wWH8MUK9VlQz0YDbo7+nVnaf3TsVnKn68md30f5Um9ouMExGYRMzSqbcu VtwLtk1k8K44R+8Sz7y1GSOcWP42EaJlFX7DtGJQTm1cmEa+x4o1JkEkt4FElNua3LLv 8Cn1bkzOI/QjQo/euySKxk9bZOnnj8Fb1eIe+kvyfz55qaOVjUV2BLxEK8wWEzw2WA16 CznQ== X-Gm-Message-State: AOAM5316AdTEDmLFwNYeBYpV1grXn/SReVhYIg99+4+9TyK88Kt0ALPd cX7uqx3/O8MQfnNQc2naZt415HuJTZNTTvXfYdL/8ry8PNGZy9jMuJS4t/d4TYC0zbf5JLE8uOK TE/h8Kia4bc4RZGZeqHaCI4HPXONNR+LLDIJUGaQi9A== X-Received: by 2002:a05:6e02:13f4:: with SMTP id w20mr4582372ilj.294.1592585436541; Fri, 19 Jun 2020 09:50:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw1tFl6WJeL0Jp3YqVmyTMGetPea4A3kEnn8ciu5xVhXaPK9Ud7ZeGKq/4ciObvh0JHqlzWAQ== X-Received: by 2002:a05:6e02:13f4:: with SMTP id w20mr4582359ilj.294.1592585436240; Fri, 19 Jun 2020 09:50:36 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x10sm3496317ile.34.2020.06.19.09.50.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:35 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 20/57][X] Annotate hardware config module parameters in drivers/net/appletalk/ Date: Fri, 19 Jun 2020 11:49:33 -0500 Message-Id: <20200619165010.645925-21-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/appletalk/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Arnaldo Carvalho de Melo cc: netdev@vger.kernel.org (cherry picked from commit 6621f85d79775f71de9623fdfc9135fc494d6863) Signed-off-by: Seth Forshee --- drivers/net/appletalk/cops.c | 6 +++--- drivers/net/appletalk/ltpc.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/net/appletalk/cops.c b/drivers/net/appletalk/cops.c index 7f2a032c354c..f50e87944f2e 100644 --- a/drivers/net/appletalk/cops.c +++ b/drivers/net/appletalk/cops.c @@ -986,9 +986,9 @@ static int cops_close(struct net_device *dev) static struct net_device *cops_dev; MODULE_LICENSE("GPL"); -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(board_type, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(board_type, int, other, 0); static int __init cops_module_init(void) { diff --git a/drivers/net/appletalk/ltpc.c b/drivers/net/appletalk/ltpc.c index 01e2ac55c137..ac755d2950a6 100644 --- a/drivers/net/appletalk/ltpc.c +++ b/drivers/net/appletalk/ltpc.c @@ -1231,9 +1231,9 @@ static struct net_device *dev_ltpc; MODULE_LICENSE("GPL"); module_param(debug, int, 0); -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(dma, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(dma, int, dma, 0); static int __init ltpc_module_init(void) From patchwork Fri Jun 19 16:49:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313167 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPw31SZxzB4CF; Sat, 20 Jun 2020 02:51:31 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEd-0007XR-VM; Fri, 19 Jun 2020 16:51:23 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDv-0006zq-Oy for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:39 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDu-0006LX-TE for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:39 +0000 Received: by mail-io1-f71.google.com with SMTP id g3so7219012ioc.20 for ; Fri, 19 Jun 2020 09:50:38 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EAAy2jsyO/x+py6Ttd3XgcKs2zdMfVXyxg2ZwvdpDoU=; b=X+PovGSa5gUmJ/7wjvJOBV6jX97sQ9/Iy6GuMHpSZ6wlJN8PMgzRByW/sBL2psWhNi 1c9lZBRnnw0n/P5z5tSOQVJ0edBgZrcQl9NT7vHSCjeLGDb62tklXjSAWyv/FhTMowfA u2gNMRIgNGLP5DmOW2mKXSRouRK0fN1FL1elmu7TRxStYxudRvIptInmsY4t7ODkLNZZ d1WasLx5jBAxQTWfiyUPP3Q9Awn2XAsXCh34Yhbp9rEIbh45g8iJS5adfNZfeBL6kYsO ZJoMFSmybPXtnjxV+qwvMJh48ulViCKthM4DRrIlhITHbRj0csFAOQgqfekCENUTtl2C NA8g== X-Gm-Message-State: AOAM533rT8z/yvzA2Uk2ldpQsQ7dcwYvInWXUmi4Ms9WItAl7ABBtrM6 XUEOAfCptCDh4PL1lHcrphNJsoB91luMtWBXnyCBgg8XSbn4ZZFf2KnAv/0VDWTgyEZ5Qr0J0LZ dLeW2RuZSZibfROrnw6k1rwptKk7MjY6TCYLyXqg2xg== X-Received: by 2002:a05:6602:2004:: with SMTP id y4mr5292635iod.130.1592585437662; Fri, 19 Jun 2020 09:50:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzLdW51hi5XMMi2LmBBYPHjW/WhDDKSMRNvCp6AvFEgJRbIVNGZLmvke1q9C4J9xQYvnrhYrA== X-Received: by 2002:a05:6602:2004:: with SMTP id y4mr5292622iod.130.1592585437388; Fri, 19 Jun 2020 09:50:37 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id d71sm3547291ill.9.2020.06.19.09.50.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:36 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 21/57][X] Annotate hardware config module parameters in drivers/net/arcnet/ Date: Fri, 19 Jun 2020 11:49:34 -0500 Message-Id: <20200619165010.645925-22-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/arcnet/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Michael Grzeschik cc: netdev@vger.kernel.org (cherry picked from commit 06a5128a29b3d67fadff5d9593d79b815d8b34d8) Signed-off-by: Seth Forshee --- drivers/net/arcnet/com20020-isa.c | 4 ++-- drivers/net/arcnet/com90io.c | 4 ++-- drivers/net/arcnet/com90xx.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/drivers/net/arcnet/com20020-isa.c b/drivers/net/arcnet/com20020-isa.c index b9e9931353b2..38fa60ddaf2e 100644 --- a/drivers/net/arcnet/com20020-isa.c +++ b/drivers/net/arcnet/com20020-isa.c @@ -129,8 +129,8 @@ static int clockp = 0; static int clockm = 0; module_param(node, int, 0); -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param_string(device, device, sizeof(device), 0); module_param(timeout, int, 0); module_param(backplane, int, 0); diff --git a/drivers/net/arcnet/com90io.c b/drivers/net/arcnet/com90io.c index b57863df5bf5..4e56aaf2b984 100644 --- a/drivers/net/arcnet/com90io.c +++ b/drivers/net/arcnet/com90io.c @@ -347,8 +347,8 @@ static int io; /* use the insmod io= irq= shmem= options */ static int irq; static char device[9]; /* use eg. device=arc1 to change name */ -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param_string(device, device, sizeof(device), 0); MODULE_LICENSE("GPL"); diff --git a/drivers/net/arcnet/com90xx.c b/drivers/net/arcnet/com90xx.c index 0d9b45ff1bb2..7cbdfca6d189 100644 --- a/drivers/net/arcnet/com90xx.c +++ b/drivers/net/arcnet/com90xx.c @@ -88,8 +88,8 @@ static int irq; static int shmem; static char device[9]; /* use eg. device=arc1 to change name */ -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param(shmem, int, 0); module_param_string(device, device, sizeof(device), 0); From patchwork Fri Jun 19 16:49:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313172 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwQ6XHKz9sVW; Sat, 20 Jun 2020 02:51:50 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEz-0007mZ-Cv; Fri, 19 Jun 2020 16:51:45 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDy-00071A-7R for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:42 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDw-0006Lg-08 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:40 +0000 Received: by mail-io1-f69.google.com with SMTP id r19so921567iod.6 for ; Fri, 19 Jun 2020 09:50:39 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Jr+ltGGcvLqJABwXgglZ8VVpMNwMHnI1YYW3tqv3Xsc=; b=DzlCBAWiEyd98AymVJYbYJDAgCZxhRDLeRA2F3+VzNxp64uYHTvZcGtHiqPd3VlwRX lPTIo050MsCYx8cACYXRIFE4qTmMldArPJaQbg1o1MFTlSVQX8odvT5E3fm5lpbZ64ha wSM7rGStDIwsGqMWSnwRsswetLeRQx9E2FNLG1wqc0LZAZko1UECHB61bbhhZWwOFZXq lcjDPLgNCvpzfs4nBbMDB0vIk2gZhQ0XKP0+HxRDDwRXUWDXw/0XXj72gqQ7E3tNABs3 EzxcB2oswFj+Azr1/qbR5BxFKfA3K1GLOHeFPYL14u/TqRiardl8uXHqfzjAaZ5Ca8tI kvew== X-Gm-Message-State: AOAM532RmLWKbSTh5hbOBDwZzjqKKF9uQBZed4de8Bi7t0bhwiad8d/C c36DqQ5MdgtobhGRE4/SSVtOiKcJdp3SkCkQvZnYRBK5e685/dXDMoWvCDmsYpHTa4eQj84PeP4 mKNRcoPx6QDI/8GE/z97zwVaEHY0KhKbsBtDLqgPWGg== X-Received: by 2002:a6b:6c11:: with SMTP id a17mr5290545ioh.154.1592585438831; Fri, 19 Jun 2020 09:50:38 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwdGfQiuzKh1MukIHtjrJYao5bctgZE4wNuz2zHS93Qw0GbnBBeDwWw924HGz9KYuuSj4BdJQ== X-Received: by 2002:a6b:6c11:: with SMTP id a17mr5290530ioh.154.1592585438593; Fri, 19 Jun 2020 09:50:38 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id v16sm3385221ilo.47.2020.06.19.09.50.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:38 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 22/57][X] Annotate hardware config module parameters in drivers/net/can/ Date: Fri, 19 Jun 2020 11:49:35 -0500 Message-Id: <20200619165010.645925-23-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/can/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Marc Kleine-Budde cc: Wolfgang Grandegger cc: linux-can@vger.kernel.org cc: netdev@vger.kernel.org (cherry picked from commit e43f2c52a07793cb97e4a963a5b90d4af311c3d5) Signed-off-by: Seth Forshee --- drivers/net/can/cc770/cc770_isa.c | 8 ++++---- drivers/net/can/sja1000/sja1000_isa.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/drivers/net/can/cc770/cc770_isa.c b/drivers/net/can/cc770/cc770_isa.c index e0d15711e9ac..3a30fd3b4498 100644 --- a/drivers/net/can/cc770/cc770_isa.c +++ b/drivers/net/can/cc770/cc770_isa.c @@ -82,16 +82,16 @@ static u8 cor[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; static u8 bcr[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; static int indirect[MAXDEV] = {[0 ... (MAXDEV - 1)] = -1}; -module_param_array(port, ulong, NULL, S_IRUGO); +module_param_hw_array(port, ulong, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(port, "I/O port number"); -module_param_array(mem, ulong, NULL, S_IRUGO); +module_param_hw_array(mem, ulong, iomem, NULL, S_IRUGO); MODULE_PARM_DESC(mem, "I/O memory address"); -module_param_array(indirect, int, NULL, S_IRUGO); +module_param_hw_array(indirect, int, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(indirect, "Indirect access via address and data port"); -module_param_array(irq, int, NULL, S_IRUGO); +module_param_hw_array(irq, int, irq, NULL, S_IRUGO); MODULE_PARM_DESC(irq, "IRQ number"); module_param_array(clk, int, NULL, S_IRUGO); diff --git a/drivers/net/can/sja1000/sja1000_isa.c b/drivers/net/can/sja1000/sja1000_isa.c index e97e6d35b300..a89c1e92554d 100644 --- a/drivers/net/can/sja1000/sja1000_isa.c +++ b/drivers/net/can/sja1000/sja1000_isa.c @@ -48,16 +48,16 @@ static unsigned char ocr[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; static int indirect[MAXDEV] = {[0 ... (MAXDEV - 1)] = -1}; static spinlock_t indirect_lock[MAXDEV]; /* lock for indirect access mode */ -module_param_array(port, ulong, NULL, S_IRUGO); +module_param_hw_array(port, ulong, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(port, "I/O port number"); -module_param_array(mem, ulong, NULL, S_IRUGO); +module_param_hw_array(mem, ulong, iomem, NULL, S_IRUGO); MODULE_PARM_DESC(mem, "I/O memory address"); -module_param_array(indirect, int, NULL, S_IRUGO); +module_param_hw_array(indirect, int, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(indirect, "Indirect access via address and data port"); -module_param_array(irq, int, NULL, S_IRUGO); +module_param_hw_array(irq, int, irq, NULL, S_IRUGO); MODULE_PARM_DESC(irq, "IRQ number"); module_param_array(clk, int, NULL, S_IRUGO); From patchwork Fri Jun 19 16:49:36 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313173 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwV3mVGzB4CD; Sat, 20 Jun 2020 02:51:54 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKF2-0007oG-5c; Fri, 19 Jun 2020 16:51:48 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDz-00072F-OK for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:43 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDx-0006Lo-CM for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:41 +0000 Received: by mail-il1-f198.google.com with SMTP id o12so6895911ilf.6 for ; Fri, 19 Jun 2020 09:50:41 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ITGfBKCLXhUTcBEiWFZy+NDWQ7nCiOs9WP7/uK6Psi8=; b=Cn/j0hqB+9keZGraRTBo5pyslFlCI9RZv1uLNB/jJw5H/L41GTVQHyr0feNWcY06G5 13sTuh8uHtfSVprY/6lvSabeNdMBLiIk6UT6yIh8+J4ZRomV8V4ml6BU7rab5BO1tnVJ lnrfN1OJpgg9Un7w6ysV37aBUbWhZ+4ezs+/P9zHpxLSko5FMgxS5ilH74+9ltw9lQgO BM8p0RYJBiF8MZ3+ANhqhUjYS5Vkqs3v1nPkugBLNjD3G9P1JjqIA7RMRo6bjj4bBM8m ByCn2EetYtE5Q216j/JgQYiLEDhzHq4UXJOgH+3+zUE/Rob5LO61OumD+qog0DG7f4m6 BG9A== X-Gm-Message-State: AOAM532TufuYj2P8DxvyBmZ9FvrpMhpY5oIFdxDNm5UqCRmtHdQNnEtm SWurjsKF06gE5vEzPSPwLSnHbrBJoz6yyUsZW2jqCTR2U0+0LTx9MeAxMfvNqP7fk8Lq4Qu0rv0 wNHhdu7AxP/JbxLmjRZ5imHNSWrpoj7sBzS+8Z/gp3g== X-Received: by 2002:a05:6e02:13af:: with SMTP id h15mr4372905ilo.153.1592585440079; Fri, 19 Jun 2020 09:50:40 -0700 (PDT) X-Google-Smtp-Source: ABdhPJycMWhLbAx4NwTkEjZN4kPzmM68utrAhoORawR6odOCmBc1Kmzm4ntaCEzwHnL8qhWKR09Baw== X-Received: by 2002:a05:6e02:13af:: with SMTP id h15mr4372886ilo.153.1592585439725; Fri, 19 Jun 2020 09:50:39 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r10sm3507904ile.36.2020.06.19.09.50.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:39 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 23/57][X] Annotate hardware config module parameters in drivers/net/ethernet/ Date: Fri, 19 Jun 2020 11:49:36 -0500 Message-Id: <20200619165010.645925-24-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/ethernet/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Steffen Klassert cc: Jaroslav Kysela cc: netdev@vger.kernel.org cc: linux-parisc@vger.kernel.org (cherry picked from commit df29840815a6aaa6a1ab8d85d7745a1a6fc25de0) Signed-off-by: Seth Forshee --- drivers/net/ethernet/3com/3c509.c | 2 +- drivers/net/ethernet/3com/3c59x.c | 4 ++-- drivers/net/ethernet/8390/ne.c | 4 ++-- drivers/net/ethernet/8390/smc-ultra.c | 4 ++-- drivers/net/ethernet/8390/wd.c | 8 ++++---- drivers/net/ethernet/amd/lance.c | 6 +++--- drivers/net/ethernet/amd/ni65.c | 6 +++--- drivers/net/ethernet/cirrus/cs89x0.c | 6 +++--- drivers/net/ethernet/dec/tulip/de4x5.c | 2 +- drivers/net/ethernet/hp/hp100.c | 2 +- drivers/net/ethernet/realtek/atp.c | 4 ++-- drivers/net/ethernet/smsc/smc9194.c | 4 ++-- 12 files changed, 26 insertions(+), 26 deletions(-) diff --git a/drivers/net/ethernet/3com/3c509.c b/drivers/net/ethernet/3com/3c509.c index 7677c745fb30..c1111eeb189b 100644 --- a/drivers/net/ethernet/3com/3c509.c +++ b/drivers/net/ethernet/3com/3c509.c @@ -1369,7 +1369,7 @@ el3_resume(struct device *pdev) #endif /* CONFIG_PM */ module_param(debug,int, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(max_interrupt_work, int, 0); MODULE_PARM_DESC(debug, "debug level (0-6)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/net/ethernet/3com/3c59x.c b/drivers/net/ethernet/3com/3c59x.c index 1c5f3b273e6a..92b90624d913 100644 --- a/drivers/net/ethernet/3com/3c59x.c +++ b/drivers/net/ethernet/3com/3c59x.c @@ -813,8 +813,8 @@ module_param(global_enable_wol, int, 0); module_param_array(enable_wol, int, NULL, 0); module_param(rx_copybreak, int, 0); module_param(max_interrupt_work, int, 0); -module_param(compaq_ioaddr, int, 0); -module_param(compaq_irq, int, 0); +module_param_hw(compaq_ioaddr, int, ioport, 0); +module_param_hw(compaq_irq, int, irq, 0); module_param(compaq_device_id, int, 0); module_param(watchdog, int, 0); module_param(global_use_mmio, int, 0); diff --git a/drivers/net/ethernet/8390/ne.c b/drivers/net/ethernet/8390/ne.c index c063b410a163..66f47987e2a2 100644 --- a/drivers/net/ethernet/8390/ne.c +++ b/drivers/net/ethernet/8390/ne.c @@ -74,8 +74,8 @@ static int bad[MAX_NE_CARDS]; static u32 ne_msg_enable; #ifdef MODULE -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(bad, int, NULL, 0); module_param_named(msg_enable, ne_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); MODULE_PARM_DESC(io, "I/O base address(es),required"); diff --git a/drivers/net/ethernet/8390/smc-ultra.c b/drivers/net/ethernet/8390/smc-ultra.c index 139385dcdaa7..c5dbf6938a4e 100644 --- a/drivers/net/ethernet/8390/smc-ultra.c +++ b/drivers/net/ethernet/8390/smc-ultra.c @@ -562,8 +562,8 @@ static struct net_device *dev_ultra[MAX_ULTRA_CARDS]; static int io[MAX_ULTRA_CARDS]; static int irq[MAX_ULTRA_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_named(msg_enable, ultra_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); diff --git a/drivers/net/ethernet/8390/wd.c b/drivers/net/ethernet/8390/wd.c index dd7d816bde52..e16deef661e3 100644 --- a/drivers/net/ethernet/8390/wd.c +++ b/drivers/net/ethernet/8390/wd.c @@ -504,10 +504,10 @@ static int irq[MAX_WD_CARDS]; static int mem[MAX_WD_CARDS]; static int mem_end[MAX_WD_CARDS]; /* for non std. mem size */ -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); -module_param_array(mem, int, NULL, 0); -module_param_array(mem_end, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); +module_param_hw_array(mem, int, iomem, NULL, 0); +module_param_hw_array(mem_end, int, iomem, NULL, 0); module_param_named(msg_enable, wd_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); MODULE_PARM_DESC(io, "I/O base address(es)"); MODULE_PARM_DESC(irq, "IRQ number(s) (ignored for PureData boards)"); diff --git a/drivers/net/ethernet/amd/lance.c b/drivers/net/ethernet/amd/lance.c index 256f590f6bb1..2b5f16131a51 100644 --- a/drivers/net/ethernet/amd/lance.c +++ b/drivers/net/ethernet/amd/lance.c @@ -318,9 +318,9 @@ static int io[MAX_CARDS]; static int dma[MAX_CARDS]; static int irq[MAX_CARDS]; -module_param_array(io, int, NULL, 0); -module_param_array(dma, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(lance_debug, int, 0); MODULE_PARM_DESC(io, "LANCE/PCnet I/O base address(es),required"); MODULE_PARM_DESC(dma, "LANCE/PCnet ISA DMA channel (ignored for some devices)"); diff --git a/drivers/net/ethernet/amd/ni65.c b/drivers/net/ethernet/amd/ni65.c index 1cf33addd15e..f33def497e6c 100644 --- a/drivers/net/ethernet/amd/ni65.c +++ b/drivers/net/ethernet/amd/ni65.c @@ -1228,9 +1228,9 @@ static void set_multicast_list(struct net_device *dev) #ifdef MODULE static struct net_device *dev_ni65; -module_param(irq, int, 0); -module_param(io, int, 0); -module_param(dma, int, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(dma, int, dma, 0); MODULE_PARM_DESC(irq, "ni6510 IRQ number (ignored for some cards)"); MODULE_PARM_DESC(io, "ni6510 I/O base address"); MODULE_PARM_DESC(dma, "ni6510 ISA DMA channel (ignored for some cards)"); diff --git a/drivers/net/ethernet/cirrus/cs89x0.c b/drivers/net/ethernet/cirrus/cs89x0.c index 60383040d6c6..8a13680115ee 100644 --- a/drivers/net/ethernet/cirrus/cs89x0.c +++ b/drivers/net/ethernet/cirrus/cs89x0.c @@ -1703,12 +1703,12 @@ static int use_dma; /* These generate unused var warnings if ALLOW_DMA = 0 */ static int dma; static int dmasize = 16; /* or 64 */ -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param(debug, int, 0); module_param_string(media, media, sizeof(media), 0); module_param(duplex, int, 0); -module_param(dma , int, 0); +module_param_hw(dma , int, dma, 0); module_param(dmasize , int, 0); module_param(use_dma , int, 0); MODULE_PARM_DESC(io, "cs89x0 I/O base address"); diff --git a/drivers/net/ethernet/dec/tulip/de4x5.c b/drivers/net/ethernet/dec/tulip/de4x5.c index 7799cf33cc6e..3ea4e8bbb2d0 100644 --- a/drivers/net/ethernet/dec/tulip/de4x5.c +++ b/drivers/net/ethernet/dec/tulip/de4x5.c @@ -1015,7 +1015,7 @@ static int compact_infoblock(struct net_device *dev, u_char count, u_char *p static int io=0x0;/* EDIT THIS LINE FOR YOUR CONFIGURATION IF NEEDED */ -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); module_param(de4x5_debug, int, 0); module_param(dec_only, int, 0); module_param(args, charp, 0); diff --git a/drivers/net/ethernet/hp/hp100.c b/drivers/net/ethernet/hp/hp100.c index 884aa809baac..e1e066a89369 100644 --- a/drivers/net/ethernet/hp/hp100.c +++ b/drivers/net/ethernet/hp/hp100.c @@ -2968,7 +2968,7 @@ MODULE_DESCRIPTION("HP CASCADE Architecture Driver for 100VG-AnyLan Network Adap #define HP100_DEVICES 5 /* Parameters set by insmod */ static int hp100_port[HP100_DEVICES] = { 0, [1 ... (HP100_DEVICES-1)] = -1 }; -module_param_array(hp100_port, int, NULL, 0); +module_param_hw_array(hp100_port, int, ioport, NULL, 0); /* List of devices */ static struct net_device *hp100_devlist[HP100_DEVICES]; diff --git a/drivers/net/ethernet/realtek/atp.c b/drivers/net/ethernet/realtek/atp.c index d77d60ea8202..b01ebd79cbb2 100644 --- a/drivers/net/ethernet/realtek/atp.c +++ b/drivers/net/ethernet/realtek/atp.c @@ -151,8 +151,8 @@ MODULE_LICENSE("GPL"); module_param(max_interrupt_work, int, 0); module_param(debug, int, 0); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(xcvr, int, NULL, 0); MODULE_PARM_DESC(max_interrupt_work, "ATP maximum events handled per interrupt"); MODULE_PARM_DESC(debug, "ATP debug level (0-7)"); diff --git a/drivers/net/ethernet/smsc/smc9194.c b/drivers/net/ethernet/smsc/smc9194.c index 664f596971b5..baa1121ce8b8 100644 --- a/drivers/net/ethernet/smsc/smc9194.c +++ b/drivers/net/ethernet/smsc/smc9194.c @@ -1502,8 +1502,8 @@ static void smc_set_multicast_list(struct net_device *dev) static struct net_device *devSMC9194; MODULE_LICENSE("GPL"); -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); module_param(ifport, int, 0); MODULE_PARM_DESC(io, "SMC 99194 I/O base address"); MODULE_PARM_DESC(irq, "SMC 99194 IRQ number"); From patchwork Fri Jun 19 16:49:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313174 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwZ1VcjzB4CJ; Sat, 20 Jun 2020 02:51:58 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKF5-0007qd-Sb; Fri, 19 Jun 2020 16:51:51 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE0-00072p-I3 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:44 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDy-0006Lu-Er for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:42 +0000 Received: by mail-il1-f198.google.com with SMTP id c29so6880514ilf.20 for ; Fri, 19 Jun 2020 09:50:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3m9BcutPCftQjeLaUt/aYJSN8YjoSwQinFTT7E3tWgA=; b=d3ADjiShqrcxtEXjE9U8ISu07LqZMseEOHT9l9ekkZNVbgD8PaZ1lgBwOKLOQKXqWl rqTMl3HCTsr2ChxPKH/D5SmHVRmCbpxdIwDW0N6H33XYaosq36hjJbsRu4bASx8CKerB MeuUFNs+th0T1mYaTRZ3iVZ1RwWenDd/FzazAsyplHd1iPPELP+V+/Kf3yOK4NAzAxbw WwswHofupCLlUGA9BAF8FN6wlAsp8PIS8yO/v3F0E8B7DLzE2QBJCQaSMBhag+s1GmeQ 5RyL39YzB6YbD+MXZdM8F5N4wFkzfjWmPbxvS0DSkRJq3/57ECO1bgeA9QohzVLtMHLQ 6opQ== X-Gm-Message-State: AOAM531q1VNVX/4fet4gGYUqOFXTCcWd6pquyrT2zIVo3HwuAkwd/Ckb 4zd+cMqpt/doCSdGQMPw3zMTG7Q7B5sj9fh0DUukLxkaPeJdSGQGGci3XxTmj8ZI3O2vkHK+zAG GtMCSjqIkyirknJenErEHs6r5U2iFilxQpYwE8OcOyw== X-Received: by 2002:a05:6e02:8ea:: with SMTP id n10mr4301438ilt.58.1592585441304; Fri, 19 Jun 2020 09:50:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzPRK2/Ukucub3XpYia1iWQ7wdSn3dyWi4StoF0kaovfizsvsyZMngoGH7r19/EcmsQaA62TA== X-Received: by 2002:a05:6e02:8ea:: with SMTP id n10mr4301417ilt.58.1592585441050; Fri, 19 Jun 2020 09:50:41 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y13sm3637095iob.51.2020.06.19.09.50.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:40 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 24/57][X] Annotate hardware config module parameters in drivers/net/hamradio/ Date: Fri, 19 Jun 2020 11:49:37 -0500 Message-Id: <20200619165010.645925-25-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/hamradio/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Thomas Sailer cc: Joerg Reuter cc: linux-hams@vger.kernel.org cc: netdev@vger.kernel.org (cherry picked from commit b658e5d854d4e9015d83133a826ec734770deefb) Signed-off-by: Seth Forshee --- drivers/net/hamradio/baycom_epp.c | 2 +- drivers/net/hamradio/baycom_par.c | 2 +- drivers/net/hamradio/baycom_ser_fdx.c | 4 ++-- drivers/net/hamradio/baycom_ser_hdx.c | 4 ++-- drivers/net/hamradio/dmascc.c | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/net/hamradio/baycom_epp.c b/drivers/net/hamradio/baycom_epp.c index 72c9f1f352b4..8c5db53e8742 100644 --- a/drivers/net/hamradio/baycom_epp.c +++ b/drivers/net/hamradio/baycom_epp.c @@ -1170,7 +1170,7 @@ static int iobase[NR_PORTS] = { 0x378, }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); diff --git a/drivers/net/hamradio/baycom_par.c b/drivers/net/hamradio/baycom_par.c index acb636963e90..6f05792f6999 100644 --- a/drivers/net/hamradio/baycom_par.c +++ b/drivers/net/hamradio/baycom_par.c @@ -481,7 +481,7 @@ static int iobase[NR_PORTS] = { 0x378, }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode; eg. par96 or picpar"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); diff --git a/drivers/net/hamradio/baycom_ser_fdx.c b/drivers/net/hamradio/baycom_ser_fdx.c index 636b65c66d49..6b07ef9ca345 100644 --- a/drivers/net/hamradio/baycom_ser_fdx.c +++ b/drivers/net/hamradio/baycom_ser_fdx.c @@ -612,9 +612,9 @@ static int baud[NR_PORTS] = { [0 ... NR_PORTS-1] = 1200 }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode; * for software DCD"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "baycom irq number"); module_param_array(baud, int, NULL, 0); MODULE_PARM_DESC(baud, "baycom baud rate (300 to 4800)"); diff --git a/drivers/net/hamradio/baycom_ser_hdx.c b/drivers/net/hamradio/baycom_ser_hdx.c index f9a8976195ba..1b310493ba8a 100644 --- a/drivers/net/hamradio/baycom_ser_hdx.c +++ b/drivers/net/hamradio/baycom_ser_hdx.c @@ -642,9 +642,9 @@ static int irq[NR_PORTS] = { 4, }; module_param_array(mode, charp, NULL, 0); MODULE_PARM_DESC(mode, "baycom operating mode; * for software DCD"); -module_param_array(iobase, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); MODULE_PARM_DESC(iobase, "baycom io base address"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "baycom irq number"); MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); diff --git a/drivers/net/hamradio/dmascc.c b/drivers/net/hamradio/dmascc.c index c3d377770616..bf52868aee38 100644 --- a/drivers/net/hamradio/dmascc.c +++ b/drivers/net/hamradio/dmascc.c @@ -274,7 +274,7 @@ static unsigned long rand; MODULE_AUTHOR("Klaus Kudielka"); MODULE_DESCRIPTION("Driver for high-speed SCC boards"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_LICENSE("GPL"); static void __exit dmascc_exit(void) From patchwork Fri Jun 19 16:49:38 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313168 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPw72rd4zB4CL; Sat, 20 Jun 2020 02:51:35 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEj-0007b6-4F; Fri, 19 Jun 2020 16:51:29 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE0-00073w-PW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:44 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKDz-0006M7-O4 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:43 +0000 Received: by mail-io1-f71.google.com with SMTP id i204so4703246ioa.2 for ; Fri, 19 Jun 2020 09:50:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uTBXWfh5orR41bUJOe7Ev59lOrAlt+upYQ0ls0b/tCI=; b=mv7Fgu5zEwEWX2biAI/fLd4DnQCU/ehgPc/3Ws1SGjRRr5TRCc7RgWgx3uKTt4BKvr Nu9R8DK698qpml1hzsuMcm70QmzGnQs1pAc0tENtP6aXxm2KX7QYjKOW6AxodroxQ1Ln s0oDC25LIZemP91DBP34WC+POjU64MlCnjgGVb+uOYbUfPKRa0mpj1Hz9GsbtG3PO/Yx xUyl2kcRINOFl6PQAlyDrVXeAj+HqBc6uHqVHfwCTMjEwcRI0wtydbS4+Ta5+quuCvBl 4aeZtQPMoVdj2x9PSJeVH5J1lq7Itr1xA2i0c/955fhPLWVlEZniOyGpswBIuRcW735M cr1A== X-Gm-Message-State: AOAM532YP5wWPh5ps3+V0s4mJfKrtK6GTzEYOWFEoOrTzG4EihE5DdwA /E/yvRxUg2+nipL75SD9uIIFQeHuVL9uur0WWFSiT6kIJMaYwSCytyyPu3Jjq0WcQAJat8GEdGL sqSRbfgFLzMUQCOz+lmDTGG89Bbqe6YKZFWXYQU9Rtg== X-Received: by 2002:a92:4948:: with SMTP id w69mr4103145ila.15.1592585442532; Fri, 19 Jun 2020 09:50:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz3HSjJGaUYME5c5YthXnw59se2sxbH3MjKwpsZQBMJUHfUG9nONwJbBVLIO77oJk12m8+kEQ== X-Received: by 2002:a92:4948:: with SMTP id w69mr4103123ila.15.1592585442269; Fri, 19 Jun 2020 09:50:42 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a13sm3524497ill.51.2020.06.19.09.50.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:41 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 25/57][X] Annotate hardware config module parameters in drivers/net/irda/ Date: Fri, 19 Jun 2020 11:49:38 -0500 Message-Id: <20200619165010.645925-26-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/irda/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Samuel Ortiz cc: netdev@vger.kernel.org (cherry picked from commit 4f06e652721da79e032d3ba38bc1589bd553a5fc) Signed-off-by: Seth Forshee --- drivers/net/irda/ali-ircc.c | 6 +++--- drivers/net/irda/nsc-ircc.c | 6 +++--- drivers/net/irda/smsc-ircc2.c | 10 +++++----- drivers/net/irda/w83977af_ir.c | 4 ++-- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/drivers/net/irda/ali-ircc.c b/drivers/net/irda/ali-ircc.c index 64bb44d5d867..c50ab723b850 100644 --- a/drivers/net/irda/ali-ircc.c +++ b/drivers/net/irda/ali-ircc.c @@ -2207,11 +2207,11 @@ MODULE_LICENSE("GPL"); MODULE_ALIAS("platform:" ALI_IRCC_DRIVER_NAME); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "Base I/O addresses"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ lines"); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); MODULE_PARM_DESC(dma, "DMA channels"); module_init(ali_ircc_init); diff --git a/drivers/net/irda/nsc-ircc.c b/drivers/net/irda/nsc-ircc.c index dc0dbd8dd0b5..b7f3873b13c7 100644 --- a/drivers/net/irda/nsc-ircc.c +++ b/drivers/net/irda/nsc-ircc.c @@ -2395,11 +2395,11 @@ MODULE_LICENSE("GPL"); module_param(qos_mtt_bits, int, 0); MODULE_PARM_DESC(qos_mtt_bits, "Minimum Turn Time"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "Base I/O addresses"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ lines"); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); MODULE_PARM_DESC(dma, "DMA channels"); module_param(dongle_id, int, 0); MODULE_PARM_DESC(dongle_id, "Type-id of used dongle"); diff --git a/drivers/net/irda/smsc-ircc2.c b/drivers/net/irda/smsc-ircc2.c index b455ffe8850c..f28a1fe8f9dd 100644 --- a/drivers/net/irda/smsc-ircc2.c +++ b/drivers/net/irda/smsc-ircc2.c @@ -82,24 +82,24 @@ MODULE_PARM_DESC(nopnp, "Do not use PNP to detect controller settings, defaults #define DMA_INVAL 255 static int ircc_dma = DMA_INVAL; -module_param(ircc_dma, int, 0); +module_param_hw(ircc_dma, int, dma, 0); MODULE_PARM_DESC(ircc_dma, "DMA channel"); #define IRQ_INVAL 255 static int ircc_irq = IRQ_INVAL; -module_param(ircc_irq, int, 0); +module_param_hw(ircc_irq, int, irq, 0); MODULE_PARM_DESC(ircc_irq, "IRQ line"); static int ircc_fir; -module_param(ircc_fir, int, 0); +module_param_hw(ircc_fir, int, ioport, 0); MODULE_PARM_DESC(ircc_fir, "FIR Base Address"); static int ircc_sir; -module_param(ircc_sir, int, 0); +module_param_hw(ircc_sir, int, ioport, 0); MODULE_PARM_DESC(ircc_sir, "SIR Base Address"); static int ircc_cfg; -module_param(ircc_cfg, int, 0); +module_param_hw(ircc_cfg, int, ioport, 0); MODULE_PARM_DESC(ircc_cfg, "Configuration register base address"); static int ircc_transceiver; diff --git a/drivers/net/irda/w83977af_ir.c b/drivers/net/irda/w83977af_ir.c index e8c3a8c32534..d17389117b2d 100644 --- a/drivers/net/irda/w83977af_ir.c +++ b/drivers/net/irda/w83977af_ir.c @@ -1266,9 +1266,9 @@ MODULE_LICENSE("GPL"); module_param(qos_mtt_bits, int, 0); MODULE_PARM_DESC(qos_mtt_bits, "Mimimum Turn Time"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "Base I/O addresses"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "IRQ lines"); /* From patchwork Fri Jun 19 16:49:39 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313169 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwC3L3zzB3wr; Sat, 20 Jun 2020 02:51:39 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEn-0007eA-DB; Fri, 19 Jun 2020 16:51:33 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE3-00075P-S7 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:48 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE1-0006MT-01 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:45 +0000 Received: by mail-il1-f197.google.com with SMTP id q14so6850028ils.18 for ; Fri, 19 Jun 2020 09:50:44 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+C9vfCHsfBvDtq4HNTDMkPqh6jimkPvow2uhCCNL/Z4=; b=GmAC+n1Bd1UmASz6GMWUJnSlIrXWaY6MwAe9USt2iDcFmt71l/8jZBhe7BGzUoUQqc k1pttUjJ9K1rfoiN5EDGRHKWSSgg62h6+O6XpxDLYvlUnc9Z+/4te6D/KQytQOfopnYS GWjTmq9Gb8Zy3N4MK8j6jkvFOUTxArXdrmXyUiSzmekLlGpGQGS7EgOxEJIDEj94tUQV swqV26qtGK9POXjds0xb35rp8ryvoKGdxil/VjKvF21rPXbhIrJTXxZEVZcyd2nimDY3 5fG0gEalmBGYh3o9bjL7sz6os2Y8QbAufEYrJm18tcmsTMHQMa15XWQak94NX5JrsxI2 Il2w== X-Gm-Message-State: AOAM531deYdfW6o6rp60IkcbEcm12uVMHzpkRGiEXq3liRegtJfsonkQ 3tK+1z9V8qSAzl4PI3BGRHDAxFo3/Wk3WHq/QWO36PsMzGZQsumXvtiQx20aXYxCGoudpiQ0T/g +1wqgNF8Ccx3UZepSC+2PlRQ+zor0zWjWoMYIVzlFMg== X-Received: by 2002:a5e:9908:: with SMTP id t8mr5361005ioj.171.1592585443782; Fri, 19 Jun 2020 09:50:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz/dBB04B/8u0hhgWv9n4vpcwnuCIvVtM0YPS136Yam/SaDnr15h0zJ6dH5G/z/M0JvKgi/UA== X-Received: by 2002:a5e:9908:: with SMTP id t8mr5360986ioj.171.1592585443507; Fri, 19 Jun 2020 09:50:43 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id p25sm3691368iog.47.2020.06.19.09.50.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:43 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 26/57][X] Annotate hardware config module parameters in drivers/net/wan/ Date: Fri, 19 Jun 2020 11:49:39 -0500 Message-Id: <20200619165010.645925-27-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/wan/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: "Jan \"Yenya\" Kasprzak" cc: netdev@vger.kernel.org (cherry picked from commit af28a03c1b1eae4d7c97f4bd0c6326522c8a3bc9) Signed-off-by: Seth Forshee --- drivers/net/wan/cosa.c | 6 +++--- drivers/net/wan/hostess_sv11.c | 6 +++--- drivers/net/wan/sbni.c | 4 ++-- drivers/net/wan/sealevel.c | 8 ++++---- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/net/wan/cosa.c b/drivers/net/wan/cosa.c index 848ea6a399f2..18956c47cf92 100644 --- a/drivers/net/wan/cosa.c +++ b/drivers/net/wan/cosa.c @@ -232,11 +232,11 @@ static int irq[MAX_CARDS+1] = { -1, -1, -1, -1, -1, -1, 0, }; static struct class *cosa_class; #ifdef MODULE -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "The I/O bases of the COSA or SRP cards"); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq, "The IRQ lines of the COSA or SRP cards"); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); MODULE_PARM_DESC(dma, "The DMA channels of the COSA or SRP cards"); MODULE_AUTHOR("Jan \"Yenya\" Kasprzak, "); diff --git a/drivers/net/wan/hostess_sv11.c b/drivers/net/wan/hostess_sv11.c index 3d741663fd67..4845560fd848 100644 --- a/drivers/net/wan/hostess_sv11.c +++ b/drivers/net/wan/hostess_sv11.c @@ -325,11 +325,11 @@ static void sv11_shutdown(struct z8530_dev *dev) static int io = 0x200; static int irq = 9; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "The I/O base of the Comtrol Hostess SV11 card"); -module_param(dma, int, 0); +module_param_hw(dma, int, dma, 0); MODULE_PARM_DESC(dma, "Set this to 1 to use DMA1/DMA3 for TX/RX"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "The interrupt line setting for the Comtrol Hostess SV11 card"); MODULE_AUTHOR("Alan Cox"); diff --git a/drivers/net/wan/sbni.c b/drivers/net/wan/sbni.c index 8fef8d83436d..5868fc25962c 100644 --- a/drivers/net/wan/sbni.c +++ b/drivers/net/wan/sbni.c @@ -1464,8 +1464,8 @@ set_multicast_list( struct net_device *dev ) #ifdef MODULE -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(baud, int, NULL, 0); module_param_array(rxl, int, NULL, 0); module_param_array(mac, int, NULL, 0); diff --git a/drivers/net/wan/sealevel.c b/drivers/net/wan/sealevel.c index 27860b4f5908..1d762a2d3ddc 100644 --- a/drivers/net/wan/sealevel.c +++ b/drivers/net/wan/sealevel.c @@ -364,13 +364,13 @@ static int rxdma=3; static int irq=5; static bool slow=false; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "The I/O base of the Sealevel card"); -module_param(txdma, int, 0); +module_param_hw(txdma, int, dma, 0); MODULE_PARM_DESC(txdma, "Transmit DMA channel"); -module_param(rxdma, int, 0); +module_param_hw(rxdma, int, dma, 0); MODULE_PARM_DESC(rxdma, "Receive DMA channel"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "The interrupt line setting for the SeaLevel card"); module_param(slow, bool, 0); MODULE_PARM_DESC(slow, "Set this for an older Sealevel card such as the 4012"); From patchwork Fri Jun 19 16:49:40 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313170 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwH1ltBzB4CX; Sat, 20 Jun 2020 02:51:43 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEq-0007gY-K4; Fri, 19 Jun 2020 16:51:36 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE4-00076I-6e for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:48 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE2-0006Mp-6q for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:46 +0000 Received: by mail-il1-f199.google.com with SMTP id k63so6887238ilg.17 for ; Fri, 19 Jun 2020 09:50:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=1agq090lQWFCLnU2+tJoMpWRWYwxVgcamoAKSXr4o+g=; b=eNvYj0GktR1w0/mpfmfJuYEDJql02qnaYPJUBqSfsQw/ZPE2VcZbtR0YoGLUwvNWe3 jEU7YyDsM/WcFeLApbx2C5+zpVNsGNZpDckCe4mfCwSSAFr/PgqaFAh7+W4t4r33JM5S h0CijI3+iHGXvYQeeMHsU6LRl1Pv7mmiCJMNpWyNq1Zw0Y28vfi65o9mMO8/SzYOEK7D t9jeI8uDHTGVhVaiWPOLSaREwFX6UsFfWi4GYVz+4rA2zVoiA2VXwEoPqh9PQljBalNO YDG9cnf5eyss7srAN5OhavirhfGKQD2CgTWnOFOPFQtZI+C7bhwUgVQBNUHpNBYEST79 luDQ== X-Gm-Message-State: AOAM532inSKklh0CiQoEIXx1OYz54WzH28y/RQwawqqO+C9p51aQafV3 OnCZbfvmSheN8d4JOpY6M9y7GYuAXM3Bgcvbmj66YNJYGuHWMbDgejq1Uuad5VIYT4pelqdT25j K5yCE8lKKO+qGTDIF/bONtXvH8YQ//6ftoIXhQzom5A== X-Received: by 2002:a92:db01:: with SMTP id b1mr4615688iln.233.1592585445021; Fri, 19 Jun 2020 09:50:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxBe3Yma51zSIRJvsIOl+qWRFPSvYYamBePtFhbLShAx9wc7MDBP3UD6Sc89XVZUU2zEAenzA== X-Received: by 2002:a92:db01:: with SMTP id b1mr4615680iln.233.1592585444778; Fri, 19 Jun 2020 09:50:44 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id p25sm3691403iog.47.2020.06.19.09.50.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:44 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 27/57][X] Annotate hardware config module parameters in drivers/net/wireless/ Date: Fri, 19 Jun 2020 11:49:40 -0500 Message-Id: <20200619165010.645925-28-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/net/wireless/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Kalle Valo cc: linux-wireless@vger.kernel.org cc: netdev@vger.kernel.org (cherry picked from commit 767c13e610d5775be00423c1ce046c1eb9616a21) Signed-off-by: Seth Forshee --- drivers/net/wireless/airo.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/wireless/airo.c b/drivers/net/wireless/airo.c index a44496d8423a..3ea2ef19667d 100644 --- a/drivers/net/wireless/airo.c +++ b/drivers/net/wireless/airo.c @@ -246,8 +246,8 @@ MODULE_DESCRIPTION("Support for Cisco/Aironet 802.11 wireless ethernet cards. " "Direct support for ISA/PCI/MPI cards and support for PCMCIA when used with airo_cs."); MODULE_LICENSE("Dual BSD/GPL"); MODULE_SUPPORTED_DEVICE("Aironet 4500, 4800 and Cisco 340/350"); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param_array(rates, int, NULL, 0); module_param_array(ssids, charp, NULL, 0); module_param(auto_wep, int, 0); From patchwork Fri Jun 19 16:49:41 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313175 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwd351lzB4CS; Sat, 20 Jun 2020 02:52:01 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKF9-0007sq-5i; Fri, 19 Jun 2020 16:51:55 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE6-00077S-Mo for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:50 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE4-0006N1-0D for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:48 +0000 Received: by mail-il1-f197.google.com with SMTP id o4so6898297ilc.15 for ; Fri, 19 Jun 2020 09:50:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=s2iYtTgqfRjBSubgr9yQvdH+ZRxjad4Sk+zVWiOybRE=; b=cjdTJ2i98XntShoIDn4tOkz/cXQbiFwYL1YC6OyvIcOKDuXZM56REk4/XSXvPC/SNZ drLEkpJP1MKbmunresGEQ6TRrm04fu4GpqEKFfErN15Uqbu8Ij4re2z3ksQNIU9kpoIx zVKXiwYUNguYud/ILtJLQOo+bmtOhDtOKsWTJ3mmR/78l2X/7ysjlZ8IeLoJfGAL/PiC HSgekCjkhy/8OmgyE6g3vIEwkhLHmL2Tjfls9pRKJp4BFZIHEMmLtjeXvUDY8x4Qehyd 0DUv0T8X9OY2rOhoMT0jJHbIKv3r+4P99Wdfh8UmzbLG+hk/n0NFVy7nhaqFNeDilmuL fesA== X-Gm-Message-State: AOAM53305CP51fL9gPHWcGdlg4GHc5ahEwh4J2kW9LzlHvuGGr2YDonB BDLIHaTbbf3KLF3cH2dBT7CACF4P0HtJ0xDfU/sGxOKliH06c5OkuRuVyKMB0trDKqbxmwKi5gt Ttn2wJxwvSi7+lQm/uRH89CMr24RlTHBo8juda+NouQ== X-Received: by 2002:a05:6e02:526:: with SMTP id h6mr4568410ils.260.1592585446701; Fri, 19 Jun 2020 09:50:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxcdmWqq1uWwH0YtK63IiBvBhbt2CBwcNbdM5RN7GhngzNYD5Ic3vyuizaFteOl1zEk//BQ+Q== X-Received: by 2002:a05:6e02:526:: with SMTP id h6mr4568377ils.260.1592585446332; Fri, 19 Jun 2020 09:50:46 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id c85sm3505015ilg.41.2020.06.19.09.50.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:45 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 28/57][X] Annotate hardware config module parameters in drivers/parport/ Date: Fri, 19 Jun 2020 11:49:41 -0500 Message-Id: <20200619165010.645925-29-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/parport/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Sudip Mukherjee (cherry picked from commit c8fc074dd388112890684b614be1e58335890b27) Signed-off-by: Seth Forshee --- drivers/parport/parport_pc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/parport/parport_pc.c b/drivers/parport/parport_pc.c index 02e6485c1ed5..6520c4041bf7 100644 --- a/drivers/parport/parport_pc.c +++ b/drivers/parport/parport_pc.c @@ -3154,13 +3154,13 @@ static char *irq[PARPORT_PC_MAX_PORTS]; static char *dma[PARPORT_PC_MAX_PORTS]; MODULE_PARM_DESC(io, "Base I/O address (SPP regs)"); -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io_hi, "Base I/O address (ECR)"); -module_param_array(io_hi, int, NULL, 0); +module_param_hw_array(io_hi, int, ioport, NULL, 0); MODULE_PARM_DESC(irq, "IRQ line"); -module_param_array(irq, charp, NULL, 0); +module_param_hw_array(irq, charp, irq, NULL, 0); MODULE_PARM_DESC(dma, "DMA channel"); -module_param_array(dma, charp, NULL, 0); +module_param_hw_array(dma, charp, dma, NULL, 0); #if defined(CONFIG_PARPORT_PC_SUPERIO) || \ (defined(CONFIG_PARPORT_1284) && defined(CONFIG_PARPORT_PC_FIFO)) MODULE_PARM_DESC(verbose_probing, "Log chit-chat during initialisation"); From patchwork Fri Jun 19 16:49:42 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313171 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwN0BZwzB4C8; Sat, 20 Jun 2020 02:51:48 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKEx-0007kb-1h; Fri, 19 Jun 2020 16:51:43 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE7-00078C-7m for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:51 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE5-0006NA-24 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:49 +0000 Received: by mail-il1-f198.google.com with SMTP id q14so6850162ils.18 for ; Fri, 19 Jun 2020 09:50:49 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=EM8bBTuEkyO2oujhTLe6kQQeeFf2IhPpwv84qkbRo70=; b=Sn+9LE4DkUR3DIgG60wqOO4/4uiPDsdktbzwNI683iyzPNSyMRL7637NCxcxjb1oOa 2lo5Ya1wQBvnBWuzvQBDza+6Mt5QZBA7b0hCwIMfUpDsYqYHw6SIiO37PHnyG52cTHua DYKf8pVwIfyToa173gs2h+sqrf7ZZGhSX1BDOGdKOgh8Aahq2E354tTzyci2sxX5lkKy fFbeiw7CeYBlq0mEhO+Gp9OuZ2yzjYpnZBhZjKTEqHCKBM1KmrvDb5HAmmms5jX5UqbO 8ahDZvU9V0p0xTABSzWr65/ALGaaLBf+E30tHIxHyDgDGq9hzpTq/TCLr/KtFP+ujjt2 HvGw== X-Gm-Message-State: AOAM533S84iuzCSPG19eHVkLz58d/SUt0SJ/xWTXwZo7kQoOi/XpRImQ gXvjH1R+UoCqM0OICi4Sxe0X368yKH3Hy5RzviYYg98E1xjFh6Mu51ccio5oKWMriTsLHMZ7HVc xCKZKujakifqMks0aaAMwh0MGfrL5KDLAS2bu9Id9FA== X-Received: by 2002:a92:de0d:: with SMTP id x13mr4534222ilm.256.1592585447902; Fri, 19 Jun 2020 09:50:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxNytq8ig6Sgi31tXGZqwSGyGygdtg+qV3wfXJxFYqA7uGx37yng8hEQjlHiObYOxbKoTMUdw== X-Received: by 2002:a92:de0d:: with SMTP id x13mr4534204ilm.256.1592585447630; Fri, 19 Jun 2020 09:50:47 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t5sm3805182iov.53.2020.06.19.09.50.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:47 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 29/57][X] Annotate hardware config module parameters in drivers/pci/hotplug/ Date: Fri, 19 Jun 2020 11:49:42 -0500 Message-Id: <20200619165010.645925-30-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/pci/hotplug/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Bjorn Helgaas cc: Scott Murray cc: linux-pci@vger.kernel.org (cherry picked from commit 01b961b70dde53b3a5b5062670a19d566e67e78e) Signed-off-by: Seth Forshee --- drivers/pci/hotplug/cpcihp_generic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pci/hotplug/cpcihp_generic.c b/drivers/pci/hotplug/cpcihp_generic.c index 66b7bbebe493..d92f5304d67b 100644 --- a/drivers/pci/hotplug/cpcihp_generic.c +++ b/drivers/pci/hotplug/cpcihp_generic.c @@ -220,7 +220,7 @@ module_param(first_slot, byte, 0); MODULE_PARM_DESC(first_slot, "Hotswap bus first slot number"); module_param(last_slot, byte, 0); MODULE_PARM_DESC(last_slot, "Hotswap bus last slot number"); -module_param(port, ushort, 0); +module_param_hw(port, ushort, ioport, 0); MODULE_PARM_DESC(port, "#ENUM signal I/O port"); module_param(enum_bit, uint, 0); MODULE_PARM_DESC(enum_bit, "#ENUM signal bit (0-7)"); From patchwork Fri Jun 19 16:49:43 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313176 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwj2r7rz9sWW; Sat, 20 Jun 2020 02:52:05 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFC-0007uq-Rm; Fri, 19 Jun 2020 16:51:58 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE7-000794-JV for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:51 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE6-0006NE-Af for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:50 +0000 Received: by mail-il1-f199.google.com with SMTP id v14so6871366ilo.19 for ; Fri, 19 Jun 2020 09:50:50 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uPZL00A3olC19YonkBL+r+JbLrro800tK/FmuCV7xlY=; b=UdumIjtpBao/QLWlZGX+enDDKUnLi0kMLhTg+DMFYRI/4v36DeRlu9Z38yjKlZzZ+X fVUPOPkFqPSN/qtCA1hE5y07Lpb370tgiE3nig5rfql6f8Z2hHb9Ij/xcZytX5ShB25U 1yyENVVFDRu/avSyA1jxhkNJ9J1CxVB+tkcTmBPFmHdc8e28aaY14NKQKVY69mLCnDed URyes6ldVOwzh6SxvtxkcWdvKGMSL8d3ved8mmvX70mGalnJtksirsV1lCG/2FF8hqK9 wJ70v++TgH6xc9qVb9fgIS4Q0um8BvcxEl5ltJu1RGWO7sLUZWv9f7zzU/elCbqhD59E EjIQ== X-Gm-Message-State: AOAM533b0R/T8jaevxx3FyQFkAQ6faVjRQ/fzvVp/3CNxbZoc91u5/DY ScPbv+6CHSmBKnZfqK/YuRRHzyTeaNTFjoXuGFFAHdZmsX7wlgc7SAse+6YCgBseDxzg+Id2Fvv FdTWufl6WUW7lbu1KXx1BQ+FGvK85HH32H+t2rBzbZg== X-Received: by 2002:a05:6602:2c88:: with SMTP id i8mr5364617iow.74.1592585449168; Fri, 19 Jun 2020 09:50:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyQcJY28aRH3clBMmx0W59MA5ULIKVt786MyyC1lEbq5V3W9VEQCLe7RDbT1jo6Cx8wQcyj2A== X-Received: by 2002:a05:6602:2c88:: with SMTP id i8mr5364600iow.74.1592585448919; Fri, 19 Jun 2020 09:50:48 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id k18sm3675058iok.4.2020.06.19.09.50.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:48 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 30/57][X] Annotate hardware config module parameters in drivers/pcmcia/ Date: Fri, 19 Jun 2020 11:49:43 -0500 Message-Id: <20200619165010.645925-31-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/pcmcia/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: linux-pcmcia@lists.infradead.org (cherry picked from commit 9149ba1fc2276181c7f80969d349ea25a7f9fe1f) Signed-off-by: Seth Forshee --- drivers/pcmcia/i82365.c | 8 ++++---- drivers/pcmcia/tcic.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/drivers/pcmcia/i82365.c b/drivers/pcmcia/i82365.c index eb0d80a429e4..fb38cc01859f 100644 --- a/drivers/pcmcia/i82365.c +++ b/drivers/pcmcia/i82365.c @@ -108,12 +108,12 @@ static int async_clock = -1; static int cable_mode = -1; static int wakeup = 0; -module_param(i365_base, ulong, 0444); +module_param_hw(i365_base, ulong, ioport, 0444); module_param(ignore, int, 0444); module_param(extra_sockets, int, 0444); -module_param(irq_mask, int, 0444); -module_param_array(irq_list, int, &irq_list_count, 0444); -module_param(cs_irq, int, 0444); +module_param_hw(irq_mask, int, other, 0444); +module_param_hw_array(irq_list, int, irq, &irq_list_count, 0444); +module_param_hw(cs_irq, int, irq, 0444); module_param(async_clock, int, 0444); module_param(cable_mode, int, 0444); module_param(wakeup, int, 0444); diff --git a/drivers/pcmcia/tcic.c b/drivers/pcmcia/tcic.c index 1ee63e5f0550..a1ac72d51d70 100644 --- a/drivers/pcmcia/tcic.c +++ b/drivers/pcmcia/tcic.c @@ -85,12 +85,12 @@ static int poll_quick = HZ/20; /* CCLK external clock time, in nanoseconds. 70 ns = 14.31818 MHz */ static int cycle_time = 70; -module_param(tcic_base, ulong, 0444); +module_param_hw(tcic_base, ulong, ioport, 0444); module_param(ignore, int, 0444); module_param(do_scan, int, 0444); -module_param(irq_mask, int, 0444); -module_param_array(irq_list, int, &irq_list_count, 0444); -module_param(cs_irq, int, 0444); +module_param_hw(irq_mask, int, other, 0444); +module_param_hw_array(irq_list, int, irq, &irq_list_count, 0444); +module_param_hw(cs_irq, int, irq, 0444); module_param(poll_interval, int, 0444); module_param(poll_quick, int, 0444); module_param(cycle_time, int, 0444); From patchwork Fri Jun 19 16:49:44 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313177 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwl3hvnzB4CF; Sat, 20 Jun 2020 02:52:07 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFG-0007xn-FD; Fri, 19 Jun 2020 16:52:02 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE9-0007AV-Fp for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:53 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE7-0006NZ-O3 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:51 +0000 Received: by mail-il1-f199.google.com with SMTP id c8so6913472ilm.5 for ; Fri, 19 Jun 2020 09:50:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6evih9eCw13bV+iTJ06y8E92Jy57NygmKyZJ5ZxTcb4=; b=pcJCbpW7lMEWSWSqwhJ/DvJZzwyvPeH6+uKHU7lfT3Sni27VATJqoolXEYrhTUJRNT 6mnj6+nrB+MIhXF79WSVp3uCYJX0TkI8+Q8UfnffSw8AZf++JFktsKz0rMCT5NpT/MWe an+jQRDjXvZh11xLernSL/3o483KTp4UZGUVI9O7qPXas+g4EtUEfwcjs20e2wuhXcKl ISu/W3OqtTk5YxOM6V+a4N+X01kLvyWS4KnVLH3gFGpmM15kW7aDnMqfcTVQRIdH5mCq ZTSvrxFtIcUe5RABftiuMARF3WLvYpWwyP2yg8wJ1YgqVZ85b71kdotd/FwdS6c1wupY f+JA== X-Gm-Message-State: AOAM532LGfdgY1fWbqb5Sq5Q9TtaFbC75cpoLhkg6g3BaldBZtTRFKdD LxXX9tI6NYMpqg79lS1dM0gYJsYGgSRv+KvER3zf7R88yhfip6U+sT6Jnk1hkILUpnukcSjJ82G Kd1viAPw2YUX8WmBY1/jlVkHkZyNqDBZZX4tZGYDHYQ== X-Received: by 2002:a92:60d:: with SMTP id x13mr4094559ilg.156.1592585450548; Fri, 19 Jun 2020 09:50:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxhOQD9wjcTpJvBJFgP6zK9YDjf4hO8mLaPlKxONO2y5QdI1cWIOWMbvan4I2Z+Vc87TUNing== X-Received: by 2002:a92:60d:: with SMTP id x13mr4094545ilg.156.1592585450212; Fri, 19 Jun 2020 09:50:50 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id z4sm3363053ilm.72.2020.06.19.09.50.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:49 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 31/57][X] Annotate hardware config module parameters in drivers/scsi/ Date: Fri, 19 Jun 2020 11:49:44 -0500 Message-Id: <20200619165010.645925-32-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/scsi/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: "Juergen E. Fischer" cc: "James E.J. Bottomley" cc: "Martin K. Petersen" cc: Dario Ballabio cc: Finn Thain cc: Michael Schmitz cc: Achim Leubner cc: linux-scsi@vger.kernel.org (backported from commit 88f06b76e462119cb694c3ff13d7d343c49d2569) Signed-off-by: Seth Forshee --- drivers/scsi/aha152x.c | 4 ++-- drivers/scsi/aha1542.c | 2 +- drivers/scsi/g_NCR5380.c | 17 +++++++++++++++-- drivers/scsi/gdth.c | 2 +- drivers/scsi/qlogicfas.c | 4 ++-- 5 files changed, 21 insertions(+), 8 deletions(-) diff --git a/drivers/scsi/aha152x.c b/drivers/scsi/aha152x.c index f44d0487236e..ce5dc73d85bb 100644 --- a/drivers/scsi/aha152x.c +++ b/drivers/scsi/aha152x.c @@ -331,11 +331,11 @@ MODULE_LICENSE("GPL"); #if !defined(PCMCIA) #if defined(MODULE) static int io[] = {0, 0}; -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io,"base io address of controller"); static int irq[] = {0, 0}; -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(irq,"interrupt for controller"); static int scsiid[] = {7, 7}; diff --git a/drivers/scsi/aha1542.c b/drivers/scsi/aha1542.c index 5b8b2937a3fe..04e40ea98dad 100644 --- a/drivers/scsi/aha1542.c +++ b/drivers/scsi/aha1542.c @@ -31,7 +31,7 @@ module_param(isapnp, bool, 0); MODULE_PARM_DESC(isapnp, "enable PnP support (default=1)"); static int io[MAXBOARDS] = { 0x330, 0x334, 0, 0 }; -module_param_array(io, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); MODULE_PARM_DESC(io, "base IO address of controller (0x130,0x134,0x230,0x234,0x330,0x334, default=0x330,0x334)"); /* time AHA spends on the AT-bus during data transfer */ diff --git a/drivers/scsi/g_NCR5380.c b/drivers/scsi/g_NCR5380.c index 87e081f8a386..70f83281bcf9 100644 --- a/drivers/scsi/g_NCR5380.c +++ b/drivers/scsi/g_NCR5380.c @@ -75,6 +75,7 @@ #include #include "g_NCR5380.h" #include "NCR5380.h" +#include #include #include #include @@ -174,6 +175,9 @@ static int __init do_NCR5380_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_NCR5380, str, ints); return 1; @@ -192,6 +196,9 @@ static int __init do_NCR53C400_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_NCR53C400, str, ints); return 1; @@ -210,6 +217,9 @@ static int __init do_NCR53C400A_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_NCR53C400A, str, ints); return 1; @@ -228,6 +238,9 @@ static int __init do_DTC3181E_setup(char *str) { int ints[10]; + if (secure_modules()) + return -EPERM; + get_options(str, ARRAY_SIZE(ints), ints); internal_setup(BOARD_DTC3181E, str, ints); return 1; @@ -717,9 +730,9 @@ static struct scsi_host_template driver_template = { #include #include "scsi_module.c" -module_param(ncr_irq, int, 0); +module_param_hw(ncr_irq, int, irq, 0); module_param(ncr_dma, int, 0); -module_param(ncr_addr, int, 0); +module_param_hw(ncr_addr, int, ioport, 0); module_param(ncr_5380, int, 0); module_param(ncr_53c400, int, 0); module_param(ncr_53c400a, int, 0); diff --git a/drivers/scsi/gdth.c b/drivers/scsi/gdth.c index 71e138044379..efc2083a211f 100644 --- a/drivers/scsi/gdth.c +++ b/drivers/scsi/gdth.c @@ -353,7 +353,7 @@ static int probe_eisa_isa = 0; static int force_dma32 = 0; /* parameters for modprobe/insmod */ -module_param_array(irq, int, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); module_param(disable, int, 0); module_param(reserve_mode, int, 0); module_param_array(reserve_list, int, NULL, 0); diff --git a/drivers/scsi/qlogicfas.c b/drivers/scsi/qlogicfas.c index 61cac87fb86f..840823b99e51 100644 --- a/drivers/scsi/qlogicfas.c +++ b/drivers/scsi/qlogicfas.c @@ -137,8 +137,8 @@ err: static struct qlogicfas408_priv *cards; static int iobase[MAX_QLOGICFAS]; static int irq[MAX_QLOGICFAS] = { [0 ... MAX_QLOGICFAS-1] = -1 }; -module_param_array(iobase, int, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(iobase, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); MODULE_PARM_DESC(iobase, "I/O address"); MODULE_PARM_DESC(irq, "IRQ"); From patchwork Fri Jun 19 16:49:45 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313178 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwp1XwSzB4CW; Sat, 20 Jun 2020 02:52:10 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFH-0007yl-GF; Fri, 19 Jun 2020 16:52:03 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEB-0007BH-0j for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:55 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKE9-0006Ne-0l for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:53 +0000 Received: by mail-io1-f69.google.com with SMTP id b30so7206810ioc.8 for ; Fri, 19 Jun 2020 09:50:52 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VHL6SDuyGaUOiEerLfWtysP/5JzdyeTwqiohGCHg5Nc=; b=k0wxj9AA4I0MQUhqr5D9wMvAP3vVbbiH1in3RC8WGdpjtqqO5ELdGv3Vgyenxf4E3W DD2POX+N1wbTYdRxELdoNr0aPap+K8tqd0WbmxfpwIpV+nj81/xKVuSOAiL2cT4/r29R iOrU6z1ou5OXv5R4ejF6XZxPON1hl3dRL0OZerapXZ4HpYyVpAx9K+JgOubQiPCfulpn SUUzi6LJnB8GMuZ7svTRTApDxnFen9K1UNmYuMpQA2MQ/4xLmcF6NgiSp4mvCD8OnfEG 3gQEqMb5GmQ0Utem87A3cQVkdmmr3TBEDj94NBB0DKacI9ma9pYQ3utTC01ctmE1Ir44 p6Dg== X-Gm-Message-State: AOAM5321ISrZzs/gacODNJbYaYRIfC5ZOc7f+St16dIzRHLsZnYCKjHq m/H+t8bhW3P4nedMpMIZYBpaWCVa81EV+GBZ04c31/s0SjZQnOxhKWWuWZThMmvstlSZ+s2k+XD qFCC3HiPAyYN15fLgc3zwTEdkbWPSmmy1Np+91P8ZSw== X-Received: by 2002:a05:6602:2515:: with SMTP id i21mr5184369ioe.2.1592585451861; Fri, 19 Jun 2020 09:50:51 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz6hx7jBjicGI12hmnq0HKdIPbVbsF9aOyceduqJ8E9qpO5eFURpagFHz6ciDKXk/4k+zyC3A== X-Received: by 2002:a05:6602:2515:: with SMTP id i21mr5184350ioe.2.1592585451611; Fri, 19 Jun 2020 09:50:51 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y12sm3325544ili.83.2020.06.19.09.50.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:51 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 32/57][X] Annotate hardware config module parameters in drivers/staging/media/ Date: Fri, 19 Jun 2020 11:49:45 -0500 Message-Id: <20200619165010.645925-33-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/staging/media/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman Acked-by: Mauro Carvalho Chehab cc: linux-media@vger.kernel.org cc: devel@driverdev.osuosl.org (cherry picked from commit 32820d8abd4d9502208697f0d26a3f8761b5868f) Signed-off-by: Seth Forshee --- drivers/staging/media/lirc/lirc_sir.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/staging/media/lirc/lirc_sir.c b/drivers/staging/media/lirc/lirc_sir.c index 4f326e97ad75..e27842e01fba 100644 --- a/drivers/staging/media/lirc/lirc_sir.c +++ b/drivers/staging/media/lirc/lirc_sir.c @@ -986,10 +986,10 @@ MODULE_AUTHOR("Milan Pikula"); #endif MODULE_LICENSE("GPL"); -module_param(io, int, S_IRUGO); +module_param_hw(io, int, ioport, S_IRUGO); MODULE_PARM_DESC(io, "I/O address base (0x3f8 or 0x2f8)"); -module_param(irq, int, S_IRUGO); +module_param_hw(irq, int, irq, S_IRUGO); MODULE_PARM_DESC(irq, "Interrupt (4 or 3)"); module_param(threshold, int, S_IRUGO); From patchwork Fri Jun 19 16:49:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313179 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPws3Kdyz9sVW; Sat, 20 Jun 2020 02:52:13 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFL-00081J-02; Fri, 19 Jun 2020 16:52:07 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEC-0007CR-2I for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:56 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEA-0006Nj-E0 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:54 +0000 Received: by mail-io1-f70.google.com with SMTP id c17so7205509ioi.10 for ; Fri, 19 Jun 2020 09:50:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7XKBQb+yfv062gRlFUoiVKu33DCw4bYaAKJygfCXe78=; b=Jq3tQxPniLCjJN4NJ7/2jvO3k5wszeKhCiYpxTiEsIFJyo2/kTFPZpUKjQmGePIqlu 8oTTF+jOn62qZ1gIzHY6TrBpYOCrOzTGaWJKHuOZuanErE/5QZ/y0uO5o8GWOvQJrMmS 4z4HQumBvCTb9fQ5Z2ItbRialUC1rqk7n+9YHUWk5fRVrTfMABWoExU2JsnnsQGXX0vJ 6xOX9NlKG7UeLftcN8MeW7u3tdBJXIEZVUFdGp+lbceSK9Qge6nlH/LJ4E62vXkK+pC5 U5dFxZiltqm4DssrYihEvXpOYxPG4e9LgbflKAI800N2TfVpeF3j5/2dxrCYOJFq/v9X ULGg== X-Gm-Message-State: AOAM531fPdUxwFIaCMLbfSyvDXD8Lb3fZrzB4Emhn1ax1Cj+Pswr0ERl gtQNEzEhfRSCcvrLQ3MJHy9oG03sG0i40/bl5VO1IBE43gyZow9pYMZRdbsa/AHfOTIRSi4iL+N 7g9Hc7HQx5JcvCmz3hVHgW1/RzRMUa23nxB45RL5czw== X-Received: by 2002:a05:6e02:eb0:: with SMTP id u16mr4711318ilj.81.1592585453171; Fri, 19 Jun 2020 09:50:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzamypZVIkVVm8OafNg4gNPwjdK1X+Ndxhv6bTArp0d+jZxIG8QPpsFS+cX3nLeI8Umq2QEOQ== X-Received: by 2002:a05:6e02:eb0:: with SMTP id u16mr4711299ilj.81.1592585452823; Fri, 19 Jun 2020 09:50:52 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r19sm3685819ioj.12.2020.06.19.09.50.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:52 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 33/57][X] Annotate hardware config module parameters in drivers/staging/speakup/ Date: Fri, 19 Jun 2020 11:49:46 -0500 Message-Id: <20200619165010.645925-34-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/staging/speakup/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: speakup@linux-speakup.org cc: devel@driverdev.osuosl.org (backported from commit dbf05cb05f61145069d01ca9c6a896159184af88) Signed-off-by: Seth Forshee --- drivers/staging/speakup/speakup_acntpc.c | 2 +- drivers/staging/speakup/speakup_dtlk.c | 2 +- drivers/staging/speakup/speakup_keypc.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/staging/speakup/speakup_acntpc.c b/drivers/staging/speakup/speakup_acntpc.c index f418893928ec..092e2ae8f3eb 100644 --- a/drivers/staging/speakup/speakup_acntpc.c +++ b/drivers/staging/speakup/speakup_acntpc.c @@ -312,7 +312,7 @@ static void accent_release(void) speakup_info.port_tts = 0; } -module_param_named(port, port_forced, int, S_IRUGO); +module_param_hw_named(port, port_forced, int, ioport, S_IRUGO); module_param_named(start, synth_acntpc.startup, short, S_IRUGO); MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); diff --git a/drivers/staging/speakup/speakup_dtlk.c b/drivers/staging/speakup/speakup_dtlk.c index 345efd3344b0..a888315b9e78 100644 --- a/drivers/staging/speakup/speakup_dtlk.c +++ b/drivers/staging/speakup/speakup_dtlk.c @@ -382,7 +382,7 @@ static void dtlk_release(void) speakup_info.port_tts = 0; } -module_param_named(port, port_forced, int, S_IRUGO); +module_param_hw_named(port, port_forced, int, ioport, S_IRUGO); module_param_named(start, synth_dtlk.startup, short, S_IRUGO); MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); diff --git a/drivers/staging/speakup/speakup_keypc.c b/drivers/staging/speakup/speakup_keypc.c index 6ea027365664..55c0e733a7fa 100644 --- a/drivers/staging/speakup/speakup_keypc.c +++ b/drivers/staging/speakup/speakup_keypc.c @@ -313,7 +313,7 @@ static void keynote_release(void) synth_port = 0; } -module_param_named(port, port_forced, int, S_IRUGO); +module_param_hw_named(port, port_forced, int, ioport, S_IRUGO); module_param_named(start, synth_keypc.startup, short, S_IRUGO); MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); From patchwork Fri Jun 19 16:49:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313180 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwx21MGzB4C8; Sat, 20 Jun 2020 02:52:17 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFO-00084C-J6; Fri, 19 Jun 2020 16:52:10 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEE-0007DD-7Z for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:58 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEB-0006Nx-GM for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:55 +0000 Received: by mail-io1-f70.google.com with SMTP id c17so7205545ioi.10 for ; Fri, 19 Jun 2020 09:50:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KPTYc9vIjdpsDkpkdtpldOj+A1+GdmiPIHbafAmh/Dc=; b=cTy5Gwr3Qwe5nsAMFF4SE5kBeSzNqVQSo2H4k7vGKGmlkJBSoj8fS/R86taFJB+Gsf ZNfPMjMjbxCAI1AtVHvOPIRD1BL53vtykqISt7L3gM2vp87V5LkS9XYVne2y/ABuB+as 9yFFG+JjJMXwsLLU84AVA0XQ8GaIOH1KseMo5341wQxPFvdM0/2ltv9dYSsustC7LBkJ TMVLs4WLB1+xQYEQna3fviuhpUNFiPckmiZsXYba3m2saK4mZ/mgyK1pQrsJz4YyD5tH FO4uxk7IqGjZdRfFIqO0KQPvryWHW3g2snAho0V+6elM6JaLOrGDaOe73oXXTrX0Y2Hy PxBw== X-Gm-Message-State: AOAM532B5ungxSDTNJ2byK2/hYeVhuVuqlIAqcBkmecqcKcMgBBytaL/ v43LNXwqmyb75XPq0wdypA8OtHHgIho1/aOl3HljSBT9MSLQIK/B6mxEBKhV6VUtYqlHFl/YLl4 3MAwt2f7jI0JyOg9LBeIbCd0FCoz6au5L2vrNydHCjw== X-Received: by 2002:a02:c802:: with SMTP id p2mr4674113jao.111.1592585454367; Fri, 19 Jun 2020 09:50:54 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwOQFS8jFAyHlIZmheZyvbOLeGLgqC+sg4RTNb0GYc8SN3+Gl2qXe6m7cY4hRxcJWpSdKAyVw== X-Received: by 2002:a02:c802:: with SMTP id p2mr4674097jao.111.1592585454110; Fri, 19 Jun 2020 09:50:54 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id f22sm3665844iob.18.2020.06.19.09.50.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:53 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 34/57][X] Annotate hardware config module parameters in drivers/staging/vme/ Date: Fri, 19 Jun 2020 11:49:47 -0500 Message-Id: <20200619165010.645925-35-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/staging/vme/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Martyn Welch cc: Manohar Vanga cc: Greg Kroah-Hartman cc: devel@driverdev.osuosl.org (backported from commit ea38fd72fb5f065e3f655d388193db3476820482) Signed-off-by: Seth Forshee --- drivers/staging/vme/devices/vme_pio2_core.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/staging/vme/devices/vme_pio2_core.c b/drivers/staging/vme/devices/vme_pio2_core.c index 35c6ce5047de..c7f068af3e58 100644 --- a/drivers/staging/vme/devices/vme_pio2_core.c +++ b/drivers/staging/vme/devices/vme_pio2_core.c @@ -478,16 +478,16 @@ static void __exit pio2_exit(void) /* These are required for each board */ MODULE_PARM_DESC(bus, "Enumeration of VMEbus to which the board is connected"); -module_param_array(bus, int, &bus_num, S_IRUGO); +module_param_hw_array(bus, int, other, &bus_num, S_IRUGO); MODULE_PARM_DESC(base, "Base VME address for PIO2 Registers"); -module_param_array(base, long, &base_num, S_IRUGO); +module_param_hw_array(base, long, other, &base_num, S_IRUGO); MODULE_PARM_DESC(vector, "VME IRQ Vector (Lower 4 bits masked)"); -module_param_array(vector, int, &vector_num, S_IRUGO); +module_param_hw_array(vector, int, other, &vector_num, S_IRUGO); MODULE_PARM_DESC(level, "VME IRQ Level"); -module_param_array(level, int, &level_num, S_IRUGO); +module_param_hw_array(level, int, other, &level_num, S_IRUGO); MODULE_PARM_DESC(variant, "Last 4 characters of PIO2 board variant"); module_param_array(variant, charp, &variant_num, S_IRUGO); From patchwork Fri Jun 19 16:49:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313181 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPwz5hvkzB4CD; Sat, 20 Jun 2020 02:52:19 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFR-000878-PH; Fri, 19 Jun 2020 16:52:13 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEF-0007E0-D7 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:59 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEC-0006O4-PW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:56 +0000 Received: by mail-io1-f71.google.com with SMTP id m11so7205338ioj.14 for ; Fri, 19 Jun 2020 09:50:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=A4V+OakdM2l+jNGvM8AkxhmVias1hH9ZNoYDSfRdin8=; b=A8bxTD0A9xVNQ8g1sCAqZQntocte3nD0U7OK5+8oWfAD37qRkKIey/66EWE3nKKoOk UqnYSoZD20+cLuKuWl4ISY1d0hIIVnxBvfFtFOjyEGy7dySpPMhxaH8riJRPqOc/0JXf whxgXEuaKyc4T43P0mizCKGKA3GS3J/LUhGEcvdbjkHK95wqe5kI18s0FsEkjefsvGQR 4psJrjI6oZwdHvcVquSGNC0o7zS9eIJSL3rfnmeNKl4tLsux5nCuDvFyDZ+paiNSk3lS UMuSYO1zXN4IVOf3P6HexDAwJ4BTR8Nt1d4LDAQNtJfGkyIFsGYIMNO4LkuzGyWy4KRJ vJaw== X-Gm-Message-State: AOAM532liwMXJ3zCL1BweKGMj2nSa9fXizUS9WgcMrTK8bVsMIKrhbHD Dqtz/mjEbyFxKwH/5CyQZGN00sPcLcahylGTnGePb3RwyIxuDXc+XQ5GiX+9+FB527gvZ4x1pHB F5syMY4izUZ1a2wpL6ZviLxvzKaD3/TjxF9sXyA/0oA== X-Received: by 2002:a02:6a4d:: with SMTP id m13mr4493424jaf.19.1592585455501; Fri, 19 Jun 2020 09:50:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyyr9T8IzC/P0Kc52KNfBMNlt5v5WLOqSQoND0XzfHDw7dQX6O0tSAGq231PoWhjyY6/Tbxvg== X-Received: by 2002:a02:6a4d:: with SMTP id m13mr4493410jaf.19.1592585455217; Fri, 19 Jun 2020 09:50:55 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x18sm3333959ilq.46.2020.06.19.09.50.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:54 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 35/57][X] Annotate hardware config module parameters in drivers/tty/ Date: Fri, 19 Jun 2020 11:49:48 -0500 Message-Id: <20200619165010.645925-36-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/tty/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Greg Kroah-Hartman cc: Jiri Slaby cc: linux-serial@vger.kernel.org (backported from commit 3b60daf86b133f0b15e3eb9b767c6c1752af2bd6) Signed-off-by: Seth Forshee --- drivers/tty/cyclades.c | 4 ++-- drivers/tty/moxa.c | 2 +- drivers/tty/mxser.c | 2 +- drivers/tty/rocket.c | 10 +++++----- drivers/tty/serial/8250/8250_core.c | 4 ++-- drivers/tty/synclink.c | 6 +++--- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/drivers/tty/cyclades.c b/drivers/tty/cyclades.c index d4a1331675ed..cfd1b7f5179c 100644 --- a/drivers/tty/cyclades.c +++ b/drivers/tty/cyclades.c @@ -158,8 +158,8 @@ static unsigned int cy_isa_addresses[] = { static long maddr[NR_CARDS]; static int irq[NR_CARDS]; -module_param_array(maddr, long, NULL, 0); -module_param_array(irq, int, NULL, 0); +module_param_hw_array(maddr, long, iomem, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); #endif /* CONFIG_ISA */ diff --git a/drivers/tty/moxa.c b/drivers/tty/moxa.c index 14c54e041065..2ff6a13062d8 100644 --- a/drivers/tty/moxa.c +++ b/drivers/tty/moxa.c @@ -180,7 +180,7 @@ MODULE_FIRMWARE("c320tunx.cod"); module_param_array(type, uint, NULL, 0); MODULE_PARM_DESC(type, "card type: C218=2, C320=4"); -module_param_array(baseaddr, ulong, NULL, 0); +module_param_hw_array(baseaddr, ulong, ioport, NULL, 0); MODULE_PARM_DESC(baseaddr, "base address"); module_param_array(numports, uint, NULL, 0); MODULE_PARM_DESC(numports, "numports (ignored for C218)"); diff --git a/drivers/tty/mxser.c b/drivers/tty/mxser.c index 4c4a23674569..935e9a9fb020 100644 --- a/drivers/tty/mxser.c +++ b/drivers/tty/mxser.c @@ -183,7 +183,7 @@ static int ttymajor = MXSERMAJOR; MODULE_AUTHOR("Casper Yang"); MODULE_DESCRIPTION("MOXA Smartio/Industio Family Multiport Board Device Driver"); -module_param_array(ioaddr, ulong, NULL, 0); +module_param_hw_array(ioaddr, ulong, ioport, NULL, 0); MODULE_PARM_DESC(ioaddr, "ISA io addresses to look for a moxa board"); module_param(ttymajor, int, 0); MODULE_LICENSE("GPL"); diff --git a/drivers/tty/rocket.c b/drivers/tty/rocket.c index 0d3cc3324f46..e8a65ed4bb2c 100644 --- a/drivers/tty/rocket.c +++ b/drivers/tty/rocket.c @@ -250,15 +250,15 @@ static int sReadAiopNumChan(WordIO_t io); MODULE_AUTHOR("Theodore Ts'o"); MODULE_DESCRIPTION("Comtrol RocketPort driver"); -module_param(board1, ulong, 0); +module_param_hw(board1, ulong, ioport, 0); MODULE_PARM_DESC(board1, "I/O port for (ISA) board #1"); -module_param(board2, ulong, 0); +module_param_hw(board2, ulong, ioport, 0); MODULE_PARM_DESC(board2, "I/O port for (ISA) board #2"); -module_param(board3, ulong, 0); +module_param_hw(board3, ulong, ioport, 0); MODULE_PARM_DESC(board3, "I/O port for (ISA) board #3"); -module_param(board4, ulong, 0); +module_param_hw(board4, ulong, ioport, 0); MODULE_PARM_DESC(board4, "I/O port for (ISA) board #4"); -module_param(controller, ulong, 0); +module_param_hw(controller, ulong, ioport, 0); MODULE_PARM_DESC(controller, "I/O port for (ISA) rocketport controller"); module_param(support_low_speed, bool, 0); MODULE_PARM_DESC(support_low_speed, "1 means support 50 baud, 0 means support 460400 baud"); diff --git a/drivers/tty/serial/8250/8250_core.c b/drivers/tty/serial/8250/8250_core.c index 39126460c1f5..3305b7b1e4cf 100644 --- a/drivers/tty/serial/8250/8250_core.c +++ b/drivers/tty/serial/8250/8250_core.c @@ -1173,7 +1173,7 @@ EXPORT_SYMBOL(serial8250_resume_port); MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("Generic 8250/16x50 serial driver"); -module_param(share_irqs, uint, 0644); +module_param_hw(share_irqs, uint, other, 0644); MODULE_PARM_DESC(share_irqs, "Share IRQs with other non-8250/16x50 devices" " (unsafe)"); @@ -1184,7 +1184,7 @@ module_param(skip_txen_test, uint, 0644); MODULE_PARM_DESC(skip_txen_test, "Skip checking for the TXEN bug at init time"); #ifdef CONFIG_SERIAL_8250_RSA -module_param_array(probe_rsa, ulong, &probe_rsa_count, 0444); +module_param_hw_array(probe_rsa, ulong, ioport, &probe_rsa_count, 0444); MODULE_PARM_DESC(probe_rsa, "Probe I/O ports for RSA"); #endif MODULE_ALIAS_CHARDEV_MAJOR(TTY_MAJOR); diff --git a/drivers/tty/synclink.c b/drivers/tty/synclink.c index 6188059fd523..0a4416b2ce63 100644 --- a/drivers/tty/synclink.c +++ b/drivers/tty/synclink.c @@ -869,9 +869,9 @@ static int txholdbufs[MAX_TOTAL_DEVICES]; module_param(break_on_load, bool, 0); module_param(ttymajor, int, 0); -module_param_array(io, int, NULL, 0); -module_param_array(irq, int, NULL, 0); -module_param_array(dma, int, NULL, 0); +module_param_hw_array(io, int, ioport, NULL, 0); +module_param_hw_array(irq, int, irq, NULL, 0); +module_param_hw_array(dma, int, dma, NULL, 0); module_param(debug_level, int, 0); module_param_array(maxframe, int, NULL, 0); module_param_array(txdmabufs, int, NULL, 0); From patchwork Fri Jun 19 16:49:49 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313182 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPx16jCVzB4CT; Sat, 20 Jun 2020 02:52:21 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFU-00089h-N9; Fri, 19 Jun 2020 16:52:16 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEG-0007Ed-EG for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:00 +0000 Received: from mail-io1-f72.google.com ([209.85.166.72]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKED-0006O9-Sl for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:58 +0000 Received: by mail-io1-f72.google.com with SMTP id j9so5272006iog.1 for ; Fri, 19 Jun 2020 09:50:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=n1yj+U/Z/29O6MdyC5HHnYy5jwlYDzyoyfOy+QMU4c4=; b=bGV0Mm/bGuCCWuL55gOxLyAXzM7cge7aT0wBLwYW7jaUO+srJjeDatC2WQoQHSk7IM hOcPZk3my7B0WTxSxQTFbeVs3FydOG5aAyncBddCwL0eyBfgemr4idWj4q+lZLW+NM7u up3IxtuS7BpHIyrmp1Hh2Z97PjRD/sbtQftqSU9JshxNij1+qcTupmtT5SUAO64KW8l/ 4x/8mNM9+ZqNcdk+Uy+5khwQfixKMKMYPVYINvI1qntadbzzrxnkKEVuRkpV3goxdrFU /wC/T9LZbE1lqu9DD+ajAipm0NHr1VnVQmfKYsl3s8vewIhiFzj3ZDhGvtMwng99+T+4 9FOw== X-Gm-Message-State: AOAM531bzxPb+oY4ye+zz5cO4Wug0WCRnv3qOxWU+v9oFhF7xzd0SB2L qT4xWsQ73Ez5bnl875jzg8wYONeqnQQIfhMVNjOvwUVSar+99bC25slgk16WhpUEb4D/PS+xd54 oQFoDCLJdaS4ZpJNXjNGSu0En0c3x8tikmqb2U5aPRw== X-Received: by 2002:a5e:9708:: with SMTP id w8mr5334938ioj.16.1592585456709; Fri, 19 Jun 2020 09:50:56 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxmEONkO1Xrcfo6rmE5k8pq4wJOMO0tTzwphYeM//k3nbhPQPu5Tu7tWFryOBexoNC/np2J4Q== X-Received: by 2002:a5e:9708:: with SMTP id w8mr5334917ioj.16.1592585456453; Fri, 19 Jun 2020 09:50:56 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id o19sm1128429iob.5.2020.06.19.09.50.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:55 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 36/57][X] Annotate hardware config module parameters in drivers/video/ Date: Fri, 19 Jun 2020 11:49:49 -0500 Message-Id: <20200619165010.645925-37-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/video/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Bartlomiej Zolnierkiewicz cc: Tomi Valkeinen cc: linux-fbdev@vger.kernel.org (cherry picked from commit c729203defa7e6672ff6a5e503066351ac3928cb) Signed-off-by: Seth Forshee --- drivers/video/fbdev/arcfb.c | 8 ++++---- drivers/video/fbdev/n411.c | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/video/fbdev/arcfb.c b/drivers/video/fbdev/arcfb.c index 1b0b233b8b39..875496d277cd 100644 --- a/drivers/video/fbdev/arcfb.c +++ b/drivers/video/fbdev/arcfb.c @@ -645,17 +645,17 @@ module_param(nosplash, uint, 0); MODULE_PARM_DESC(nosplash, "Disable doing the splash screen"); module_param(arcfb_enable, uint, 0); MODULE_PARM_DESC(arcfb_enable, "Enable communication with Arc board"); -module_param(dio_addr, ulong, 0); +module_param_hw(dio_addr, ulong, ioport, 0); MODULE_PARM_DESC(dio_addr, "IO address for data, eg: 0x480"); -module_param(cio_addr, ulong, 0); +module_param_hw(cio_addr, ulong, ioport, 0); MODULE_PARM_DESC(cio_addr, "IO address for control, eg: 0x400"); -module_param(c2io_addr, ulong, 0); +module_param_hw(c2io_addr, ulong, ioport, 0); MODULE_PARM_DESC(c2io_addr, "IO address for secondary control, eg: 0x408"); module_param(splashval, ulong, 0); MODULE_PARM_DESC(splashval, "Splash pattern: 0xFF is black, 0x00 is green"); module_param(tuhold, ulong, 0); MODULE_PARM_DESC(tuhold, "Time to hold between strobing data to Arc board"); -module_param(irq, uint, 0); +module_param_hw(irq, uint, irq, 0); MODULE_PARM_DESC(irq, "IRQ for the Arc board"); module_init(arcfb_init); diff --git a/drivers/video/fbdev/n411.c b/drivers/video/fbdev/n411.c index 935830fea7b6..5383d70f0ce7 100644 --- a/drivers/video/fbdev/n411.c +++ b/drivers/video/fbdev/n411.c @@ -187,11 +187,11 @@ module_exit(n411_exit); module_param(nosplash, uint, 0); MODULE_PARM_DESC(nosplash, "Disable doing the splash screen"); -module_param(dio_addr, ulong, 0); +module_param_hw(dio_addr, ulong, ioport, 0); MODULE_PARM_DESC(dio_addr, "IO address for data, eg: 0x480"); -module_param(cio_addr, ulong, 0); +module_param_hw(cio_addr, ulong, ioport, 0); MODULE_PARM_DESC(cio_addr, "IO address for control, eg: 0x400"); -module_param(c2io_addr, ulong, 0); +module_param_hw(c2io_addr, ulong, ioport, 0); MODULE_PARM_DESC(c2io_addr, "IO address for secondary control, eg: 0x408"); module_param(splashval, ulong, 0); MODULE_PARM_DESC(splashval, "Splash pattern: 0x00 is black, 0x01 is white"); From patchwork Fri Jun 19 16:49:50 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313184 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPx357yjzB3wr; Sat, 20 Jun 2020 02:52:23 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFX-0008Bq-EY; Fri, 19 Jun 2020 16:52:19 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEH-0007Fv-W8 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:02 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEF-0006ON-P5 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:50:59 +0000 Received: by mail-il1-f197.google.com with SMTP id o12so6896451ilf.6 for ; Fri, 19 Jun 2020 09:50:59 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=11T5Un3eWc003MEALTUz2mj+xWeg+uTXz9p66Wq74nE=; b=WiJmxWjdcYnbWuI1rmU8RdVdnrk7uDGeXWe4sMP75ExIFwVUQaWCLh0F109wg2ykUj BEc+loo+dIkszS+TL7w9+JfmTfMG33CD1CVcB7Do5UY+OH7VyjiPnULvCJw0AWrnXwGD tg9O254WKSGWQoJQpKCGppyCU66ylORDlaoCFFQVp0PKe3ilKPRx59bNYo55f6r3r2cX axsvcZldMYXVW7QbllU4xkN1ldvyX+/THm/gMovAFCy76yHrN0vPsAUgVFVHUpXy/7pF XVbSk/LjTqTEdENF/ID0eCHccCmPBufp7DEnEmXuWCVPFsqi4dAzhmteAbXCrFPgXSMs 0X3g== X-Gm-Message-State: AOAM533QG2bGNGzVY9EnYpXB5gnjoK9lMKNlXG97tNfQjQym0aprmH+i DwIJC3nQGXGT1z6el3Daumf5KEBeHwmtqAmd1mhY3mmbknKqcbJuZhzm7lCSIa0BQP6BxDJopXp 3AEp0RhEaBYvRcfyVrQzwoy32e/cS6JvvjV9TPCz8sw== X-Received: by 2002:a05:6602:13c6:: with SMTP id o6mr5115568iov.84.1592585458118; Fri, 19 Jun 2020 09:50:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzd0hmgavfVmXzA16CqD+PrBIHy+6s5dfA/xLL3qBtNK764/5ByFf5h4m4Gqi+mNSsK7yeg2A== X-Received: by 2002:a05:6602:13c6:: with SMTP id o6mr5115541iov.84.1592585457768; Fri, 19 Jun 2020 09:50:57 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x63sm3480076ilk.66.2020.06.19.09.50.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:57 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 37/57][X] Annotate hardware config module parameters in drivers/watchdog/ Date: Fri, 19 Jun 2020 11:49:50 -0500 Message-Id: <20200619165010.645925-38-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in drivers/watchdog/. Suggested-by: Alan Cox Signed-off-by: David Howells Reviewed-by: Guenter Roeck cc: Wim Van Sebroeck cc: Zwane Mwaikambo cc: linux-watchdog@vger.kernel.org (cherry picked from commit 5d1c93ce21832825acc48595a6fec8cfdb3e1453) Signed-off-by: Seth Forshee --- drivers/watchdog/cpu5wdt.c | 2 +- drivers/watchdog/eurotechwdt.c | 4 ++-- drivers/watchdog/pc87413_wdt.c | 2 +- drivers/watchdog/sc1200wdt.c | 2 +- drivers/watchdog/wdt.c | 4 ++-- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/watchdog/cpu5wdt.c b/drivers/watchdog/cpu5wdt.c index 6d03e8e30f8b..6c3f78e45c26 100644 --- a/drivers/watchdog/cpu5wdt.c +++ b/drivers/watchdog/cpu5wdt.c @@ -289,7 +289,7 @@ MODULE_DESCRIPTION("sma cpu5 watchdog driver"); MODULE_SUPPORTED_DEVICE("sma cpu5 watchdog"); MODULE_LICENSE("GPL"); -module_param(port, int, 0); +module_param_hw(port, int, ioport, 0); MODULE_PARM_DESC(port, "base address of watchdog card, default is 0x91"); module_param(verbose, int, 0); diff --git a/drivers/watchdog/eurotechwdt.c b/drivers/watchdog/eurotechwdt.c index 23ee53240c4c..38e96712264f 100644 --- a/drivers/watchdog/eurotechwdt.c +++ b/drivers/watchdog/eurotechwdt.c @@ -97,9 +97,9 @@ MODULE_PARM_DESC(nowayout, #define WDT_TIMER_CFG 0xf3 -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "Eurotech WDT io port (default=0x3f0)"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "Eurotech WDT irq (default=10)"); module_param(ev, charp, 0); MODULE_PARM_DESC(ev, "Eurotech WDT event type (default is `int')"); diff --git a/drivers/watchdog/pc87413_wdt.c b/drivers/watchdog/pc87413_wdt.c index 9f15dd9435d1..06a892e36a8d 100644 --- a/drivers/watchdog/pc87413_wdt.c +++ b/drivers/watchdog/pc87413_wdt.c @@ -579,7 +579,7 @@ MODULE_AUTHOR("Marcus Junker "); MODULE_DESCRIPTION("PC87413 WDT driver"); MODULE_LICENSE("GPL"); -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, MODNAME " I/O port (default: " __MODULE_STRING(IO_DEFAULT) ")."); diff --git a/drivers/watchdog/sc1200wdt.c b/drivers/watchdog/sc1200wdt.c index 131193a7acdf..b34d3d5ba632 100644 --- a/drivers/watchdog/sc1200wdt.c +++ b/drivers/watchdog/sc1200wdt.c @@ -88,7 +88,7 @@ MODULE_PARM_DESC(isapnp, "When set to 0 driver ISA PnP support will be disabled"); #endif -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "io port"); module_param(timeout, int, 0); MODULE_PARM_DESC(timeout, "range is 0-255 minutes, default is 1"); diff --git a/drivers/watchdog/wdt.c b/drivers/watchdog/wdt.c index e0206b5b7d89..e481fbbc4ae7 100644 --- a/drivers/watchdog/wdt.c +++ b/drivers/watchdog/wdt.c @@ -78,9 +78,9 @@ static int irq = 11; static DEFINE_SPINLOCK(wdt_lock); -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "WDT io port (default=0x240)"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "WDT irq (default=11)"); /* Support for the Fan Tachometer on the WDT501-P */ From patchwork Fri Jun 19 16:49:51 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313183 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPx504ddzB4Cc; Sat, 20 Jun 2020 02:52:25 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFY-0008Cu-Bt; Fri, 19 Jun 2020 16:52:20 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEI-0007GQ-LX for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:02 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEG-0006Oh-OJ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:00 +0000 Received: by mail-il1-f199.google.com with SMTP id v14so6871662ilo.19 for ; Fri, 19 Jun 2020 09:51:00 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=/byXRn2eQorhDQOfN73aC0U2sAzlgB+rYd118SUhqm0=; b=SfGnzOLlnstP2AlcTXRl861/zfWgfhbML/ssSTIZVYM7hvUnZ2prYe1a+m65BgNduQ 5OmEwmIU/VuyXLPvQND2feQfjsOdJyJUHA1/cEzDjcyr4m3vILtABLOmL5n1UfscU+G7 5p6SKU63cg6vY/aG/eRNqdkc74Z9g85bXfGDSUOc3xO86Bf6lRygDblAUBg1uKujwoey GyxwcuvNX+bDSyK7axOUoUnbRQfGZiAR2tPq3R/hc56JU9Uur0ycwwNw115CcuWiNLtH p/suGrI1NuN2bu16MBoolRRBH9R5PQbXJ20RtqY0N+131Gc/ym3Ulbney03Esi2NderE PuTw== X-Gm-Message-State: AOAM531xfHfaj0CeB2RxZkWFuuzf2TKRWeaTllEyZnlF9l8/fk+1XwyC 6VuV1h2QjjEYpRCDOwUtqTd3KPlqjIWjcFy77rWP3b5jnG/H+MSXR5t8oPAAr2JNwYy998dowNd Xl+drM9v0V26AGuH+GDRErmKeic4poBbUXANiE7H+XQ== X-Received: by 2002:a6b:680c:: with SMTP id d12mr5455746ioc.102.1592585459384; Fri, 19 Jun 2020 09:50:59 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzp6WvSCYfVLWFKEGl9SvWqkPbf36rxMdsyXpZq6Tf6oQxEiuedF7qME0p0l0CXrrAcIn4ydg== X-Received: by 2002:a6b:680c:: with SMTP id d12mr5455691ioc.102.1592585458832; Fri, 19 Jun 2020 09:50:58 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w21sm3754890ioa.48.2020.06.19.09.50.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:58 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 38/57][X] Annotate hardware config module parameters in fs/pstore/ Date: Fri, 19 Jun 2020 11:49:51 -0500 Message-Id: <20200619165010.645925-39-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in fs/pstore/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Kees Cook cc: Anton Vorontsov cc: Colin Cross cc: Tony Luck (backported from commit b90fe0c4e0ceb52c78c17f3cfa1ff8e79275028d) Signed-off-by: Seth Forshee --- fs/pstore/ram.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c index fa0e89edb62d..10b0302c4d57 100644 --- a/fs/pstore/ram.c +++ b/fs/pstore/ram.c @@ -56,7 +56,7 @@ module_param_named(pmsg_size, ramoops_pmsg_size, ulong, 0400); MODULE_PARM_DESC(pmsg_size, "size of user space message log"); static ulong mem_address; -module_param(mem_address, ulong, 0400); +module_param_hw(mem_address, ulong, other, 0400); MODULE_PARM_DESC(mem_address, "start of reserved RAM used to store oops/panic logs"); From patchwork Fri Jun 19 16:49:52 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313185 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPx60vdWzB4Cd; Sat, 20 Jun 2020 02:52:26 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFa-0008Ex-1m; Fri, 19 Jun 2020 16:52:22 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEJ-0007H3-No for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:03 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEH-0006Oo-Jl for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:01 +0000 Received: by mail-io1-f70.google.com with SMTP id j9so5272109iog.1 for ; Fri, 19 Jun 2020 09:51:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zPM9hT0O2bmDi1Bk5oa0hhHcnIT+iOnulvS8mpfyWzM=; b=IVOIhHx5Xmp/R/j0lg9MrIc5ubbLKAs8jOIbg9pfzimbOdNn6nP56Spp8bEaiR6Udw /W7a86cMDaZH1JboiOuyWM8TkVSmL2CpNXtJTTI4KzfpRrvde12C/5/pwwngMVrPBeVX EyVS6vJvNqpWdbsjkKrZynyBIhsgHRbdUabMv2SSoBZdwhubgFD8dO82/IeueKdBpcD1 lbyljW88x2BuPynRnJGgj9Y0ib85NmlS7N/2W/tnKoUHoq+9K7Dzdteuq25MLlwJLxr+ gH0iX4DZdJB6sI0tl9i8Vh6L8qb+wYiUqz75O2rdU5vSCuYuKDLm8EsN2wtch0fSDz57 nAYQ== X-Gm-Message-State: AOAM531YfzZcuNGMt+by5OygX8qTlSjmyZn0JFPS+tWG2hyFeEcbfF/+ SabF9+4gArAoYjNbCrgiloGxEGLAxrYj73T3mYzFvTBENP0yrKiu8d30ZAIE11Y7lXS7ZDOSrHr IqUZvMM5prh5jIWZGHmdcHcVcA7GHBUjh6Tz7JqmqeQ== X-Received: by 2002:a92:190:: with SMTP id 138mr4250179ilb.5.1592585460454; Fri, 19 Jun 2020 09:51:00 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwl0LqBQqRd5DmmNEnpnmHfxw5bsTyfj+jcrLra0ovQFWuC6FJgjLCcd7NxVy9QH/8naXZuTw== X-Received: by 2002:a92:190:: with SMTP id 138mr4250149ilb.5.1592585459970; Fri, 19 Jun 2020 09:50:59 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id r17sm3440024ilc.33.2020.06.19.09.50.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:50:59 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 39/57][X] Annotate hardware config module parameters in sound/drivers/ Date: Fri, 19 Jun 2020 11:49:52 -0500 Message-Id: <20200619165010.645925-40-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/drivers/. Suggested-by: Alan Cox Signed-off-by: David Howells Acked-by: Takashi Iwai cc: Jaroslav Kysela cc: alsa-devel@alsa-project.org (cherry picked from commit b11ce420c5dfc966061bc20f576c85504bb69712) Signed-off-by: Seth Forshee --- sound/drivers/mpu401/mpu401.c | 4 ++-- sound/drivers/mtpav.c | 4 ++-- sound/drivers/serial-u16550.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sound/drivers/mpu401/mpu401.c b/sound/drivers/mpu401/mpu401.c index fed7e7e2177b..9b86e00d7d95 100644 --- a/sound/drivers/mpu401/mpu401.c +++ b/sound/drivers/mpu401/mpu401.c @@ -53,9 +53,9 @@ MODULE_PARM_DESC(enable, "Enable MPU-401 device."); module_param_array(pnp, bool, NULL, 0444); MODULE_PARM_DESC(pnp, "PnP detection for MPU-401 device."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for MPU-401 device."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for MPU-401 device."); module_param_array(uart_enter, bool, NULL, 0444); MODULE_PARM_DESC(uart_enter, "Issue UART_ENTER command at open."); diff --git a/sound/drivers/mtpav.c b/sound/drivers/mtpav.c index 30e8a1d5bc87..c6bab7cf4fe7 100644 --- a/sound/drivers/mtpav.c +++ b/sound/drivers/mtpav.c @@ -86,9 +86,9 @@ module_param(index, int, 0444); MODULE_PARM_DESC(index, "Index value for MotuMTPAV MIDI."); module_param(id, charp, 0444); MODULE_PARM_DESC(id, "ID string for MotuMTPAV MIDI."); -module_param(port, long, 0444); +module_param_hw(port, long, ioport, 0444); MODULE_PARM_DESC(port, "Parallel port # for MotuMTPAV MIDI."); -module_param(irq, int, 0444); +module_param_hw(irq, int, irq, 0444); MODULE_PARM_DESC(irq, "Parallel IRQ # for MotuMTPAV MIDI."); module_param(hwports, int, 0444); MODULE_PARM_DESC(hwports, "Hardware ports # for MotuMTPAV MIDI."); diff --git a/sound/drivers/serial-u16550.c b/sound/drivers/serial-u16550.c index 1927b89e1d1f..04be126fe4e6 100644 --- a/sound/drivers/serial-u16550.c +++ b/sound/drivers/serial-u16550.c @@ -84,9 +84,9 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for Serial MIDI."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable UART16550A chip."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for UART16550A chip."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for UART16550A chip."); module_param_array(speed, int, NULL, 0444); MODULE_PARM_DESC(speed, "Speed in bauds."); From patchwork Fri Jun 19 16:49:53 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313186 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPx72vsGzB4Cg; Sat, 20 Jun 2020 02:52:27 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFb-0008GH-1c; Fri, 19 Jun 2020 16:52:23 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEL-0007Ia-Bg for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:05 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEJ-0006PH-6n for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:03 +0000 Received: by mail-il1-f197.google.com with SMTP id c11so6897854ilq.0 for ; Fri, 19 Jun 2020 09:51:03 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZTedMIvHO2H7/tMJzZEIFUlfhkOn1gHkVi4XloTsipo=; b=qXwlBihzx2pcHwfqXsOJsWRgNEMFwN9z5LNqbvyi2ClSG/uB+U3VL8mrVsGezcL4zR zuPCDNAjCFHjgXhER1XXhkelbZtplOv4+0n8vBw+/p0wQ0xnLOgVHVpj9YjJVHqzqhan kwz51PLFAbLkkH7Ce2yUbI5LuoxF1IIzPz0yF3u7td2GtVG3jrZKi6Z6Wg+haTWdEsy4 C6y7hUJ74v3uUu9RkTCeWc0mT76KqsJADQjT/YHi/p0al5JgrubYUR9/SoOraqShsUFL Le+9GZXUEhoJPkgmmApfQmbSn1HEJVAplUpcbOv7k4RBQaRf3zYME+hzoWN0qeFoZEky CGXw== X-Gm-Message-State: AOAM531jJ4xx5i+tdBL53V3Gkq2KRKAh/sDAODMPlxsur+2S+HFlUNYo /S54X2d2PF18yRvT2bzyBitpIlal8U59FgO2+5GLrJLm5UNqKsiUGZLc3Th/TE+UAppQBYYP64p nGzkuAgdglFV8K9Uhdq23C4euQy2/EIZsUDAjvn9sWg== X-Received: by 2002:a92:5e4a:: with SMTP id s71mr4404952ilb.119.1592585461747; Fri, 19 Jun 2020 09:51:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzYu9SNbabLQSC3r1smL9Y+zuSqy+zfKv864uWNFAD/yusx2R8GYb9v9p6j4x5ApJhuhFAj4w== X-Received: by 2002:a92:5e4a:: with SMTP id s71mr4404909ilb.119.1592585461312; Fri, 19 Jun 2020 09:51:01 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id t1sm3378430iob.16.2020.06.19.09.51.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:00 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 40/57][X] Annotate hardware config module parameters in sound/isa/ Date: Fri, 19 Jun 2020 11:49:53 -0500 Message-Id: <20200619165010.645925-41-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/isa/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Jaroslav Kysela cc: Takashi Iwai cc: alsa-devel@alsa-project.org (cherry picked from commit e992ef5705c1e154acb248869b39e0be4c003a8b) Signed-off-by: Seth Forshee --- sound/isa/ad1848/ad1848.c | 6 +++--- sound/isa/adlib.c | 2 +- sound/isa/cmi8328.c | 12 ++++++------ sound/isa/cmi8330.c | 20 ++++++++++---------- sound/isa/cs423x/cs4231.c | 12 ++++++------ sound/isa/cs423x/cs4236.c | 18 +++++++++--------- sound/isa/es1688/es1688.c | 12 ++++++------ sound/isa/es18xx.c | 12 ++++++------ sound/isa/galaxy/galaxy.c | 16 ++++++++-------- sound/isa/gus/gusclassic.c | 8 ++++---- sound/isa/gus/gusextreme.c | 16 ++++++++-------- sound/isa/gus/gusmax.c | 8 ++++---- sound/isa/gus/interwave.c | 10 +++++----- sound/isa/msnd/msnd_pinnacle.c | 20 ++++++++++---------- sound/isa/opl3sa2.c | 16 ++++++++-------- sound/isa/opti9xx/miro.c | 14 +++++++------- sound/isa/opti9xx/opti92x-ad1848.c | 14 +++++++------- sound/isa/sb/jazz16.c | 12 ++++++------ sound/isa/sb/sb16.c | 14 +++++++------- sound/isa/sb/sb8.c | 6 +++--- sound/isa/sc6000.c | 12 ++++++------ sound/isa/sscape.c | 12 ++++++------ sound/isa/wavefront/wavefront.c | 18 +++++++++--------- 23 files changed, 145 insertions(+), 145 deletions(-) diff --git a/sound/isa/ad1848/ad1848.c b/sound/isa/ad1848/ad1848.c index f159da4ec890..c1020f917b30 100644 --- a/sound/isa/ad1848/ad1848.c +++ b/sound/isa/ad1848/ad1848.c @@ -55,11 +55,11 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); module_param_array(thinkpad, bool, NULL, 0444); MODULE_PARM_DESC(thinkpad, "Enable only for the onboard CS4248 of IBM Thinkpad 360/750/755 series."); diff --git a/sound/isa/adlib.c b/sound/isa/adlib.c index 120c524bb2a0..896398ac72f5 100644 --- a/sound/isa/adlib.c +++ b/sound/isa/adlib.c @@ -27,7 +27,7 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); static int snd_adlib_match(struct device *dev, unsigned int n) diff --git a/sound/isa/cmi8328.c b/sound/isa/cmi8328.c index 2c89d95da674..1c1a01226987 100644 --- a/sound/isa/cmi8328.c +++ b/sound/isa/cmi8328.c @@ -51,18 +51,18 @@ MODULE_PARM_DESC(index, "Index value for CMI8328 soundcard."); module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for CMI8328 soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for CMI8328 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for CMI8328 driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 for CMI8328 driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 for CMI8328 driver."); -module_param_array(mpuport, long, NULL, 0444); +module_param_hw_array(mpuport, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpuport, "MPU-401 port # for CMI8328 driver."); -module_param_array(mpuirq, int, NULL, 0444); +module_param_hw_array(mpuirq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpuirq, "IRQ # for CMI8328 MPU-401 port."); #ifdef SUPPORT_JOYSTICK module_param_array(gameport, bool, NULL, 0444); diff --git a/sound/isa/cmi8330.c b/sound/isa/cmi8330.c index dfedfd85f205..f64b29ab5cc7 100644 --- a/sound/isa/cmi8330.c +++ b/sound/isa/cmi8330.c @@ -95,27 +95,27 @@ module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(sbport, long, NULL, 0444); +module_param_hw_array(sbport, long, ioport, NULL, 0444); MODULE_PARM_DESC(sbport, "Port # for CMI8330/CMI8329 SB driver."); -module_param_array(sbirq, int, NULL, 0444); +module_param_hw_array(sbirq, int, irq, NULL, 0444); MODULE_PARM_DESC(sbirq, "IRQ # for CMI8330/CMI8329 SB driver."); -module_param_array(sbdma8, int, NULL, 0444); +module_param_hw_array(sbdma8, int, dma, NULL, 0444); MODULE_PARM_DESC(sbdma8, "DMA8 for CMI8330/CMI8329 SB driver."); -module_param_array(sbdma16, int, NULL, 0444); +module_param_hw_array(sbdma16, int, dma, NULL, 0444); MODULE_PARM_DESC(sbdma16, "DMA16 for CMI8330/CMI8329 SB driver."); -module_param_array(wssport, long, NULL, 0444); +module_param_hw_array(wssport, long, ioport, NULL, 0444); MODULE_PARM_DESC(wssport, "Port # for CMI8330/CMI8329 WSS driver."); -module_param_array(wssirq, int, NULL, 0444); +module_param_hw_array(wssirq, int, irq, NULL, 0444); MODULE_PARM_DESC(wssirq, "IRQ # for CMI8330/CMI8329 WSS driver."); -module_param_array(wssdma, int, NULL, 0444); +module_param_hw_array(wssdma, int, dma, NULL, 0444); MODULE_PARM_DESC(wssdma, "DMA for CMI8330/CMI8329 WSS driver."); -module_param_array(fmport, long, NULL, 0444); +module_param_hw_array(fmport, long, ioport, NULL, 0444); MODULE_PARM_DESC(fmport, "FM port # for CMI8330/CMI8329 driver."); -module_param_array(mpuport, long, NULL, 0444); +module_param_hw_array(mpuport, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpuport, "MPU-401 port # for CMI8330/CMI8329 driver."); -module_param_array(mpuirq, int, NULL, 0444); +module_param_hw_array(mpuirq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpuirq, "IRQ # for CMI8330/CMI8329 MPU-401 port."); #ifdef CONFIG_PNP static int isa_registered; diff --git a/sound/isa/cs423x/cs4231.c b/sound/isa/cs423x/cs4231.c index 282cd75d2235..a0c6fc60bbdf 100644 --- a/sound/isa/cs423x/cs4231.c +++ b/sound/isa/cs423x/cs4231.c @@ -55,17 +55,17 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for " CRD_NAME " driver."); static int snd_cs4231_match(struct device *dev, unsigned int n) diff --git a/sound/isa/cs423x/cs4236.c b/sound/isa/cs423x/cs4236.c index c67d379cb6d6..c2063fe06966 100644 --- a/sound/isa/cs423x/cs4236.c +++ b/sound/isa/cs423x/cs4236.c @@ -98,23 +98,23 @@ MODULE_PARM_DESC(enable, "Enable " IDENT " soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "ISA PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " IDENT " driver."); -module_param_array(cport, long, NULL, 0444); +module_param_hw_array(cport, long, ioport, NULL, 0444); MODULE_PARM_DESC(cport, "Control port # for " IDENT " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " IDENT " driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for " IDENT " driver."); -module_param_array(sb_port, long, NULL, 0444); +module_param_hw_array(sb_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(sb_port, "SB port # for " IDENT " driver (optional)."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " IDENT " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " IDENT " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " IDENT " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for " IDENT " driver."); #ifdef CONFIG_PNP diff --git a/sound/isa/es1688/es1688.c b/sound/isa/es1688/es1688.c index 1901c2bb6c3b..36320e7f2789 100644 --- a/sound/isa/es1688/es1688.c +++ b/sound/isa/es1688/es1688.c @@ -71,17 +71,17 @@ module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for ES1688 driver."); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for " CRD_NAME " driver."); #ifdef CONFIG_PNP diff --git a/sound/isa/es18xx.c b/sound/isa/es18xx.c index 5094b62d8f77..0cabe2b8974f 100644 --- a/sound/isa/es18xx.c +++ b/sound/isa/es18xx.c @@ -1999,17 +1999,17 @@ MODULE_PARM_DESC(enable, "Enable ES18xx soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for ES18xx driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for ES18xx driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for ES18xx driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for ES18xx driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA 1 # for ES18xx driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA 2 # for ES18xx driver."); #ifdef CONFIG_PNP diff --git a/sound/isa/galaxy/galaxy.c b/sound/isa/galaxy/galaxy.c index 32278847884f..e644ae713406 100644 --- a/sound/isa/galaxy/galaxy.c +++ b/sound/isa/galaxy/galaxy.c @@ -53,21 +53,21 @@ static int mpu_irq[SNDRV_CARDS] = SNDRV_DEFAULT_IRQ; static int dma1[SNDRV_CARDS] = SNDRV_DEFAULT_DMA; static int dma2[SNDRV_CARDS] = SNDRV_DEFAULT_DMA; -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(wss_port, long, NULL, 0444); +module_param_hw_array(wss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(wss_port, "WSS port # for " CRD_NAME " driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "Playback DMA # for " CRD_NAME " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "Capture DMA # for " CRD_NAME " driver."); /* diff --git a/sound/isa/gus/gusclassic.c b/sound/isa/gus/gusclassic.c index f0019715d82e..1194a93657c2 100644 --- a/sound/isa/gus/gusclassic.c +++ b/sound/isa/gus/gusclassic.c @@ -58,13 +58,13 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for " CRD_NAME " driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for " CRD_NAME " driver."); diff --git a/sound/isa/gus/gusextreme.c b/sound/isa/gus/gusextreme.c index 693d95f46804..d777e38a9e91 100644 --- a/sound/isa/gus/gusextreme.c +++ b/sound/isa/gus/gusextreme.c @@ -66,21 +66,21 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); -module_param_array(gf1_port, long, NULL, 0444); +module_param_hw_array(gf1_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(gf1_port, "GF1 port # for " CRD_NAME " driver (optional)."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); -module_param_array(gf1_irq, int, NULL, 0444); +module_param_hw_array(gf1_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(gf1_irq, "GF1 IRQ # for " CRD_NAME " driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for " CRD_NAME " driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "GF1 DMA # for " CRD_NAME " driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for " CRD_NAME " driver."); diff --git a/sound/isa/gus/gusmax.c b/sound/isa/gus/gusmax.c index 8216e8d8f017..9f5f262c7997 100644 --- a/sound/isa/gus/gusmax.c +++ b/sound/isa/gus/gusmax.c @@ -56,13 +56,13 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for GUS MAX soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable GUS MAX soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for GUS MAX driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for GUS MAX driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for GUS MAX driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for GUS MAX driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for GUS MAX driver."); diff --git a/sound/isa/gus/interwave.c b/sound/isa/gus/interwave.c index 70d0040484c8..0687b7ef3e53 100644 --- a/sound/isa/gus/interwave.c +++ b/sound/isa/gus/interwave.c @@ -92,17 +92,17 @@ MODULE_PARM_DESC(enable, "Enable InterWave soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "ISA PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for InterWave driver."); #ifdef SNDRV_STB -module_param_array(port_tc, long, NULL, 0444); +module_param_hw_array(port_tc, long, ioport, NULL, 0444); MODULE_PARM_DESC(port_tc, "Tone control (TEA6330T - i2c bus) port # for InterWave driver."); #endif -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for InterWave driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for InterWave driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for InterWave driver."); module_param_array(joystick_dac, int, NULL, 0444); MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for InterWave driver."); diff --git a/sound/isa/msnd/msnd_pinnacle.c b/sound/isa/msnd/msnd_pinnacle.c index 2d7379dec1f0..d8ba87c4d3d0 100644 --- a/sound/isa/msnd/msnd_pinnacle.c +++ b/sound/isa/msnd/msnd_pinnacle.c @@ -801,22 +801,22 @@ MODULE_LICENSE("GPL"); MODULE_FIRMWARE(INITCODEFILE); MODULE_FIRMWARE(PERMCODEFILE); -module_param_array(io, long, NULL, S_IRUGO); +module_param_hw_array(io, long, ioport, NULL, S_IRUGO); MODULE_PARM_DESC(io, "IO port #"); -module_param_array(irq, int, NULL, S_IRUGO); -module_param_array(mem, long, NULL, S_IRUGO); +module_param_hw_array(irq, int, irq, NULL, S_IRUGO); +module_param_hw_array(mem, long, iomem, NULL, S_IRUGO); module_param_array(write_ndelay, int, NULL, S_IRUGO); module_param(calibrate_signal, int, S_IRUGO); #ifndef MSND_CLASSIC module_param_array(digital, int, NULL, S_IRUGO); -module_param_array(cfg, long, NULL, S_IRUGO); +module_param_hw_array(cfg, long, ioport, NULL, S_IRUGO); module_param_array(reset, int, 0, S_IRUGO); -module_param_array(mpu_io, long, NULL, S_IRUGO); -module_param_array(mpu_irq, int, NULL, S_IRUGO); -module_param_array(ide_io0, long, NULL, S_IRUGO); -module_param_array(ide_io1, long, NULL, S_IRUGO); -module_param_array(ide_irq, int, NULL, S_IRUGO); -module_param_array(joystick_io, long, NULL, S_IRUGO); +module_param_hw_array(mpu_io, long, ioport, NULL, S_IRUGO); +module_param_hw_array(mpu_irq, int, irq, NULL, S_IRUGO); +module_param_hw_array(ide_io0, long, ioport, NULL, S_IRUGO); +module_param_hw_array(ide_io1, long, ioport, NULL, S_IRUGO); +module_param_hw_array(ide_irq, int, irq, NULL, S_IRUGO); +module_param_hw_array(joystick_io, long, ioport, NULL, S_IRUGO); #endif diff --git a/sound/isa/opl3sa2.c b/sound/isa/opl3sa2.c index ae133633a420..4098e3e0353d 100644 --- a/sound/isa/opl3sa2.c +++ b/sound/isa/opl3sa2.c @@ -69,21 +69,21 @@ MODULE_PARM_DESC(enable, "Enable OPL3-SA soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for OPL3-SA driver."); -module_param_array(sb_port, long, NULL, 0444); +module_param_hw_array(sb_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(sb_port, "SB port # for OPL3-SA driver."); -module_param_array(wss_port, long, NULL, 0444); +module_param_hw_array(wss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(wss_port, "WSS port # for OPL3-SA driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for OPL3-SA driver."); -module_param_array(midi_port, long, NULL, 0444); +module_param_hw_array(midi_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(midi_port, "MIDI port # for OPL3-SA driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for OPL3-SA driver."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for OPL3-SA driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for OPL3-SA driver."); module_param_array(opl3sa3_ymode, int, NULL, 0444); MODULE_PARM_DESC(opl3sa3_ymode, "Speaker size selection for 3D Enhancement mode: Desktop/Large Notebook/Small Notebook/HiFi."); diff --git a/sound/isa/opti9xx/miro.c b/sound/isa/opti9xx/miro.c index 7fbac24607bc..958847371c9e 100644 --- a/sound/isa/opti9xx/miro.c +++ b/sound/isa/opti9xx/miro.c @@ -69,19 +69,19 @@ module_param(index, int, 0444); MODULE_PARM_DESC(index, "Index value for miro soundcard."); module_param(id, charp, 0444); MODULE_PARM_DESC(id, "ID string for miro soundcard."); -module_param(port, long, 0444); +module_param_hw(port, long, ioport, 0444); MODULE_PARM_DESC(port, "WSS port # for miro driver."); -module_param(mpu_port, long, 0444); +module_param_hw(mpu_port, long, ioport, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for miro driver."); -module_param(fm_port, long, 0444); +module_param_hw(fm_port, long, ioport, 0444); MODULE_PARM_DESC(fm_port, "FM Port # for miro driver."); -module_param(irq, int, 0444); +module_param_hw(irq, int, irq, 0444); MODULE_PARM_DESC(irq, "WSS irq # for miro driver."); -module_param(mpu_irq, int, 0444); +module_param_hw(mpu_irq, int, irq, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 irq # for miro driver."); -module_param(dma1, int, 0444); +module_param_hw(dma1, int, dma, 0444); MODULE_PARM_DESC(dma1, "1st dma # for miro driver."); -module_param(dma2, int, 0444); +module_param_hw(dma2, int, dma, 0444); MODULE_PARM_DESC(dma2, "2nd dma # for miro driver."); module_param(wss, int, 0444); MODULE_PARM_DESC(wss, "wss mode"); diff --git a/sound/isa/opti9xx/opti92x-ad1848.c b/sound/isa/opti9xx/opti92x-ad1848.c index 6777ae84b59e..1ce1f922d6ec 100644 --- a/sound/isa/opti9xx/opti92x-ad1848.c +++ b/sound/isa/opti9xx/opti92x-ad1848.c @@ -88,20 +88,20 @@ MODULE_PARM_DESC(id, "ID string for opti9xx based soundcard."); module_param(isapnp, bool, 0444); MODULE_PARM_DESC(isapnp, "Enable ISA PnP detection for specified soundcard."); #endif -module_param(port, long, 0444); +module_param_hw(port, long, ioport, 0444); MODULE_PARM_DESC(port, "WSS port # for opti9xx driver."); -module_param(mpu_port, long, 0444); +module_param_hw(mpu_port, long, ioport, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for opti9xx driver."); -module_param(fm_port, long, 0444); +module_param_hw(fm_port, long, ioport, 0444); MODULE_PARM_DESC(fm_port, "FM port # for opti9xx driver."); -module_param(irq, int, 0444); +module_param_hw(irq, int, irq, 0444); MODULE_PARM_DESC(irq, "WSS irq # for opti9xx driver."); -module_param(mpu_irq, int, 0444); +module_param_hw(mpu_irq, int, irq, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 irq # for opti9xx driver."); -module_param(dma1, int, 0444); +module_param_hw(dma1, int, dma, 0444); MODULE_PARM_DESC(dma1, "1st dma # for opti9xx driver."); #if defined(CS4231) || defined(OPTi93X) -module_param(dma2, int, 0444); +module_param_hw(dma2, int, dma, 0444); MODULE_PARM_DESC(dma2, "2nd dma # for opti9xx driver."); #endif /* CS4231 || OPTi93X */ diff --git a/sound/isa/sb/jazz16.c b/sound/isa/sb/jazz16.c index 6b4884d052a5..13b99acb62d5 100644 --- a/sound/isa/sb/jazz16.c +++ b/sound/isa/sb/jazz16.c @@ -50,17 +50,17 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for Media Vision Jazz16 based soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Media Vision Jazz16 based soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for jazz16 driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for jazz16 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for jazz16 driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for jazz16 driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "DMA8 # for jazz16 driver."); -module_param_array(dma16, int, NULL, 0444); +module_param_hw_array(dma16, int, dma, NULL, 0444); MODULE_PARM_DESC(dma16, "DMA16 # for jazz16 driver."); #define SB_JAZZ16_WAKEUP 0xaf diff --git a/sound/isa/sb/sb16.c b/sound/isa/sb/sb16.c index 4a7d7c89808f..3b2e4f405ff2 100644 --- a/sound/isa/sb/sb16.c +++ b/sound/isa/sb/sb16.c @@ -99,21 +99,21 @@ MODULE_PARM_DESC(enable, "Enable SoundBlaster 16 soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); #endif -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for SB16 driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for SB16 driver."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port # for SB16 PnP driver."); #ifdef SNDRV_SBAWE_EMU8000 -module_param_array(awe_port, long, NULL, 0444); +module_param_hw_array(awe_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(awe_port, "AWE port # for SB16 PnP driver."); #endif -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for SB16 driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for SB16 driver."); -module_param_array(dma16, int, NULL, 0444); +module_param_hw_array(dma16, int, dma, NULL, 0444); MODULE_PARM_DESC(dma16, "16-bit DMA # for SB16 driver."); module_param_array(mic_agc, int, NULL, 0444); MODULE_PARM_DESC(mic_agc, "Mic Auto-Gain-Control switch."); diff --git a/sound/isa/sb/sb8.c b/sound/isa/sb/sb8.c index 0c7fe1418447..4b770fa3708a 100644 --- a/sound/isa/sb/sb8.c +++ b/sound/isa/sb/sb8.c @@ -47,11 +47,11 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for Sound Blaster soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Sound Blaster soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for SB8 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for SB8 driver."); -module_param_array(dma8, int, NULL, 0444); +module_param_hw_array(dma8, int, dma, NULL, 0444); MODULE_PARM_DESC(dma8, "8-bit DMA # for SB8 driver."); struct snd_sb8 { diff --git a/sound/isa/sc6000.c b/sound/isa/sc6000.c index 51cfa7615f72..72c8d08e7d20 100644 --- a/sound/isa/sc6000.c +++ b/sound/isa/sc6000.c @@ -64,17 +64,17 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for sc-6000 based soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable sc-6000 based soundcard."); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for sc-6000 driver."); -module_param_array(mss_port, long, NULL, 0444); +module_param_hw_array(mss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mss_port, "MSS Port # for sc-6000 driver."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port # for sc-6000 driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for sc-6000 driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for sc-6000 driver."); -module_param_array(dma, int, NULL, 0444); +module_param_hw_array(dma, int, dma, NULL, 0444); MODULE_PARM_DESC(dma, "DMA # for sc-6000 driver."); module_param_array(joystick, bool, NULL, 0444); MODULE_PARM_DESC(joystick, "Enable gameport."); diff --git a/sound/isa/sscape.c b/sound/isa/sscape.c index 7b248cdf06e2..2f1eab8e0ef6 100644 --- a/sound/isa/sscape.c +++ b/sound/isa/sscape.c @@ -63,22 +63,22 @@ MODULE_PARM_DESC(index, "Index number for SoundScape soundcard"); module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "Description for SoundScape card"); -module_param_array(port, long, NULL, 0444); +module_param_hw_array(port, long, ioport, NULL, 0444); MODULE_PARM_DESC(port, "Port # for SoundScape driver."); -module_param_array(wss_port, long, NULL, 0444); +module_param_hw_array(wss_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(wss_port, "WSS Port # for SoundScape driver."); -module_param_array(irq, int, NULL, 0444); +module_param_hw_array(irq, int, irq, NULL, 0444); MODULE_PARM_DESC(irq, "IRQ # for SoundScape driver."); -module_param_array(mpu_irq, int, NULL, 0444); +module_param_hw_array(mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(mpu_irq, "MPU401 IRQ # for SoundScape driver."); -module_param_array(dma, int, NULL, 0444); +module_param_hw_array(dma, int, dma, NULL, 0444); MODULE_PARM_DESC(dma, "DMA # for SoundScape driver."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for SoundScape driver."); module_param_array(joystick, bool, NULL, 0444); diff --git a/sound/isa/wavefront/wavefront.c b/sound/isa/wavefront/wavefront.c index a0987a57c8a9..da4e9a85f0af 100644 --- a/sound/isa/wavefront/wavefront.c +++ b/sound/isa/wavefront/wavefront.c @@ -63,23 +63,23 @@ MODULE_PARM_DESC(enable, "Enable WaveFront soundcard."); module_param_array(isapnp, bool, NULL, 0444); MODULE_PARM_DESC(isapnp, "ISA PnP detection for WaveFront soundcards."); #endif -module_param_array(cs4232_pcm_port, long, NULL, 0444); +module_param_hw_array(cs4232_pcm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(cs4232_pcm_port, "Port # for CS4232 PCM interface."); -module_param_array(cs4232_pcm_irq, int, NULL, 0444); +module_param_hw_array(cs4232_pcm_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(cs4232_pcm_irq, "IRQ # for CS4232 PCM interface."); -module_param_array(dma1, int, NULL, 0444); +module_param_hw_array(dma1, int, dma, NULL, 0444); MODULE_PARM_DESC(dma1, "DMA1 # for CS4232 PCM interface."); -module_param_array(dma2, int, NULL, 0444); +module_param_hw_array(dma2, int, dma, NULL, 0444); MODULE_PARM_DESC(dma2, "DMA2 # for CS4232 PCM interface."); -module_param_array(cs4232_mpu_port, long, NULL, 0444); +module_param_hw_array(cs4232_mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(cs4232_mpu_port, "port # for CS4232 MPU-401 interface."); -module_param_array(cs4232_mpu_irq, int, NULL, 0444); +module_param_hw_array(cs4232_mpu_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(cs4232_mpu_irq, "IRQ # for CS4232 MPU-401 interface."); -module_param_array(ics2115_irq, int, NULL, 0444); +module_param_hw_array(ics2115_irq, int, irq, NULL, 0444); MODULE_PARM_DESC(ics2115_irq, "IRQ # for ICS2115."); -module_param_array(ics2115_port, long, NULL, 0444); +module_param_hw_array(ics2115_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(ics2115_port, "Port # for ICS2115."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port #."); module_param_array(use_cs4232_midi, bool, NULL, 0444); MODULE_PARM_DESC(use_cs4232_midi, "Use CS4232 MPU-401 interface (inaccessibly located inside your computer)"); From patchwork Fri Jun 19 16:49:54 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313187 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPx928PgzB4CR; Sat, 20 Jun 2020 02:52:29 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFc-0008Hd-Ad; Fri, 19 Jun 2020 16:52:24 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEL-0007J0-VY for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:06 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEK-0006PL-7D for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:04 +0000 Received: by mail-il1-f197.google.com with SMTP id x63so6840801ilk.8 for ; Fri, 19 Jun 2020 09:51:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=mnNIuJrMAYG7AOt6CDqKTlTt9fFMHiKjQf4bD4L1VTU=; b=UFUjJ5nEkiWuMW9EdZEiww39yd0GncxM4BngtmMj7BS489FVm/QgslIR9W005pM1ek CgJxgJ6DV3IvVK6EdOpJ29AC+DeDz1xzl391t/O73oqmcthEiOnrDsno0uHJuSXh+wSZ fn7QFZhCo3PR22qXxuWG6HuPAdhwckfsrqLBweXcMmsb3Igp2yQqCHkeL9I2Iz01nckM z49oAKQEhgYThtjqVxTbyl/uyWQwSoWRk2ZySm/cC05WKepuP5aYFTn1KITWhkjE7FqS JyYBlRLNshez5rLPgPT4xnAYSqyag3Plaq4Yx1OujaNEbHNBM/XH1lc2kBBuOYasXiwn fWxA== X-Gm-Message-State: AOAM530BCdnQGr/3QNS2pkpONrBkya61GcDkK43lK+TF12T0B1Drp/t6 ytXndr1Bx2eamdFMtmFS3puvtjsXCXfWMeUpU7ZK2/XAWTbKYbSjcAvNyq7LX7G3GMaNnyt8eeu 6DEDqZ07unAuSge8hYvjKJojH90hz7AiPOSzH3mPvDg== X-Received: by 2002:a92:244c:: with SMTP id k73mr4552129ilk.292.1592585462881; Fri, 19 Jun 2020 09:51:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw+QFCqfJGSOqVROHoyBQ+Oyp7AHhyex9eXXfCF4Ky3V2roAt6Bv3bJCQ0MPBaPyopeIVuP+w== X-Received: by 2002:a92:244c:: with SMTP id k73mr4552101ilk.292.1592585462487; Fri, 19 Jun 2020 09:51:02 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id p12sm3619669ioj.37.2020.06.19.09.51.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:02 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 41/57][X] Annotate hardware config module parameters in sound/oss/ Date: Fri, 19 Jun 2020 11:49:54 -0500 Message-Id: <20200619165010.645925-42-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/oss/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Jaroslav Kysela cc: Takashi Iwai cc: Andrew Veliath cc: alsa-devel@alsa-project.org (cherry picked from commit 232b0b0829fa4f22172750a6e2a36867583da285) Signed-off-by: Seth Forshee --- sound/oss/ad1848.c | 8 ++++---- sound/oss/aedsp16.c | 12 ++++++------ sound/oss/mpu401.c | 4 ++-- sound/oss/msnd_pinnacle.c | 20 ++++++++++---------- sound/oss/opl3.c | 2 +- sound/oss/pas2_card.c | 18 +++++++++--------- sound/oss/pss.c | 14 +++++++------- sound/oss/sb_card.c | 10 +++++----- sound/oss/trix.c | 18 +++++++++--------- sound/oss/uart401.c | 4 ++-- sound/oss/uart6850.c | 4 ++-- sound/oss/waveartist.c | 8 ++++---- 12 files changed, 61 insertions(+), 61 deletions(-) diff --git a/sound/oss/ad1848.c b/sound/oss/ad1848.c index 10c8de1f8d29..f43f4c4b254b 100644 --- a/sound/oss/ad1848.c +++ b/sound/oss/ad1848.c @@ -2810,10 +2810,10 @@ static int __initdata dma = -1; static int __initdata dma2 = -1; static int __initdata type = 0; -module_param(io, int, 0); /* I/O for a raw AD1848 card */ -module_param(irq, int, 0); /* IRQ to use */ -module_param(dma, int, 0); /* First DMA channel */ -module_param(dma2, int, 0); /* Second DMA channel */ +module_param_hw(io, int, ioport, 0); /* I/O for a raw AD1848 card */ +module_param_hw(irq, int, irq, 0); /* IRQ to use */ +module_param_hw(dma, int, dma, 0); /* First DMA channel */ +module_param_hw(dma2, int, dma, 0); /* Second DMA channel */ module_param(type, int, 0); /* Card type */ module_param(deskpro_xl, bool, 0); /* Special magic for Deskpro XL boxen */ module_param(deskpro_m, bool, 0); /* Special magic for Deskpro M box */ diff --git a/sound/oss/aedsp16.c b/sound/oss/aedsp16.c index 35b5912cf3f8..89427eb60b08 100644 --- a/sound/oss/aedsp16.c +++ b/sound/oss/aedsp16.c @@ -1303,17 +1303,17 @@ static int __initdata mpu_irq = -1; static int __initdata mss_base = -1; static int __initdata mpu_base = -1; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); MODULE_PARM_DESC(io, "I/O base address (0x220 0x240)"); -module_param(irq, int, 0); +module_param_hw(irq, int, irq, 0); MODULE_PARM_DESC(irq, "IRQ line (5 7 9 10 11)"); -module_param(dma, int, 0); +module_param_hw(dma, int, dma, 0); MODULE_PARM_DESC(dma, "dma line (0 1 3)"); -module_param(mpu_irq, int, 0); +module_param_hw(mpu_irq, int, irq, 0); MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ line (5 7 9 10 0)"); -module_param(mss_base, int, 0); +module_param_hw(mss_base, int, ioport, 0); MODULE_PARM_DESC(mss_base, "MSS emulation I/O base address (0x530 0xE80)"); -module_param(mpu_base, int, 0); +module_param_hw(mpu_base, int, ioport, 0); MODULE_PARM_DESC(mpu_base,"MPU-401 I/O base address (0x300 0x310 0x320 0x330)"); MODULE_AUTHOR("Riccardo Facchetti "); MODULE_DESCRIPTION("Audio Excel DSP 16 Driver Version " VERSION); diff --git a/sound/oss/mpu401.c b/sound/oss/mpu401.c index 862735005b43..20e8fa46f647 100644 --- a/sound/oss/mpu401.c +++ b/sound/oss/mpu401.c @@ -1748,8 +1748,8 @@ static struct address_info cfg; static int io = -1; static int irq = -1; -module_param(irq, int, 0); -module_param(io, int, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(io, int, ioport, 0); static int __init init_mpu401(void) { diff --git a/sound/oss/msnd_pinnacle.c b/sound/oss/msnd_pinnacle.c index a8bb4a06ba6f..8e5221d15066 100644 --- a/sound/oss/msnd_pinnacle.c +++ b/sound/oss/msnd_pinnacle.c @@ -1725,22 +1725,22 @@ static int calibrate_signal __initdata = CONFIG_MSND_CALSIGNAL; #endif /* MODULE */ -module_param (io, int, 0); -module_param (irq, int, 0); -module_param (mem, int, 0); +module_param_hw (io, int, ioport, 0); +module_param_hw (irq, int, irq, 0); +module_param_hw (mem, int, iomem, 0); module_param (write_ndelay, int, 0); module_param (fifosize, int, 0); module_param (calibrate_signal, int, 0); #ifndef MSND_CLASSIC module_param (digital, bool, 0); -module_param (cfg, int, 0); +module_param_hw (cfg, int, ioport, 0); module_param (reset, int, 0); -module_param (mpu_io, int, 0); -module_param (mpu_irq, int, 0); -module_param (ide_io0, int, 0); -module_param (ide_io1, int, 0); -module_param (ide_irq, int, 0); -module_param (joystick_io, int, 0); +module_param_hw (mpu_io, int, ioport, 0); +module_param_hw (mpu_irq, int, irq, 0); +module_param_hw (ide_io0, int, ioport, 0); +module_param_hw (ide_io1, int, ioport, 0); +module_param_hw (ide_irq, int, irq, 0); +module_param_hw (joystick_io, int, ioport, 0); #endif static int __init msnd_init(void) diff --git a/sound/oss/opl3.c b/sound/oss/opl3.c index b6d19adf8f41..f0f5b5be6314 100644 --- a/sound/oss/opl3.c +++ b/sound/oss/opl3.c @@ -1200,7 +1200,7 @@ static int me; static int io = -1; -module_param(io, int, 0); +module_param_hw(io, int, ioport, 0); static int __init init_opl3 (void) { diff --git a/sound/oss/pas2_card.c b/sound/oss/pas2_card.c index b07954a79536..769fca692d2a 100644 --- a/sound/oss/pas2_card.c +++ b/sound/oss/pas2_card.c @@ -383,15 +383,15 @@ static int __initdata sb_irq = -1; static int __initdata sb_dma = -1; static int __initdata sb_dma16 = -1; -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(dma, int, 0); -module_param(dma16, int, 0); - -module_param(sb_io, int, 0); -module_param(sb_irq, int, 0); -module_param(sb_dma, int, 0); -module_param(sb_dma16, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(dma, int, dma, 0); +module_param_hw(dma16, int, dma, 0); + +module_param_hw(sb_io, int, ioport, 0); +module_param_hw(sb_irq, int, irq, 0); +module_param_hw(sb_dma, int, dma, 0); +module_param_hw(sb_dma16, int, dma, 0); module_param(joystick, bool, 0); module_param(symphony, bool, 0); diff --git a/sound/oss/pss.c b/sound/oss/pss.c index 81314f9e2ccb..33c3a442e162 100644 --- a/sound/oss/pss.c +++ b/sound/oss/pss.c @@ -1139,19 +1139,19 @@ static bool pss_no_sound = 0; /* Just configure non-sound components */ static bool pss_keep_settings = 1; /* Keep hardware settings at module exit */ static char *pss_firmware = "/etc/sound/pss_synth"; -module_param(pss_io, int, 0); +module_param_hw(pss_io, int, ioport, 0); MODULE_PARM_DESC(pss_io, "Set i/o base of PSS card (probably 0x220 or 0x240)"); -module_param(mss_io, int, 0); +module_param_hw(mss_io, int, ioport, 0); MODULE_PARM_DESC(mss_io, "Set WSS (audio) i/o base (0x530, 0x604, 0xE80, 0xF40, or other. Address must end in 0 or 4 and must be from 0x100 to 0xFF4)"); -module_param(mss_irq, int, 0); +module_param_hw(mss_irq, int, irq, 0); MODULE_PARM_DESC(mss_irq, "Set WSS (audio) IRQ (3, 5, 7, 9, 10, 11, 12)"); -module_param(mss_dma, int, 0); +module_param_hw(mss_dma, int, dma, 0); MODULE_PARM_DESC(mss_dma, "Set WSS (audio) DMA (0, 1, 3)"); -module_param(mpu_io, int, 0); +module_param_hw(mpu_io, int, ioport, 0); MODULE_PARM_DESC(mpu_io, "Set MIDI i/o base (0x330 or other. Address must be on 4 location boundaries and must be from 0x100 to 0xFFC)"); -module_param(mpu_irq, int, 0); +module_param_hw(mpu_irq, int, irq, 0); MODULE_PARM_DESC(mpu_irq, "Set MIDI IRQ (3, 5, 7, 9, 10, 11, 12)"); -module_param(pss_cdrom_port, int, 0); +module_param_hw(pss_cdrom_port, int, ioport, 0); MODULE_PARM_DESC(pss_cdrom_port, "Set the PSS CDROM port i/o base (0x340 or other)"); module_param(pss_enable_joystick, bool, 0); MODULE_PARM_DESC(pss_enable_joystick, "Enables the PSS joystick port (1 to enable, 0 to disable)"); diff --git a/sound/oss/sb_card.c b/sound/oss/sb_card.c index fb5d7250de38..2a92cfe6cfe9 100644 --- a/sound/oss/sb_card.c +++ b/sound/oss/sb_card.c @@ -61,15 +61,15 @@ static int __initdata uart401 = 0; static int __initdata pnp = 0; #endif -module_param(io, int, 000); +module_param_hw(io, int, ioport, 000); MODULE_PARM_DESC(io, "Soundblaster i/o base address (0x220,0x240,0x260,0x280)"); -module_param(irq, int, 000); +module_param_hw(irq, int, irq, 000); MODULE_PARM_DESC(irq, "IRQ (5,7,9,10)"); -module_param(dma, int, 000); +module_param_hw(dma, int, dma, 000); MODULE_PARM_DESC(dma, "8-bit DMA channel (0,1,3)"); -module_param(dma16, int, 000); +module_param_hw(dma16, int, dma, 000); MODULE_PARM_DESC(dma16, "16-bit DMA channel (5,6,7)"); -module_param(mpu_io, int, 000); +module_param_hw(mpu_io, int, ioport, 000); MODULE_PARM_DESC(mpu_io, "MPU base address"); module_param(type, int, 000); MODULE_PARM_DESC(type, "You can set this to specific card type (doesn't " \ diff --git a/sound/oss/trix.c b/sound/oss/trix.c index 3c494dc93b93..a57bc635d758 100644 --- a/sound/oss/trix.c +++ b/sound/oss/trix.c @@ -413,15 +413,15 @@ static int __initdata sb_irq = -1; static int __initdata mpu_io = -1; static int __initdata mpu_irq = -1; -module_param(io, int, 0); -module_param(irq, int, 0); -module_param(dma, int, 0); -module_param(dma2, int, 0); -module_param(sb_io, int, 0); -module_param(sb_dma, int, 0); -module_param(sb_irq, int, 0); -module_param(mpu_io, int, 0); -module_param(mpu_irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); +module_param_hw(dma, int, dma, 0); +module_param_hw(dma2, int, dma, 0); +module_param_hw(sb_io, int, ioport, 0); +module_param_hw(sb_dma, int, dma, 0); +module_param_hw(sb_irq, int, irq, 0); +module_param_hw(mpu_io, int, ioport, 0); +module_param_hw(mpu_irq, int, irq, 0); module_param(joystick, bool, 0); static int __init init_trix(void) diff --git a/sound/oss/uart401.c b/sound/oss/uart401.c index dae4d4344407..83dcc85b8688 100644 --- a/sound/oss/uart401.c +++ b/sound/oss/uart401.c @@ -429,8 +429,8 @@ static struct address_info cfg_mpu; static int io = -1; static int irq = -1; -module_param(io, int, 0444); -module_param(irq, int, 0444); +module_param_hw(io, int, ioport, 0444); +module_param_hw(irq, int, irq, 0444); static int __init init_uart401(void) diff --git a/sound/oss/uart6850.c b/sound/oss/uart6850.c index 1079133dd6ab..eda32d7eddbd 100644 --- a/sound/oss/uart6850.c +++ b/sound/oss/uart6850.c @@ -315,8 +315,8 @@ static struct address_info cfg_mpu; static int __initdata io = -1; static int __initdata irq = -1; -module_param(io, int, 0); -module_param(irq, int, 0); +module_param_hw(io, int, ioport, 0); +module_param_hw(irq, int, irq, 0); static int __init init_uart6850(void) { diff --git a/sound/oss/waveartist.c b/sound/oss/waveartist.c index b36ea47527e8..c3489bf5630b 100644 --- a/sound/oss/waveartist.c +++ b/sound/oss/waveartist.c @@ -2038,8 +2038,8 @@ __setup("waveartist=", setup_waveartist); #endif MODULE_DESCRIPTION("Rockwell WaveArtist RWA-010 sound driver"); -module_param(io, int, 0); /* IO base */ -module_param(irq, int, 0); /* IRQ */ -module_param(dma, int, 0); /* DMA */ -module_param(dma2, int, 0); /* DMA2 */ +module_param_hw(io, int, ioport, 0); /* IO base */ +module_param_hw(irq, int, irq, 0); /* IRQ */ +module_param_hw(dma, int, dma, 0); /* DMA */ +module_param_hw(dma2, int, dma, 0); /* DMA2 */ MODULE_LICENSE("GPL"); From patchwork Fri Jun 19 16:49:55 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313188 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxB6J0bzB4Cj; Sat, 20 Jun 2020 02:52:30 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFd-0008Ju-VP; Fri, 19 Jun 2020 16:52:25 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEM-0007Ja-PI for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:06 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEL-0006PU-30 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:05 +0000 Received: by mail-io1-f70.google.com with SMTP id t23so7210981iog.21 for ; Fri, 19 Jun 2020 09:51:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=j3f5CA+oEyKTcP5F30fKARKJfwFAa7xFq4jDPD1fLSI=; b=PhtkLzW6UUSLdm3B93AzJoE/f9oO2QIRfRlSZ9rzr83xktWou9BLAi2CL7rWPuuqfi nQLPGIZmPHmL1ZspuTPeWWO46HxnudxzQi0Vpw/LRA4nKyuHHrEK7Av5yrBVXLI5J810 ZJcyvORsezO13ghgI2hX85hU+ZoLJlW7n9D1tysfDwJ4daLi4tA24mNyA5HQjQ3KNSU3 Ka9/C3IAz65E0jD5vbY9/UcOI9KuSbBS+2T9ixQpf/M4/t600QUJgQSCLLYMKm1QFPrL jch+zAH2Tiw3TlEU3/lnuow1bRpa3sZ8umhybT0yMsjN1rRzG++N/7JXBFPFiF48kOtl ahOA== X-Gm-Message-State: AOAM533jQ8m+UcZwP/RUFzh2VX6PhfYI4D22SnTQZHX7AWS63to54O2q QQzWJ/3tEA1XOS8+v5nevJYfe1HL0YlC1C6oeRPG+/cazVQOu2nCYtjIJolux5FjZxed1HAQ0Y9 xtguaTTxG2jhOu+/ni/k0+CKpYCwTPoidm/w1qUlEOg== X-Received: by 2002:a92:8488:: with SMTP id y8mr4523563ilk.262.1592585463835; Fri, 19 Jun 2020 09:51:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzeIRmno7q6y/ge9qFdciBfHw8ZFT4MBuNbF7ubowOemaRT3uYYCgtnKpSs0r6MISsmB1F2eA== X-Received: by 2002:a92:8488:: with SMTP id y8mr4523537ilk.262.1592585463543; Fri, 19 Jun 2020 09:51:03 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id b22sm3680502ios.21.2020.06.19.09.51.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:03 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 42/57][X] Annotate hardware config module parameters in sound/pci/ Date: Fri, 19 Jun 2020 11:49:55 -0500 Message-Id: <20200619165010.645925-43-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in sound/pci/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Jaroslav Kysela cc: Takashi Iwai cc: alsa-devel@alsa-project.org (cherry picked from commit 6192c41fc608b0a58d5540b015aa1672c266f3c5) Signed-off-by: Seth Forshee --- sound/pci/als4000.c | 2 +- sound/pci/cmipci.c | 6 +++--- sound/pci/ens1370.c | 2 +- sound/pci/riptide/riptide.c | 6 +++--- sound/pci/sonicvibes.c | 2 +- sound/pci/via82xx.c | 2 +- sound/pci/ymfpci/ymfpci.c | 6 +++--- 7 files changed, 13 insertions(+), 13 deletions(-) diff --git a/sound/pci/als4000.c b/sound/pci/als4000.c index ff39a0c7277b..585bd7527d7d 100644 --- a/sound/pci/als4000.c +++ b/sound/pci/als4000.c @@ -102,7 +102,7 @@ MODULE_PARM_DESC(id, "ID string for ALS4000 soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable ALS4000 soundcard."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address for ALS4000 soundcard. (0 = disabled)"); #endif diff --git a/sound/pci/cmipci.c b/sound/pci/cmipci.c index 24cdcba06d27..bf079eef4c1b 100644 --- a/sound/pci/cmipci.c +++ b/sound/pci/cmipci.c @@ -68,14 +68,14 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for C-Media PCI soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable C-Media PCI soundcard."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM port."); module_param_array(soft_ac3, bool, NULL, 0444); MODULE_PARM_DESC(soft_ac3, "Software-conversion of raw SPDIF packets (model 033 only)."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address."); #endif diff --git a/sound/pci/ens1370.c b/sound/pci/ens1370.c index 0dc44ebb0032..f87b403480bf 100644 --- a/sound/pci/ens1370.c +++ b/sound/pci/ens1370.c @@ -106,7 +106,7 @@ module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Ensoniq AudioPCI soundcard."); #ifdef SUPPORT_JOYSTICK #ifdef CHIP1371 -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address."); #else module_param_array(joystick, bool, NULL, 0444); diff --git a/sound/pci/riptide/riptide.c b/sound/pci/riptide/riptide.c index 94639d6b5fb5..a4ffc9a0c60f 100644 --- a/sound/pci/riptide/riptide.c +++ b/sound/pci/riptide/riptide.c @@ -137,12 +137,12 @@ MODULE_PARM_DESC(id, "ID string for Riptide soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Riptide soundcard."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, int, NULL, 0444); +module_param_hw_array(joystick_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port # for Riptide soundcard."); #endif -module_param_array(mpu_port, int, NULL, 0444); +module_param_hw_array(mpu_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU401 port # for Riptide driver."); -module_param_array(opl3_port, int, NULL, 0444); +module_param_hw_array(opl3_port, int, ioport, NULL, 0444); MODULE_PARM_DESC(opl3_port, "OPL3 port # for Riptide driver."); /* diff --git a/sound/pci/sonicvibes.c b/sound/pci/sonicvibes.c index 1b6fad7d4d56..877403f85f3c 100644 --- a/sound/pci/sonicvibes.c +++ b/sound/pci/sonicvibes.c @@ -66,7 +66,7 @@ module_param_array(reverb, bool, NULL, 0444); MODULE_PARM_DESC(reverb, "Enable reverb (SRAM is present) for S3 SonicVibes soundcard."); module_param_array(mge, bool, NULL, 0444); MODULE_PARM_DESC(mge, "MIC Gain Enable for S3 SonicVibes soundcard."); -module_param(dmaio, uint, 0444); +module_param_hw(dmaio, uint, ioport, 0444); MODULE_PARM_DESC(dmaio, "DDMA i/o base address for S3 SonicVibes soundcard."); /* diff --git a/sound/pci/via82xx.c b/sound/pci/via82xx.c index 3dd038bdb204..5a2c5c75e0c4 100644 --- a/sound/pci/via82xx.c +++ b/sound/pci/via82xx.c @@ -92,7 +92,7 @@ module_param(index, int, 0444); MODULE_PARM_DESC(index, "Index value for VIA 82xx bridge."); module_param(id, charp, 0444); MODULE_PARM_DESC(id, "ID string for VIA 82xx bridge."); -module_param(mpu_port, long, 0444); +module_param_hw(mpu_port, long, ioport, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 port. (VT82C686x only)"); #ifdef SUPPORT_JOYSTICK module_param(joystick, bool, 0444); diff --git a/sound/pci/ymfpci/ymfpci.c b/sound/pci/ymfpci/ymfpci.c index 812e27a1bcbc..4faf3e1ed06a 100644 --- a/sound/pci/ymfpci/ymfpci.c +++ b/sound/pci/ymfpci/ymfpci.c @@ -55,12 +55,12 @@ module_param_array(id, charp, NULL, 0444); MODULE_PARM_DESC(id, "ID string for the Yamaha DS-1 PCI soundcard."); module_param_array(enable, bool, NULL, 0444); MODULE_PARM_DESC(enable, "Enable Yamaha DS-1 soundcard."); -module_param_array(mpu_port, long, NULL, 0444); +module_param_hw_array(mpu_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(mpu_port, "MPU-401 Port."); -module_param_array(fm_port, long, NULL, 0444); +module_param_hw_array(fm_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(fm_port, "FM OPL-3 Port."); #ifdef SUPPORT_JOYSTICK -module_param_array(joystick_port, long, NULL, 0444); +module_param_hw_array(joystick_port, long, ioport, NULL, 0444); MODULE_PARM_DESC(joystick_port, "Joystick port address"); #endif module_param_array(rear_switch, bool, NULL, 0444); From patchwork Fri Jun 19 16:49:56 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313189 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxD6mL8z9sWW; Sat, 20 Jun 2020 02:52:32 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFg-0008MU-Al; Fri, 19 Jun 2020 16:52:28 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEN-0007Ka-UW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:08 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEM-0006Pl-Ea for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:06 +0000 Received: by mail-il1-f197.google.com with SMTP id c11so6897974ilq.0 for ; Fri, 19 Jun 2020 09:51:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AF+rvn3cPMdyW88bulT7E3dojOzpYjLcJmi/uh0A8Vo=; b=jYihQ9AYW7qIRd1LqEUwVI4cOiUwMHCA+fmQDidm5QlvAdPxmREbXCYg5NV0+eqHUz 6ruFYSHh1tWIepkzePZ+/R5NwuLvXPl2o/gMA2VGaQVSsix2Q1HT3XeYhCqF1577cdS1 8BCvuJ3Y/tQKOBXOesopFihF6uz3AkRmGClD9baSe7Z3sIwnpFZWIH/DWQGzSPY/2bOR HszYW2xDm7dDNL0F1osv4ULTF/2vGA7XG54HD4hcGeduF12TNdVaBPDAqWqOHSSGSjxl OsnC1mtO9wO7gFWlowQHaPFa7XeWeESM4i/NxszTcR2XNrbZ9acUFRtyGZIlky19AOBR 5/rQ== X-Gm-Message-State: AOAM532QtQHGU2TwCjk3u88/61e566YvfiZT9eF0J+g/OFFji/B8c2/4 C0usGauGpmDpZbBXDR948YovseTnUjuOurDjAxrQWoEq8XGDF6D2YUTDSe2C+XkbIyEXlefKq/g 6fOSU5FSDvp1KWcPh00PCxqsqlhlSUOz9Q2oCT7YHGg== X-Received: by 2002:a5e:d507:: with SMTP id e7mr5313098iom.132.1592585465120; Fri, 19 Jun 2020 09:51:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy0Ohwms8nsxRIPnux5IllNRwhdPZF4mvc4J0XHXEunJdpDzK/CcL4ogWf1belXkaIBlM2cnQ== X-Received: by 2002:a5e:d507:: with SMTP id e7mr5313071iom.132.1592585464799; Fri, 19 Jun 2020 09:51:04 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id c85sm3505498ilg.41.2020.06.19.09.51.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:04 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 43/57][X] UBUNTU: SAUCE: (efi-lockdown) Lock down module params that specify hardware parameters (eg. ioport) Date: Fri, 19 Jun 2020 11:49:56 -0500 Message-Id: <20200619165010.645925-44-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). Suggested-by: Alan Cox Signed-off-by: David Howells (backported from commit 33a38c67ed53106458e1858a2101cae3026486e4 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- kernel/params.c | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/kernel/params.c b/kernel/params.c index a6d6149c0fe6..87bbf2bdc09e 100644 --- a/kernel/params.c +++ b/kernel/params.c @@ -108,13 +108,18 @@ bool parameq(const char *a, const char *b) return parameqn(a, b, strlen(a)+1); } -static void param_check_unsafe(const struct kernel_param *kp) +static bool param_check_unsafe(const struct kernel_param *kp, + const char *doing) { if (kp->flags & KERNEL_PARAM_FL_UNSAFE) { pr_warn("Setting dangerous option %s - tainting kernel\n", kp->name); add_taint(TAINT_USER, LOCKDEP_STILL_OK); } + + if (kp->flags & KERNEL_PARAM_FL_HWPARAM && secure_modules()) + return false; + return true; } static int parse_one(char *param, @@ -144,8 +149,10 @@ static int parse_one(char *param, pr_debug("handling %s with %p\n", param, params[i].ops->set); kernel_param_lock(params[i].mod); - param_check_unsafe(¶ms[i]); - err = params[i].ops->set(val, ¶ms[i]); + if (param_check_unsafe(¶ms[i], doing)) + err = params[i].ops->set(val, ¶ms[i]); + else + err = -EPERM; kernel_param_unlock(params[i].mod); return err; } @@ -608,6 +615,12 @@ static ssize_t param_attr_show(struct module_attribute *mattr, return count; } +#ifdef CONFIG_MODULES +#define mod_name(mod) (mod)->name +#else +#define mod_name(mod) "unknown" +#endif + /* sysfs always hands a nul-terminated string in buf. We rely on that. */ static ssize_t param_attr_store(struct module_attribute *mattr, struct module_kobject *mk, @@ -620,8 +633,10 @@ static ssize_t param_attr_store(struct module_attribute *mattr, return -EPERM; kernel_param_lock(mk->mod); - param_check_unsafe(attribute->param); - err = attribute->param->ops->set(buf, attribute->param); + if (param_check_unsafe(attribute->param, mod_name(mk->mod))) + err = attribute->param->ops->set(buf, attribute->param); + else + err = -EPERM; kernel_param_unlock(mk->mod); if (!err) return len; From patchwork Fri Jun 19 16:49:57 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313190 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxG4wjMzB4CV; Sat, 20 Jun 2020 02:52:34 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFh-0008OL-NZ; Fri, 19 Jun 2020 16:52:29 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEP-0007Lg-AP for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:09 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEN-0006Px-K9 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:07 +0000 Received: by mail-il1-f199.google.com with SMTP id n2so6891245ilq.4 for ; Fri, 19 Jun 2020 09:51:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vRdXymHRKOI3kRnkEBUTBToBzMkSk23R3C8M32JJSys=; b=IxEdaBilL6SLQ7gF3WHFKKGJyRf3aZAd6wq8qnJwTF8WF4qK0Mvj1IlXdkS7UKPL8W jShRxYOPRPf00++cadIRkms3nHpDJpBQBnQhincZ94tjKeJXwCXRjPGpmV4WvxbFEOQL NP6HOAv4RBBgodcgv/Zfy+OlAJr6Dnx3OZwPNeCNuVL0xLBsq/Z8su259Nso/5f+nO/3 4h35GQakc5vrdlNFfxkyZosd1Vln0/a/shrlnDbQlswwlWQ/clYZgqAoV1ePiwk/PtlO 95XpLMFOqwifQA6R7hEfKUBjyxETJrO9v5ax1tGKpHO/YTTJXyZb8hTvaw9gQ9l6izkK Sb3Q== X-Gm-Message-State: AOAM531MtDpat/VGJ7ARTWNQObNt5gdkSYTOQ7dzhogc/7dU137AHABW bVDEWAfLvsYemBo5mmW3keGwPb3oi3BnY1YMGSIP3sOTbHQxDNLvZlqNfq2p7Snp2GS1m7loowB 6w3VqpGdUO5SB/579JyRYPjXvLHdBhSmRRHdaOn+ccg== X-Received: by 2002:a92:ab04:: with SMTP id v4mr4398300ilh.186.1592585466472; Fri, 19 Jun 2020 09:51:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzP+xHZEXcxe1Xn9NuoAEn/YokwUF7Vy34MG23SmgHhTiGzGoc6/Aj/90UvmO+8qxGTiVjhvw== X-Received: by 2002:a92:ab04:: with SMTP id v4mr4398277ilh.186.1592585466137; Fri, 19 Jun 2020 09:51:06 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id x15sm3218120ilj.78.2020.06.19.09.51.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:05 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 44/57][X] UBUNTU: SAUCE: (efi-lockdown) Prohibit PCMCIA CIS storage when the kernel is locked down Date: Fri, 19 Jun 2020 11:49:57 -0500 Message-Id: <20200619165010.645925-45-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Prohibit replacement of the PCMCIA Card Information Structure when the kernel is locked down. Suggested-by: Dominik Brodowski Signed-off-by: David Howells cc: linux-pcmcia@lists.infradead.org (backported from commit c5fe6d4762b16204e218f5299d232b9953c4caaa git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- drivers/pcmcia/cistpl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/pcmcia/cistpl.c b/drivers/pcmcia/cistpl.c index 55ef7d1fd8da..4ea05a5ec4b2 100644 --- a/drivers/pcmcia/cistpl.c +++ b/drivers/pcmcia/cistpl.c @@ -1578,6 +1578,9 @@ static ssize_t pccard_store_cis(struct file *filp, struct kobject *kobj, struct pcmcia_socket *s; int error; + if (secure_modules()) + return -EPERM; + s = to_socket(container_of(kobj, struct device, kobj)); if (off) From patchwork Fri Jun 19 16:49:58 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313191 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxH4SByzB4Cb; Sat, 20 Jun 2020 02:52:35 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFi-0008PP-Ql; Fri, 19 Jun 2020 16:52:30 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEQ-0007MP-H8 for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:10 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEO-0006QN-Tq for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:09 +0000 Received: by mail-il1-f200.google.com with SMTP id c11so6898052ilq.0 for ; Fri, 19 Jun 2020 09:51:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AwYcIsdy0Sw03kYMfbvUFlWqCJhDqXXwh6mECPJ4aSs=; b=jbwtSHEtfsoJPtXOgDxRl6lCx5gdCIwJyypPeZOu32I+SyzWFwVqsKzNPWV1lR/s3D 5hktoTBBDsgbAIymdR6kNzDdOoCrv9FFzwfvJoFLO4EwePmBYQxdjHYvbY4V/6rEK0MC IvUcdlR1x3uN1Bvwwj+C0HWXpYMr2ePVElvZuymmbSi1SW3HwUcZy16ukJltf22GHofi nAGuiRR5aNTtS2wjwKvaJBQ+iGozDDT9xOWHb79XG0mjH2kKJZv+zWHwTxQEx4v5gA7d iJIQEKim63S4Au1MVyBshrBHTSukEGdg9fJlfZQAA+8KjXKaL3BLekzNpXl2AaFD16e7 sGDQ== X-Gm-Message-State: AOAM5302IqzdtE2zrP5zcchUY8uNY8JbL/LfotV9oenQPpMC81Jv5vjE wyEiYct39d71+zvKQ7ZbfiZTRXwI9jMBF4qygK1rVlr26aKGTq7Y9mUnK39GlpWtT5OXnYynREZ iJEyTprk5EMGKfNR/JnnJbmsOMZUD008Po18UZ1XNlg== X-Received: by 2002:a5d:8458:: with SMTP id w24mr5388352ior.65.1592585467773; Fri, 19 Jun 2020 09:51:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyMWm0k7x8zgF+mdiCXm0TOgK7+xAvr6c6w+/BRe5jXx66+YUGFx0gB92pYcwlNvTh1QwLPLg== X-Received: by 2002:a5d:8458:: with SMTP id w24mr5388331ior.65.1592585467524; Fri, 19 Jun 2020 09:51:07 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id l138sm3499942ill.63.2020.06.19.09.51.06 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:07 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 45/57][X] UBUNTU: SAUCE: (efi-lockdown) kexec_file: Disable at runtime if the kernel is locked down Date: Fri, 19 Jun 2020 11:49:58 -0500 Message-Id: <20200619165010.645925-46-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Chun-Yi Lee BugLink: https://bugs.launchpad.net/bugs/1884159 When KEXEC_VERIFY_SIG is not enabled, kernel should not load images through kexec_file systemcall if the kernel is locked down. This code was showed in Matthew's patch but not in git: https://lkml.org/lkml/2015/3/13/778 Cc: Matthew Garrett Signed-off-by: Chun-Yi Lee Signed-off-by: David Howells Reviewed-by: James Morris cc: kexec@lists.infradead.org (backported from commit 6620737c201ed7242dbb672803085b46ae600ce7 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- kernel/kexec_file.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/kernel/kexec_file.c b/kernel/kexec_file.c index 6030efd4a188..14d19eda9ec9 100644 --- a/kernel/kexec_file.c +++ b/kernel/kexec_file.c @@ -317,6 +317,12 @@ SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd, if (!capable(CAP_SYS_BOOT) || kexec_load_disabled) return -EPERM; + /* Don't permit images to be loaded into trusted kernels if we're not + * going to verify the signature on them + */ + if (!IS_ENABLED(CONFIG_KEXEC_VERIFY_SIG) && secure_modules()) + return -EPERM; + /* Make sure we have a legal set of flags */ if (flags != (flags & KEXEC_FILE_FLAGS)) return -EINVAL; From patchwork Fri Jun 19 16:49:59 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313192 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxM6RbxzB49D; Sat, 20 Jun 2020 02:52:39 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFm-0008Ue-Vv; Fri, 19 Jun 2020 16:52:35 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKES-0007Ng-2d for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:12 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEQ-0006R3-LW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:10 +0000 Received: by mail-il1-f197.google.com with SMTP id v14so6872033ilo.19 for ; Fri, 19 Jun 2020 09:51:10 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5puwuIG2UqIZTOL8V8a6BrzTcRHATl5SufIN0D2RqBM=; b=Bvy80saUNEG4CdBXRjdo5D7g/zEQcXGuTdp5RS7X37sUqik+0ucshufrJhgXcK4UK8 bWuCh8GbhsZLB0NWddkJNz7t3mk4XIWM/exkfRI7abvCXy+4V22r38pKbjljKyP+A9mL 5VUwKNpVnlKVZhxYD01wi5FaQhbQgB/cOtoV8VV2Z9/PQb7rKzU7iqnFown4IKM5dMBi p0U8Gvpk3KhckevtwBzmFoBLr/5BHpfIpDcYm4pbtqqVA58alVAdOB1F8S/Fh9F1q/KA f/z6B1xf4kIxxy9Mgm50SPNmJljVLM2qbYWyjY97XsJB/9SXO7inDbmasRmuD0NEYXpO y3TA== X-Gm-Message-State: AOAM530eQ+Cr+tKumo3+yVRF79s0c9Z7nHG4yqG/t+GHjoLAa8ya0KrY r57tq8qbtwf6QKJvKuYUEqx1g2u0SZfj+NgyOIIOn+ftZ0Vcy2zFMWw8eH1y4Kz477/AMhq85w4 TpDyBwDoQZ+pm2P1Y1eCKMCZyGiDQVZ9tMy/HbXrNIw== X-Received: by 2002:a92:1b13:: with SMTP id b19mr4526467ilb.8.1592585469451; Fri, 19 Jun 2020 09:51:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzlXgWdrgNVYNNDBXi95YhxwzCqkNfN8/5fOF4ZYEKjS0/Vbz/I5uxljCayMtGeDfxYNUU2rA== X-Received: by 2002:a92:1b13:: with SMTP id b19mr4526444ilb.8.1592585469115; Fri, 19 Jun 2020 09:51:09 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id m5sm3661922ioj.52.2020.06.19.09.51.08 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:08 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 46/57][X] UBUNTU: SAUCE: (efi-lockdown) Lock down TIOCSSERIAL Date: Fri, 19 Jun 2020 11:49:59 -0500 Message-Id: <20200619165010.645925-47-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Lock down TIOCSSERIAL as that can be used to change the ioport and irq settings on a serial port. This only appears to be an issue for the serial drivers that use the core serial code. All other drivers seem to either ignore attempts to change port/irq or give an error. Reported-by: Greg Kroah-Hartman Signed-off-by: David Howells cc: Jiri Slaby (backported from commit 8d8c1da752c5ea837f1dbe06fa21d4ca891fcd83 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- drivers/tty/serial/serial_core.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/tty/serial/serial_core.c b/drivers/tty/serial/serial_core.c index 013fb874c64e..51271d62a7a1 100644 --- a/drivers/tty/serial/serial_core.c +++ b/drivers/tty/serial/serial_core.c @@ -768,6 +768,11 @@ static int uart_set_info(struct tty_struct *tty, struct tty_port *port, new_flags = new_info->flags; old_custom_divisor = uport->custom_divisor; + if ((change_port || change_irq) && secure_modules()) { + retval = -EPERM; + goto exit; + } + if (!capable(CAP_SYS_ADMIN)) { retval = -EPERM; if (change_irq || change_port || From patchwork Fri Jun 19 16:50:00 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313193 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxQ07xnz9sVW; Sat, 20 Jun 2020 02:52:42 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFo-000055-WF; Fri, 19 Jun 2020 16:52:37 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKET-0007Oo-Tr for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:13 +0000 Received: from mail-il1-f200.google.com ([209.85.166.200]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKER-0006R7-RQ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:11 +0000 Received: by mail-il1-f200.google.com with SMTP id q14so6850899ils.18 for ; Fri, 19 Jun 2020 09:51:11 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=cDiUWJmO/4e623ftdF6yZteuPUtF3hoQ9IbVPfDqVWY=; b=anySkuBIoZu3HkcIqzlFbe3fji/fvcPmh2SYAArYxR2vgRXiGB7/H7PBHbqukuCd+T 7InyqaWXpjD+0i6UCxjBJYdGwdM7MSB7BetiAync3BsQrPM+0qlTqZAeglCeRJqWw8de WgQCDKCvC+YbTDDt6L5ZR42NK7OgVH/bgjRY/fJ4HsJlPapUtjDYZqC/PgGLahaZ3PJm Q6126IsW7JsTXFKXF/91WkxciDra+v0le0qRO+phyqjjuU1HmsLWsnNDbXyS3B1ceOpb s+qKiM4kVeev7nPa62ewpk17fqHUZ6BCiRjLZOJdZtKDVhPfY75mv3ObwPUF8MKI1CKI 8IWg== X-Gm-Message-State: AOAM530MD38O5Yuzw8ba3TE1pFhTnP8Rp6daHC3xY9m8dNkTYuI1yijG fQoOeldhp6Ov3OVJzOnfuYyC1FhrtPbu2zzSMs3HnczGdDmBcHDiP5+OJRi8HcUevcjRRfAlHEQ W0uwaWqCYRM9OCw+k3ahQ0Sswl/CQgHEFQ3NiCphjyw== X-Received: by 2002:a92:d1d0:: with SMTP id u16mr4432151ilg.2.1592585470696; Fri, 19 Jun 2020 09:51:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzdbjiSDfSBYfDef+qoMQCVPd04lGfxe0neQJuFKdwZ2khwn3PwonPZoO6ackEogPMQ2UWdNQ== X-Received: by 2002:a92:d1d0:: with SMTP id u16mr4432134ilg.2.1592585470464; Fri, 19 Jun 2020 09:51:10 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id z4sm3646574iot.24.2020.06.19.09.51.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:10 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 47/57][X] efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN Date: Fri, 19 Jun 2020 11:50:00 -0500 Message-Id: <20200619165010.645925-48-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Javier Martinez Canillas BugLink: https://bugs.launchpad.net/bugs/1884159 The driver exposes EFI runtime services to user-space through an IOCTL interface, calling the EFI services function pointers directly without using the efivar API. Disallow access to the /dev/efi_test character device when the kernel is locked down to prevent arbitrary user-space to call EFI runtime services. Also require CAP_SYS_ADMIN to open the chardev to prevent unprivileged users to call the EFI runtime services, instead of just relying on the chardev file mode bits for this. The main user of this driver is the fwts [0] tool that already checks if the effective user ID is 0 and fails otherwise. So this change shouldn't cause any regression to this tool. [0]: https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo Signed-off-by: Javier Martinez Canillas Signed-off-by: Ard Biesheuvel Acked-by: Laszlo Ersek Acked-by: Matthew Garrett Cc: Linus Torvalds Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: linux-efi@vger.kernel.org Link: https://lkml.kernel.org/r/20191029173755.27149-7-ardb@kernel.org Signed-off-by: Ingo Molnar (backported from commit 359efcc2c910117d2faf704ce154e91fc976d37f) Signed-off-by: Seth Forshee --- drivers/firmware/efi/test/efi_test.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/firmware/efi/test/efi_test.c b/drivers/firmware/efi/test/efi_test.c index f61bb52be318..3dc55ac0af73 100644 --- a/drivers/firmware/efi/test/efi_test.c +++ b/drivers/firmware/efi/test/efi_test.c @@ -696,6 +696,13 @@ static long efi_test_ioctl(struct file *file, unsigned int cmd, static int efi_test_open(struct inode *inode, struct file *file) { + bool locked_down = secure_modules(); + + if (locked_down) + return -EPERM; + + if (!capable(CAP_SYS_ADMIN)) + return -EACCES; /* * nothing special to do here * We do accept multiple open files at the same time as we From patchwork Fri Jun 19 16:50:01 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313197 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxh14Z5z9sT9; Sat, 20 Jun 2020 02:52:56 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKG2-0000Ly-MC; Fri, 19 Jun 2020 16:52:50 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEV-0007Pw-6w for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:15 +0000 Received: from mail-io1-f69.google.com ([209.85.166.69]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKET-0006RP-AA for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:13 +0000 Received: by mail-io1-f69.google.com with SMTP id z12so7251685iow.15 for ; Fri, 19 Jun 2020 09:51:13 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=05KgY+b3tdoF6NU5GzlFEftZ7eE0jIzzZP9/ImIYomU=; b=ZzdVY+kxag+QlNbUf9eS+OQo/JzCIv6S1ZZtwppWlzlcaQduBKAVUwF74MJzS1q1FY DkBAfZgp12KBMj1Y3mzP5Umkm2dxfooCtBZhwiPWwusiOotb/IBkeDZ0RLZnxMQ8XFmy q/AovBb3PxdUhcmvkDMJpvcyb5qthz9juoJS4ZDDNGfGFe1s5PKW+womKgqO7PGPl/8p Guu4QB/auTGDUkNqWZeDMnhDcEMvtfRlqYGyHxSvwbm3J1bi9UeEVSS1O+FYe+jfnz4K +9l2XfcMs0ukrA9efjAyWJ01a6cabIH4xgWwa1iLdlwX6rJbadBrJqeS+yjGV9DxEcSX o7jA== X-Gm-Message-State: AOAM530wjWJko/msUqyQlXtYJp6jtCRdQzSXWoCrUSnz7cO0mGFeVfiQ SvlHZFLOGXLoBTaKO5F/NtTP4jYiRR8Mam5s0iQOkTB99l/LlD9LrUkyKDyS+ov1bEZnsbyEENg qJw21x2WAmz3M88e3/bjulyW9W5i/AudrITcUjFW/Cw== X-Received: by 2002:a92:bb55:: with SMTP id w82mr577736ili.146.1592585472009; Fri, 19 Jun 2020 09:51:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwTjZun4uLZjBBNXVW61hq2+rpCXKCyvWftFwixoZsK7dZ6NgA3g4qhfiqINPhWOE16Iu9d5g== X-Received: by 2002:a92:bb55:: with SMTP id w82mr577710ili.146.1592585471633; Fri, 19 Jun 2020 09:51:11 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id 2sm3548642ila.0.2020.06.19.09.51.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:11 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 48/57][X] debugfs: prevent access to possibly dead file_operations at file open Date: Fri, 19 Jun 2020 11:50:01 -0500 Message-Id: <20200619165010.645925-49-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Nothing prevents a dentry found by path lookup before a return of __debugfs_remove() to actually get opened after that return. Now, after the return of __debugfs_remove(), there are no guarantees whatsoever regarding the memory the corresponding inode's file_operations object had been kept in. Since __debugfs_remove() is seldomly invoked, usually from module exit handlers only, the race is hard to trigger and the impact is very low. A discussion of the problem outlined above as well as a suggested solution can be found in the (sub-)thread rooted at http://lkml.kernel.org/g/20130401203445.GA20862@ZenIV.linux.org.uk ("Yet another pipe related oops.") Basically, Greg KH suggests to introduce an intermediate fops and Al Viro points out that a pointer to the original ones may be stored in ->d_fsdata. Follow this line of reasoning: - Add SRCU as a reverse dependency of DEBUG_FS. - Introduce a srcu_struct object for the debugfs subsystem. - In debugfs_create_file(), store a pointer to the original file_operations object in ->d_fsdata. - Make debugfs_remove() and debugfs_remove_recursive() wait for a SRCU grace period after the dentry has been delete()'d and before they return to their callers. - Introduce an intermediate file_operations object named "debugfs_open_proxy_file_operations". It's ->open() functions checks, under the protection of a SRCU read lock, whether the dentry is still alive, i.e. has not been d_delete()'d and if so, tries to acquire a reference on the owning module. On success, it sets the file object's ->f_op to the original file_operations and forwards the ongoing open() call to the original ->open(). - For clarity, rename the former debugfs_file_operations to debugfs_noop_file_operations -- they are in no way canonical. The choice of SRCU over "normal" RCU is justified by the fact, that the former may also be used to protect ->i_private data from going away during the execution of a file's readers and writers which may (and do) sleep. Finally, introduce the fs/debugfs/internal.h header containing some declarations internal to the debugfs implementation. Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (backported from commit 9fd4dcece43a53e5a9e65a973df5693702ee6401) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 91 ++++++++++++++++++++++++++++++++++++++++- fs/debugfs/inode.c | 13 +++++- fs/debugfs/internal.h | 24 +++++++++++ include/linux/debugfs.h | 3 -- lib/Kconfig.debug | 1 + 5 files changed, 127 insertions(+), 5 deletions(-) create mode 100644 fs/debugfs/internal.h diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index d2ba12e23ed9..736ab3c988f2 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -22,6 +22,9 @@ #include #include #include +#include + +#include "internal.h" static ssize_t default_read_file(struct file *file, char __user *buf, size_t count, loff_t *ppos) @@ -35,13 +38,99 @@ static ssize_t default_write_file(struct file *file, const char __user *buf, return count; } -const struct file_operations debugfs_file_operations = { +const struct file_operations debugfs_noop_file_operations = { .read = default_read_file, .write = default_write_file, .open = simple_open, .llseek = noop_llseek, }; +/** + * debugfs_use_file_start - mark the beginning of file data access + * @dentry: the dentry object whose data is being accessed. + * @srcu_idx: a pointer to some memory to store a SRCU index in. + * + * Up to a matching call to debugfs_use_file_finish(), any + * successive call into the file removing functions debugfs_remove() + * and debugfs_remove_recursive() will block. Since associated private + * file data may only get freed after a successful return of any of + * the removal functions, you may safely access it after a successful + * call to debugfs_use_file_start() without worrying about + * lifetime issues. + * + * If -%EIO is returned, the file has already been removed and thus, + * it is not safe to access any of its data. If, on the other hand, + * it is allowed to access the file data, zero is returned. + * + * Regardless of the return code, any call to + * debugfs_use_file_start() must be followed by a matching call + * to debugfs_use_file_finish(). + */ +static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) + __acquires(&debugfs_srcu) +{ + *srcu_idx = srcu_read_lock(&debugfs_srcu); + barrier(); + if (d_unlinked(dentry)) + return -EIO; + return 0; +} + +/** + * debugfs_use_file_finish - mark the end of file data access + * @srcu_idx: the SRCU index "created" by a former call to + * debugfs_use_file_start(). + * + * Allow any ongoing concurrent call into debugfs_remove() or + * debugfs_remove_recursive() blocked by a former call to + * debugfs_use_file_start() to proceed and return to its caller. + */ +static void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) +{ + srcu_read_unlock(&debugfs_srcu, srcu_idx); +} + +#define F_DENTRY(filp) ((filp)->f_path.dentry) + +#define REAL_FOPS_DEREF(dentry) \ + ((const struct file_operations *)(dentry)->d_fsdata) + +static int open_proxy_open(struct inode *inode, struct file *filp) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = NULL; + int srcu_idx, r; + + r = debugfs_use_file_start(dentry, &srcu_idx); + if (r) { + r = -ENOENT; + goto out; + } + + real_fops = REAL_FOPS_DEREF(dentry); + real_fops = fops_get(real_fops); + if (!real_fops) { + /* Huh? Module did not clean up after itself at exit? */ + WARN(1, "debugfs file owner did not clean up at exit: %pd", + dentry); + r = -ENXIO; + goto out; + } + replace_fops(filp, real_fops); + + if (real_fops->open) + r = real_fops->open(inode, filp); + +out: + fops_put(real_fops); + debugfs_use_file_finish(srcu_idx); + return r; +} + +const struct file_operations debugfs_open_proxy_file_operations = { + .open = open_proxy_open, +}; + static struct dentry *debugfs_create_mode(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index d7111b8ce36a..f01e61932747 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -27,9 +27,14 @@ #include #include #include +#include + +#include "internal.h" #define DEBUGFS_DEFAULT_MODE 0700 +DEFINE_SRCU(debugfs_srcu); + static struct vfsmount *debugfs_mount; static int debugfs_mount_count; static bool debugfs_registered; @@ -345,8 +350,12 @@ struct dentry *debugfs_create_file(const char *name, umode_t mode, return failed_creating(dentry); inode->i_mode = mode; - inode->i_fop = fops ? fops : &debugfs_file_operations; inode->i_private = data; + + inode->i_fop = fops ? &debugfs_open_proxy_file_operations + : &debugfs_noop_file_operations; + dentry->d_fsdata = (void *)fops; + d_instantiate(dentry, inode); fsnotify_create(d_inode(dentry->d_parent), dentry); return end_creating(dentry); @@ -570,6 +579,7 @@ void debugfs_remove(struct dentry *dentry) mutex_unlock(&d_inode(parent)->i_mutex); if (!ret) simple_release_fs(&debugfs_mount, &debugfs_mount_count); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove); @@ -647,6 +657,7 @@ void debugfs_remove_recursive(struct dentry *dentry) if (!__debugfs_remove(child, parent)) simple_release_fs(&debugfs_mount, &debugfs_mount_count); mutex_unlock(&d_inode(parent)->i_mutex); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove_recursive); diff --git a/fs/debugfs/internal.h b/fs/debugfs/internal.h new file mode 100644 index 000000000000..c7aaa5cb6685 --- /dev/null +++ b/fs/debugfs/internal.h @@ -0,0 +1,24 @@ +/* + * internal.h - declarations internal to debugfs + * + * Copyright (C) 2016 Nicolai Stange + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License version + * 2 as published by the Free Software Foundation. + * + */ + +#ifndef _DEBUGFS_INTERNAL_H_ +#define _DEBUGFS_INTERNAL_H_ + +struct file_operations; +struct srcu_struct; + +/* declared over in file.c */ +extern const struct file_operations debugfs_noop_file_operations; +extern const struct file_operations debugfs_open_proxy_file_operations; + +extern struct srcu_struct debugfs_srcu; + +#endif /* _DEBUGFS_INTERNAL_H_ */ diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h index 51362ff607fc..6215d2852a3e 100644 --- a/include/linux/debugfs.h +++ b/include/linux/debugfs.h @@ -43,9 +43,6 @@ extern struct dentry *arch_debugfs_dir; #if defined(CONFIG_DEBUG_FS) -/* declared over in file.c */ -extern const struct file_operations debugfs_file_operations; - struct dentry *debugfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops); diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug index 1f2d6e38dc30..8f27ef6f84e9 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -257,6 +257,7 @@ config PAGE_OWNER config DEBUG_FS bool "Debug Filesystem" + select SRCU help debugfs is a virtual file system that kernel developers use to put debugging files into. Enable this option to be able to read and From patchwork Fri Jun 19 16:50:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313198 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxj4FT1zB4Cm; Sat, 20 Jun 2020 02:52:57 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKG5-0000OZ-2r; Fri, 19 Jun 2020 16:52:53 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEW-0007Qr-DV for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:16 +0000 Received: from mail-io1-f70.google.com ([209.85.166.70]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEU-0006RV-JW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:14 +0000 Received: by mail-io1-f70.google.com with SMTP id f25so329012ioh.7 for ; Fri, 19 Jun 2020 09:51:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=05bEEchp6c20vSnPymXU485Qg+eAfPiT6nf4ElE/3ME=; b=cfs5JfyFWKAMkHmbf8kKbYrcza+cmFTf5avxPkqRgHL+e2K7jClM5VYoP2awBx4LLh yhVhFCv5VX84xE50GN9g68A0DjdttShZxRwH5RV3oZpWZ+n2YzX/o/iVMYbp/d5JHCQA FOU53JwDlf68QtTtz7hOycbgzGEZ0J+r1kuchNTfxKjQnV6uCrBHYT9lvQWQY8IqKvXa N0o9t+4A2jp72oeSTarkuJYAATRassNJiDptWBI9JYt1tWg/lr8VDZb8ZOfTA5QdmmW/ 8kt6dLpGcWogXEWs71s94eRNlhmo/DGbgm8rxjhnI+4InRGaUGrALZ91rv4uywg3ehmr Y9pA== X-Gm-Message-State: AOAM530rSpi9rMpzNt41ROBxZ26DJCwSpQ6JPBvJIFyHnwUq8FftwPaO u5KRbQLsf+9apxciUmKUCu9hDngVzKuxdmcnYGsnzXJ62puAkf53xMTKyC66BmWIHlB2u3R+gcO J1FQQsM3tHxUnNMWAKhyAkzesRgC5hegeaZ4Zt91O5Q== X-Received: by 2002:a92:c513:: with SMTP id r19mr3995041ilg.12.1592585473155; Fri, 19 Jun 2020 09:51:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzWw9xSVkIxZYy4hkkedLw3leTsFHKG94qFw6MgxbM6h6uQnq6z+vEC4+7bSNgD1c5R9uDDlg== X-Received: by 2002:a92:c513:: with SMTP id r19mr3995005ilg.12.1592585472593; Fri, 19 Jun 2020 09:51:12 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y6sm3393745ilj.56.2020.06.19.09.51.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:12 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 49/57][X] debugfs: prevent access to removed files' private data Date: Fri, 19 Jun 2020 11:50:02 -0500 Message-Id: <20200619165010.645925-50-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Upon return of debugfs_remove()/debugfs_remove_recursive(), it might still be attempted to access associated private file data through previously opened struct file objects. If that data has been freed by the caller of debugfs_remove*() in the meanwhile, the reading/writing process would either encounter a fault or, if the memory address in question has been reassigned again, unrelated data structures could get overwritten. However, since debugfs files are seldomly removed, usually from module exit handlers only, the impact is very low. Currently, there are ~1000 call sites of debugfs_create_file() spread throughout the whole tree and touching all of those struct file_operations in order to make them file removal aware by means of checking the result of debugfs_use_file_start() from within their methods is unfeasible. Instead, wrap the struct file_operations by a lifetime managing proxy at file open: - In debugfs_create_file(), the original fops handed in has got stashed away in ->d_fsdata already. - In debugfs_create_file(), install a proxy file_operations factory, debugfs_full_proxy_file_operations, at ->i_fop. This proxy factory has got an ->open() method only. It carries out some lifetime checks and if successful, dynamically allocates and sets up a new struct file_operations proxy at ->f_op. Afterwards, it forwards to the ->open() of the original struct file_operations in ->d_fsdata, if any. The dynamically set up proxy at ->f_op has got a lifetime managing wrapper set for each of the methods defined in the original struct file_operations in ->d_fsdata. Its ->release()er frees the proxy again and forwards to the original ->release(), if any. In order not to mislead the VFS layer, it is strictly necessary to leave those fields blank in the proxy that have been NULL in the original struct file_operations also, i.e. aren't supported. This is why there is a need for dynamically allocated proxies. The choice made not to allocate a proxy instance for every dentry at file creation, but for every struct file object instantiated thereof is justified by the expected usage pattern of debugfs, namely that in general very few files get opened more than once at a time. The wrapper methods set in the struct file_operations implement lifetime managing by means of the SRCU protection facilities already in place for debugfs: They set up a SRCU read side critical section and check whether the dentry is still alive by means of debugfs_use_file_start(). If so, they forward the call to the original struct file_operation stored in ->d_fsdata, still under the protection of the SRCU read side critical section. This SRCU read side critical section prevents any pending debugfs_remove() and friends to return to their callers. Since a file's private data must only be freed after the return of debugfs_remove(), the ongoing proxied call is guarded against any file removal race. If, on the other hand, the initial call to debugfs_use_file_start() detects that the dentry is dead, the wrapper simply returns -EIO and does not forward the call. Note that the ->poll() wrapper is special in that its signature does not allow for the return of arbitrary -EXXX values and thus, POLLHUP is returned here. In order not to pollute debugfs with wrapper definitions that aren't ever needed, I chose not to define a wrapper for every struct file_operations method possible. Instead, a wrapper is defined only for the subset of methods which are actually set by any debugfs users. Currently, these are: ->llseek() ->read() ->write() ->unlocked_ioctl() ->poll() The ->release() wrapper is special in that it does not protect the original ->release() in any way from dead files in order not to leak resources. Thus, any ->release() handed to debugfs must implement file lifetime management manually, if needed. For only 33 out of a total of 434 releasers handed in to debugfs, it could not be verified immediately whether they access data structures that might have been freed upon a debugfs_remove() return in the meanwhile. Export debugfs_use_file_start() and debugfs_use_file_finish() in order to allow any ->release() to manually implement file lifetime management. For a set of common cases of struct file_operations implemented by the debugfs_core itself, future patches will incorporate file lifetime management directly within those in order to allow for their unproxied operation. Rename the original, non-proxying "debugfs_create_file()" to "debugfs_create_file_unsafe()" and keep it for future internal use by debugfs itself. Factor out code common to both into the new __debugfs_create_file(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (backported from commit 49d200deaa680501f19a247b1fffb29301e51d2b) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 157 +++++++++++++++++++++++++++++++++++++++- fs/debugfs/inode.c | 70 ++++++++++++------ fs/debugfs/internal.h | 6 +- include/linux/debugfs.h | 20 +++++ 4 files changed, 226 insertions(+), 27 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 736ab3c988f2..6eb58a8ed03c 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -23,9 +23,12 @@ #include #include #include +#include #include "internal.h" +struct poll_table_struct; + static ssize_t default_read_file(struct file *file, char __user *buf, size_t count, loff_t *ppos) { @@ -66,7 +69,7 @@ const struct file_operations debugfs_noop_file_operations = { * debugfs_use_file_start() must be followed by a matching call * to debugfs_use_file_finish(). */ -static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) +int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) __acquires(&debugfs_srcu) { *srcu_idx = srcu_read_lock(&debugfs_srcu); @@ -75,6 +78,7 @@ static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) return -EIO; return 0; } +EXPORT_SYMBOL_GPL(debugfs_use_file_start); /** * debugfs_use_file_finish - mark the end of file data access @@ -85,10 +89,11 @@ static int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) * debugfs_remove_recursive() blocked by a former call to * debugfs_use_file_start() to proceed and return to its caller. */ -static void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) +void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) { srcu_read_unlock(&debugfs_srcu, srcu_idx); } +EXPORT_SYMBOL_GPL(debugfs_use_file_finish); #define F_DENTRY(filp) ((filp)->f_path.dentry) @@ -131,6 +136,154 @@ const struct file_operations debugfs_open_proxy_file_operations = { .open = open_proxy_open, }; +#define PROTO(args...) args +#define ARGS(args...) args + +#define FULL_PROXY_FUNC(name, ret_type, filp, proto, args) \ +static ret_type full_proxy_ ## name(proto) \ +{ \ + const struct dentry *dentry = F_DENTRY(filp); \ + const struct file_operations *real_fops = \ + REAL_FOPS_DEREF(dentry); \ + int srcu_idx; \ + ret_type r; \ + \ + r = debugfs_use_file_start(dentry, &srcu_idx); \ + if (likely(!r)) \ + r = real_fops->name(args); \ + debugfs_use_file_finish(srcu_idx); \ + return r; \ +} + +FULL_PROXY_FUNC(llseek, loff_t, filp, + PROTO(struct file *filp, loff_t offset, int whence), + ARGS(filp, offset, whence)); + +FULL_PROXY_FUNC(read, ssize_t, filp, + PROTO(struct file *filp, char __user *buf, size_t size, + loff_t *ppos), + ARGS(filp, buf, size, ppos)); + +FULL_PROXY_FUNC(write, ssize_t, filp, + PROTO(struct file *filp, const char __user *buf, size_t size, + loff_t *ppos), + ARGS(filp, buf, size, ppos)); + +FULL_PROXY_FUNC(unlocked_ioctl, long, filp, + PROTO(struct file *filp, unsigned int cmd, unsigned long arg), + ARGS(filp, cmd, arg)); + +static unsigned int full_proxy_poll(struct file *filp, + struct poll_table_struct *wait) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = REAL_FOPS_DEREF(dentry); + int srcu_idx; + unsigned int r = 0; + + if (debugfs_use_file_start(dentry, &srcu_idx)) { + debugfs_use_file_finish(srcu_idx); + return POLLHUP; + } + + r = real_fops->poll(filp, wait); + debugfs_use_file_finish(srcu_idx); + return r; +} + +static int full_proxy_release(struct inode *inode, struct file *filp) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = REAL_FOPS_DEREF(dentry); + const struct file_operations *proxy_fops = filp->f_op; + int r = 0; + + /* + * We must not protect this against removal races here: the + * original releaser should be called unconditionally in order + * not to leak any resources. Releasers must not assume that + * ->i_private is still being meaningful here. + */ + if (real_fops->release) + r = real_fops->release(inode, filp); + + replace_fops(filp, d_inode(dentry)->i_fop); + kfree((void *)proxy_fops); + fops_put(real_fops); + return 0; +} + +static void __full_proxy_fops_init(struct file_operations *proxy_fops, + const struct file_operations *real_fops) +{ + proxy_fops->release = full_proxy_release; + if (real_fops->llseek) + proxy_fops->llseek = full_proxy_llseek; + if (real_fops->read) + proxy_fops->read = full_proxy_read; + if (real_fops->write) + proxy_fops->write = full_proxy_write; + if (real_fops->poll) + proxy_fops->poll = full_proxy_poll; + if (real_fops->unlocked_ioctl) + proxy_fops->unlocked_ioctl = full_proxy_unlocked_ioctl; +} + +static int full_proxy_open(struct inode *inode, struct file *filp) +{ + const struct dentry *dentry = F_DENTRY(filp); + const struct file_operations *real_fops = NULL; + struct file_operations *proxy_fops = NULL; + int srcu_idx, r; + + r = debugfs_use_file_start(dentry, &srcu_idx); + if (r) { + r = -ENOENT; + goto out; + } + + real_fops = REAL_FOPS_DEREF(dentry); + real_fops = fops_get(real_fops); + if (!real_fops) { + /* Huh? Module did not cleanup after itself at exit? */ + WARN(1, "debugfs file owner did not clean up at exit: %pd", + dentry); + r = -ENXIO; + goto out; + } + + proxy_fops = kzalloc(sizeof(*proxy_fops), GFP_KERNEL); + if (!proxy_fops) { + r = -ENOMEM; + goto free_proxy; + } + __full_proxy_fops_init(proxy_fops, real_fops); + replace_fops(filp, proxy_fops); + + if (real_fops->open) { + r = real_fops->open(inode, filp); + + if (filp->f_op != proxy_fops) { + /* No protection against file removal anymore. */ + WARN(1, "debugfs file owner replaced proxy fops: %pd", + dentry); + goto free_proxy; + } + } + + goto out; +free_proxy: + kfree(proxy_fops); + fops_put(real_fops); +out: + debugfs_use_file_finish(srcu_idx); + return r; +} + +const struct file_operations debugfs_full_proxy_file_operations = { + .open = full_proxy_open, +}; + static struct dentry *debugfs_create_mode(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index f01e61932747..97149d770fdb 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -304,6 +304,37 @@ static struct dentry *end_creating(struct dentry *dentry) return dentry; } +static struct dentry *__debugfs_create_file(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *proxy_fops, + const struct file_operations *real_fops) +{ + struct dentry *dentry; + struct inode *inode; + + if (!(mode & S_IFMT)) + mode |= S_IFREG; + BUG_ON(!S_ISREG(mode)); + dentry = start_creating(name, parent); + + if (IS_ERR(dentry)) + return NULL; + + inode = debugfs_get_inode(dentry->d_sb); + if (unlikely(!inode)) + return failed_creating(dentry); + + inode->i_mode = mode; + inode->i_private = data; + + inode->i_fop = proxy_fops; + dentry->d_fsdata = (void *)real_fops; + + d_instantiate(dentry, inode); + fsnotify_create(d_inode(dentry->d_parent), dentry); + return end_creating(dentry); +} + /** * debugfs_create_file - create a file in the debugfs filesystem * @name: a pointer to a string containing the name of the file to create. @@ -334,33 +365,24 @@ struct dentry *debugfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops) { - struct dentry *dentry; - struct inode *inode; - - if (!(mode & S_IFMT)) - mode |= S_IFREG; - BUG_ON(!S_ISREG(mode)); - dentry = start_creating(name, parent); - - if (IS_ERR(dentry)) - return NULL; - - inode = debugfs_get_inode(dentry->d_sb); - if (unlikely(!inode)) - return failed_creating(dentry); - inode->i_mode = mode; - inode->i_private = data; + return __debugfs_create_file(name, mode, parent, data, + fops ? &debugfs_full_proxy_file_operations : + &debugfs_noop_file_operations, + fops); +} +EXPORT_SYMBOL_GPL(debugfs_create_file); - inode->i_fop = fops ? &debugfs_open_proxy_file_operations - : &debugfs_noop_file_operations; - dentry->d_fsdata = (void *)fops; +struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *fops) +{ - d_instantiate(dentry, inode); - fsnotify_create(d_inode(dentry->d_parent), dentry); - return end_creating(dentry); + return __debugfs_create_file(name, mode, parent, data, + fops ? &debugfs_open_proxy_file_operations : + &debugfs_noop_file_operations, + fops); } -EXPORT_SYMBOL_GPL(debugfs_create_file); /** * debugfs_create_file_size - create a file in the debugfs filesystem @@ -579,6 +601,7 @@ void debugfs_remove(struct dentry *dentry) mutex_unlock(&d_inode(parent)->i_mutex); if (!ret) simple_release_fs(&debugfs_mount, &debugfs_mount_count); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove); @@ -657,6 +680,7 @@ void debugfs_remove_recursive(struct dentry *dentry) if (!__debugfs_remove(child, parent)) simple_release_fs(&debugfs_mount, &debugfs_mount_count); mutex_unlock(&d_inode(parent)->i_mutex); + synchronize_srcu(&debugfs_srcu); } EXPORT_SYMBOL_GPL(debugfs_remove_recursive); diff --git a/fs/debugfs/internal.h b/fs/debugfs/internal.h index c7aaa5cb6685..bba52634b995 100644 --- a/fs/debugfs/internal.h +++ b/fs/debugfs/internal.h @@ -13,12 +13,14 @@ #define _DEBUGFS_INTERNAL_H_ struct file_operations; -struct srcu_struct; /* declared over in file.c */ extern const struct file_operations debugfs_noop_file_operations; extern const struct file_operations debugfs_open_proxy_file_operations; +extern const struct file_operations debugfs_full_proxy_file_operations; -extern struct srcu_struct debugfs_srcu; +struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *fops); #endif /* _DEBUGFS_INTERNAL_H_ */ diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h index 6215d2852a3e..3b3177148b11 100644 --- a/include/linux/debugfs.h +++ b/include/linux/debugfs.h @@ -19,9 +19,11 @@ #include #include +#include struct device; struct file_operations; +struct srcu_struct; struct debugfs_blob_wrapper { void *data; @@ -41,6 +43,8 @@ struct debugfs_regset32 { extern struct dentry *arch_debugfs_dir; +extern struct srcu_struct debugfs_srcu; + #if defined(CONFIG_DEBUG_FS) struct dentry *debugfs_create_file(const char *name, umode_t mode, @@ -66,6 +70,11 @@ struct dentry *debugfs_create_automount(const char *name, void debugfs_remove(struct dentry *dentry); void debugfs_remove_recursive(struct dentry *dentry); +int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) + __acquires(&debugfs_srcu); + +void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu); + struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, const char *new_name); @@ -166,6 +175,17 @@ static inline void debugfs_remove(struct dentry *dentry) static inline void debugfs_remove_recursive(struct dentry *dentry) { } +static inline int debugfs_use_file_start(const struct dentry *dentry, + int *srcu_idx) + __acquires(&debugfs_srcu) +{ + return 0; +} + +static inline void debugfs_use_file_finish(int srcu_idx) + __releases(&debugfs_srcu) +{ } + static inline struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, char *new_name) { From patchwork Fri Jun 19 16:50:03 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313194 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxW0rVkz9sVZ; Sat, 20 Jun 2020 02:52:47 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFt-0000A8-2Y; Fri, 19 Jun 2020 16:52:41 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEW-0007RG-Ru for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:16 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEV-0006Rf-9c for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:15 +0000 Received: by mail-il1-f197.google.com with SMTP id k63so6888212ilg.17 for ; Fri, 19 Jun 2020 09:51:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HZuIsB9CDIGbnF51QhDyO1QPJww0jLruwzox58Orqwo=; b=s8wW4Tw4e+Fh1s4u9oAGudOqr20IaUQgaBkoqSqQ8X3DyBuqtfWE8avpruUZNEM0Uh IzS9nZSPA6GBkCvsBC7YP5cqQK2vPWukCbFuuxG6EUp0jWifNDN5ukMt9SJie+tNw/+W SM96RzsLXyaohXvJxbyGrW5ELNwbxUQFoNmDRk6E4Ao85d4kcRvFha2was6CT2b+zuw/ /apzDbXifSDphA4EaSISmYnDHDJnr+NQspLG1gItJMk1RINnZywZY8itc5ho0QhzP5VJ MAGSIyJyLygo+S9wEOBBOKxHZ2XJa3t7RoVvPRPdFLH99lzC+Dm3iJTrc9ibMn0Ls2tr ni8A== X-Gm-Message-State: AOAM531j3tOZkF1dZXsnJze91uXqhkormvWe6hHGFEsr7240aTEogS8t 3yl6jpx1pFjV6dZ+IrSzG6lGJ4g9mPbiCvFrSGsAtJFCwwd0/xP5uhdw3LIsqd/ovtQ+Jkm1wTC Ml66bkMaG4fRRpxSGT6WC7aNFg59QBAC1wfS6Vk+Qyg== X-Received: by 2002:a02:2a44:: with SMTP id w65mr2389998jaw.110.1592585473949; Fri, 19 Jun 2020 09:51:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwk78YLfxReiiJfZItJ/cLKTySN89mrRj4MXQ74gCikEnCXhqNvMXb26nMPnMmIkgIdEUsPOQ== X-Received: by 2002:a02:2a44:: with SMTP id w65mr2389966jaw.110.1592585473583; Fri, 19 Jun 2020 09:51:13 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w16sm3095330iom.27.2020.06.19.09.51.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:13 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 50/57][X] debugfs: add support for self-protecting attribute file fops Date: Fri, 19 Jun 2020 11:50:03 -0500 Message-Id: <20200619165010.645925-51-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 In order to protect them against file removal issues, debugfs_create_file() creates a lifetime managing proxy around each struct file_operations handed in. In cases where this struct file_operations is able to manage file lifetime by itself already, the proxy created by debugfs is a waste of resources. The most common class of struct file_operations given to debugfs are those defined by means of the DEFINE_SIMPLE_ATTRIBUTE() macro. Introduce a DEFINE_DEBUGFS_ATTRIBUTE() macro to allow any struct file_operations of this class to be easily made file lifetime aware and thus, to be operated unproxied. Specifically, introduce debugfs_attr_read() and debugfs_attr_write() which wrap simple_attr_read() and simple_attr_write() under the protection of a debugfs_use_file_start()/debugfs_use_file_finish() pair. Make DEFINE_DEBUGFS_ATTRIBUTE() set the defined struct file_operations' ->read() and ->write() members to these wrappers. Export debugfs_create_file_unsafe() in order to allow debugfs users to create their files in non-proxying operation mode. Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit c64688081490321f2d23a292ef24e60bb321f3f1) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 28 ++++++++++++++++++++++++++++ fs/debugfs/inode.c | 28 ++++++++++++++++++++++++++++ include/linux/debugfs.h | 26 ++++++++++++++++++++++++++ 3 files changed, 82 insertions(+) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 6eb58a8ed03c..8ef56d9499a4 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -284,6 +284,34 @@ const struct file_operations debugfs_full_proxy_file_operations = { .open = full_proxy_open, }; +ssize_t debugfs_attr_read(struct file *file, char __user *buf, + size_t len, loff_t *ppos) +{ + ssize_t ret; + int srcu_idx; + + ret = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!ret)) + ret = simple_attr_read(file, buf, len, ppos); + debugfs_use_file_finish(srcu_idx); + return ret; +} +EXPORT_SYMBOL_GPL(debugfs_attr_read); + +ssize_t debugfs_attr_write(struct file *file, const char __user *buf, + size_t len, loff_t *ppos) +{ + ssize_t ret; + int srcu_idx; + + ret = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!ret)) + ret = simple_attr_write(file, buf, len, ppos); + debugfs_use_file_finish(srcu_idx); + return ret; +} +EXPORT_SYMBOL_GPL(debugfs_attr_write); + static struct dentry *debugfs_create_mode(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c index 97149d770fdb..72f3052f61c5 100644 --- a/fs/debugfs/inode.c +++ b/fs/debugfs/inode.c @@ -373,6 +373,33 @@ struct dentry *debugfs_create_file(const char *name, umode_t mode, } EXPORT_SYMBOL_GPL(debugfs_create_file); +/** + * debugfs_create_file_unsafe - create a file in the debugfs filesystem + * @name: a pointer to a string containing the name of the file to create. + * @mode: the permission that the file should have. + * @parent: a pointer to the parent dentry for this file. This should be a + * directory dentry if set. If this parameter is NULL, then the + * file will be created in the root of the debugfs filesystem. + * @data: a pointer to something that the caller will want to get to later + * on. The inode.i_private pointer will point to this value on + * the open() call. + * @fops: a pointer to a struct file_operations that should be used for + * this file. + * + * debugfs_create_file_unsafe() is completely analogous to + * debugfs_create_file(), the only difference being that the fops + * handed it will not get protected against file removals by the + * debugfs core. + * + * It is your responsibility to protect your struct file_operation + * methods against file removals by means of debugfs_use_file_start() + * and debugfs_use_file_finish(). ->open() is still protected by + * debugfs though. + * + * Any struct file_operations defined by means of + * DEFINE_DEBUGFS_ATTRIBUTE() is protected against file removals and + * thus, may be used here. + */ struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops) @@ -383,6 +410,7 @@ struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, &debugfs_noop_file_operations, fops); } +EXPORT_SYMBOL_GPL(debugfs_create_file_unsafe); /** * debugfs_create_file_size - create a file in the debugfs filesystem diff --git a/include/linux/debugfs.h b/include/linux/debugfs.h index 3b3177148b11..008083421fa9 100644 --- a/include/linux/debugfs.h +++ b/include/linux/debugfs.h @@ -50,6 +50,9 @@ extern struct srcu_struct debugfs_srcu; struct dentry *debugfs_create_file(const char *name, umode_t mode, struct dentry *parent, void *data, const struct file_operations *fops); +struct dentry *debugfs_create_file_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *data, + const struct file_operations *fops); struct dentry *debugfs_create_file_size(const char *name, umode_t mode, struct dentry *parent, void *data, @@ -75,6 +78,26 @@ int debugfs_use_file_start(const struct dentry *dentry, int *srcu_idx) void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu); +ssize_t debugfs_attr_read(struct file *file, char __user *buf, + size_t len, loff_t *ppos); +ssize_t debugfs_attr_write(struct file *file, const char __user *buf, + size_t len, loff_t *ppos); + +#define DEFINE_DEBUGFS_ATTRIBUTE(__fops, __get, __set, __fmt) \ +static int __fops ## _open(struct inode *inode, struct file *file) \ +{ \ + __simple_attr_check_format(__fmt, 0ull); \ + return simple_attr_open(inode, file, __get, __set, __fmt); \ +} \ +static const struct file_operations __fops = { \ + .owner = THIS_MODULE, \ + .open = __fops ## _open, \ + .release = simple_attr_release, \ + .read = debugfs_attr_read, \ + .write = debugfs_attr_write, \ + .llseek = generic_file_llseek, \ +} + struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, const char *new_name); @@ -186,6 +209,9 @@ static inline void debugfs_use_file_finish(int srcu_idx) __releases(&debugfs_srcu) { } +#define DEFINE_DEBUGFS_ATTRIBUTE(__fops, __get, __set, __fmt) \ + static const struct file_operations __fops = { 0 } + static inline struct dentry *debugfs_rename(struct dentry *old_dir, struct dentry *old_dentry, struct dentry *new_dir, char *new_name) { From patchwork Fri Jun 19 16:50:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313195 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxZ44VMz9sWV; Sat, 20 Jun 2020 02:52:50 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKFw-0000Eq-UH; Fri, 19 Jun 2020 16:52:44 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEY-0007SD-Hw for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:18 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEW-0006Rq-DW for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:16 +0000 Received: by mail-il1-f197.google.com with SMTP id q14so6851101ils.18 for ; Fri, 19 Jun 2020 09:51:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fVvDiICdHPyAgpj2dmKxXXYbP6jDr0PxMtWuLjcaTAo=; b=Yezj+41FCkQnlLNYj7AJnAtbCrssAJCDYcRg3FFrnmItlzBv06WGI8qp/LXCS8+Uu1 fgZZJfFvOGid2Vbsx8UQ0WHrkQaan6b0P4ac4D6I8aPplkq4QN6iotKKFYR1tuQjVpgz BBZngEDX+4k1wir73vRM2Mmnb8tDQ4E2IOuJFIfAdbuJJ9Rjv8Rp4HJsDtPwlNWx1kpp Rji+UftPCGo5fDKYF45q/VAltrbwthhCj0cObE43LCvIPHIrhaXL2N2a0HnxBUffme/s KX8XaDjOeThw+C6OgCgQqwP0KMcP4Q0W0wjDvPZPMwfxeDwN50KBPlWAZSUY2B3kTi0I Kv2Q== X-Gm-Message-State: AOAM5335emohcTLAGlH9QSXxr51bv/wbsPNY0c47+Mi7jiICBqCmJkSq Am9iM0usW+jkeEbXAVvSk7C8YvvSSgxGaT+sQg9bG/Tay2EcyFKkhQzTCVvELv41YE3dN+ySffP dcQ0U8824jw+P8fQ7BPD7Jbp+kzlLtBaC2ZJU7rGNLQ== X-Received: by 2002:a6b:c910:: with SMTP id z16mr5187882iof.199.1592585475006; Fri, 19 Jun 2020 09:51:15 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwoP4Q9RXzaUes6vq1VmeqfPJgGZdnkXadw2ohNTe/BNS61g3X84EUjcpiL19xGb4VCTuuQvw== X-Received: by 2002:a6b:c910:: with SMTP id z16mr5187852iof.199.1592585474591; Fri, 19 Jun 2020 09:51:14 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id w21sm3755221ioa.48.2020.06.19.09.51.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:14 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 51/57][X] debugfs: unproxify integer attribute files Date: Fri, 19 Jun 2020 11:50:04 -0500 Message-Id: <20200619165010.645925-52-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Currently, the struct file_operations associated with the integer attribute style files created through the debugfs_create_*() helpers are not file lifetime aware as they are defined by means of DEFINE_SIMPLE_ATTRIBUTE(). Thus, a lifetime managing proxy is created around the original fops each time such a file is opened which is an unnecessary waste of resources. Migrate all usages of DEFINE_SIMPLE_ATTRIBUTE() within debugfs itself to DEFINE_DEBUGFS_ATTRIBUTE() in order to implement file lifetime managing within the struct file_operations thus defined. Introduce the debugfs_create_mode_unsafe() helper, analogous to debugfs_create_mode(), but distinct in that it creates the files in non-proxying operation mode through debugfs_create_file_unsafe(). Feed all struct file_operations migrated to DEFINE_DEBUGFS_ATTRIBUTE() into debugfs_create_mode_unsafe() instead of former debugfs_create_mode(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 4909f168104b24f592fb8d502e2a6520346a3927) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 123 ++++++++++++++++++++++++++++------------------ 1 file changed, 75 insertions(+), 48 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 8ef56d9499a4..4b3967e86e97 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -328,6 +328,24 @@ static struct dentry *debugfs_create_mode(const char *name, umode_t mode, return debugfs_create_file(name, mode, parent, value, fops); } +static struct dentry *debugfs_create_mode_unsafe(const char *name, umode_t mode, + struct dentry *parent, void *value, + const struct file_operations *fops, + const struct file_operations *fops_ro, + const struct file_operations *fops_wo) +{ + /* if there are no write bits set, make read only */ + if (!(mode & S_IWUGO)) + return debugfs_create_file_unsafe(name, mode, parent, value, + fops_ro); + /* if there are no read bits set, make write only */ + if (!(mode & S_IRUGO)) + return debugfs_create_file_unsafe(name, mode, parent, value, + fops_wo); + + return debugfs_create_file_unsafe(name, mode, parent, value, fops); +} + static int debugfs_u8_set(void *data, u64 val) { *(u8 *)data = val; @@ -338,9 +356,9 @@ static int debugfs_u8_get(void *data, u64 *val) *val = *(u8 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u8, debugfs_u8_get, debugfs_u8_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u8_ro, debugfs_u8_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u8_wo, NULL, debugfs_u8_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u8, debugfs_u8_get, debugfs_u8_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u8_ro, debugfs_u8_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u8_wo, NULL, debugfs_u8_set, "%llu\n"); /** * debugfs_create_u8 - create a debugfs file that is used to read and write an unsigned 8-bit value @@ -369,7 +387,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u8_wo, NULL, debugfs_u8_set, "%llu\n"); struct dentry *debugfs_create_u8(const char *name, umode_t mode, struct dentry *parent, u8 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u8, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u8, &fops_u8_ro, &fops_u8_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u8); @@ -384,9 +402,9 @@ static int debugfs_u16_get(void *data, u64 *val) *val = *(u16 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u16, debugfs_u16_get, debugfs_u16_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u16_ro, debugfs_u16_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u16_wo, NULL, debugfs_u16_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u16, debugfs_u16_get, debugfs_u16_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u16_ro, debugfs_u16_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u16_wo, NULL, debugfs_u16_set, "%llu\n"); /** * debugfs_create_u16 - create a debugfs file that is used to read and write an unsigned 16-bit value @@ -415,7 +433,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u16_wo, NULL, debugfs_u16_set, "%llu\n"); struct dentry *debugfs_create_u16(const char *name, umode_t mode, struct dentry *parent, u16 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u16, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u16, &fops_u16_ro, &fops_u16_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u16); @@ -430,9 +448,9 @@ static int debugfs_u32_get(void *data, u64 *val) *val = *(u32 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u32, debugfs_u32_get, debugfs_u32_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u32_ro, debugfs_u32_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u32_wo, NULL, debugfs_u32_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u32, debugfs_u32_get, debugfs_u32_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u32_ro, debugfs_u32_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u32_wo, NULL, debugfs_u32_set, "%llu\n"); /** * debugfs_create_u32 - create a debugfs file that is used to read and write an unsigned 32-bit value @@ -461,7 +479,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u32_wo, NULL, debugfs_u32_set, "%llu\n"); struct dentry *debugfs_create_u32(const char *name, umode_t mode, struct dentry *parent, u32 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u32, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u32, &fops_u32_ro, &fops_u32_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u32); @@ -477,9 +495,9 @@ static int debugfs_u64_get(void *data, u64 *val) *val = *(u64 *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_u64, debugfs_u64_get, debugfs_u64_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u64_ro, debugfs_u64_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_u64_wo, NULL, debugfs_u64_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u64, debugfs_u64_get, debugfs_u64_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u64_ro, debugfs_u64_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_u64_wo, NULL, debugfs_u64_set, "%llu\n"); /** * debugfs_create_u64 - create a debugfs file that is used to read and write an unsigned 64-bit value @@ -508,7 +526,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_u64_wo, NULL, debugfs_u64_set, "%llu\n"); struct dentry *debugfs_create_u64(const char *name, umode_t mode, struct dentry *parent, u64 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_u64, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_u64, &fops_u64_ro, &fops_u64_wo); } EXPORT_SYMBOL_GPL(debugfs_create_u64); @@ -524,9 +542,10 @@ static int debugfs_ulong_get(void *data, u64 *val) *val = *(unsigned long *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_ulong, debugfs_ulong_get, debugfs_ulong_set, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_ulong_ro, debugfs_ulong_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_ulong_wo, NULL, debugfs_ulong_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_ulong, debugfs_ulong_get, debugfs_ulong_set, + "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_ulong_ro, debugfs_ulong_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_ulong_wo, NULL, debugfs_ulong_set, "%llu\n"); /** * debugfs_create_ulong - create a debugfs file that is used to read and write @@ -556,26 +575,30 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_ulong_wo, NULL, debugfs_ulong_set, "%llu\n"); struct dentry *debugfs_create_ulong(const char *name, umode_t mode, struct dentry *parent, unsigned long *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_ulong, - &fops_ulong_ro, &fops_ulong_wo); + return debugfs_create_mode_unsafe(name, mode, parent, value, + &fops_ulong, &fops_ulong_ro, + &fops_ulong_wo); } EXPORT_SYMBOL_GPL(debugfs_create_ulong); -DEFINE_SIMPLE_ATTRIBUTE(fops_x8, debugfs_u8_get, debugfs_u8_set, "0x%02llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x8_ro, debugfs_u8_get, NULL, "0x%02llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x8_wo, NULL, debugfs_u8_set, "0x%02llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x8, debugfs_u8_get, debugfs_u8_set, "0x%02llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x8_ro, debugfs_u8_get, NULL, "0x%02llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x8_wo, NULL, debugfs_u8_set, "0x%02llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x16, debugfs_u16_get, debugfs_u16_set, "0x%04llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x16_ro, debugfs_u16_get, NULL, "0x%04llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x16_wo, NULL, debugfs_u16_set, "0x%04llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x16, debugfs_u16_get, debugfs_u16_set, + "0x%04llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x16_ro, debugfs_u16_get, NULL, "0x%04llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x16_wo, NULL, debugfs_u16_set, "0x%04llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x32, debugfs_u32_get, debugfs_u32_set, "0x%08llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x32_ro, debugfs_u32_get, NULL, "0x%08llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x32_wo, NULL, debugfs_u32_set, "0x%08llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x32, debugfs_u32_get, debugfs_u32_set, + "0x%08llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x32_ro, debugfs_u32_get, NULL, "0x%08llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x32_wo, NULL, debugfs_u32_set, "0x%08llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x64, debugfs_u64_get, debugfs_u64_set, "0x%016llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x64_ro, debugfs_u64_get, NULL, "0x%016llx\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_x64_wo, NULL, debugfs_u64_set, "0x%016llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x64, debugfs_u64_get, debugfs_u64_set, + "0x%016llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x64_ro, debugfs_u64_get, NULL, "0x%016llx\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_x64_wo, NULL, debugfs_u64_set, "0x%016llx\n"); /* * debugfs_create_x{8,16,32,64} - create a debugfs file that is used to read and write an unsigned {8,16,32,64}-bit value @@ -598,7 +621,7 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_x64_wo, NULL, debugfs_u64_set, "0x%016llx\n"); struct dentry *debugfs_create_x8(const char *name, umode_t mode, struct dentry *parent, u8 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x8, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x8, &fops_x8_ro, &fops_x8_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x8); @@ -616,7 +639,7 @@ EXPORT_SYMBOL_GPL(debugfs_create_x8); struct dentry *debugfs_create_x16(const char *name, umode_t mode, struct dentry *parent, u16 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x16, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x16, &fops_x16_ro, &fops_x16_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x16); @@ -634,7 +657,7 @@ EXPORT_SYMBOL_GPL(debugfs_create_x16); struct dentry *debugfs_create_x32(const char *name, umode_t mode, struct dentry *parent, u32 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x32, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x32, &fops_x32_ro, &fops_x32_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x32); @@ -652,7 +675,7 @@ EXPORT_SYMBOL_GPL(debugfs_create_x32); struct dentry *debugfs_create_x64(const char *name, umode_t mode, struct dentry *parent, u64 *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_x64, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_x64, &fops_x64_ro, &fops_x64_wo); } EXPORT_SYMBOL_GPL(debugfs_create_x64); @@ -668,10 +691,10 @@ static int debugfs_size_t_get(void *data, u64 *val) *val = *(size_t *)data; return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_size_t, debugfs_size_t_get, debugfs_size_t_set, - "%llu\n"); /* %llu and %zu are more or less the same */ -DEFINE_SIMPLE_ATTRIBUTE(fops_size_t_ro, debugfs_size_t_get, NULL, "%llu\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_size_t_wo, NULL, debugfs_size_t_set, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_size_t, debugfs_size_t_get, debugfs_size_t_set, + "%llu\n"); /* %llu and %zu are more or less the same */ +DEFINE_DEBUGFS_ATTRIBUTE(fops_size_t_ro, debugfs_size_t_get, NULL, "%llu\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_size_t_wo, NULL, debugfs_size_t_set, "%llu\n"); /** * debugfs_create_size_t - create a debugfs file that is used to read and write an size_t value @@ -686,8 +709,9 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_size_t_wo, NULL, debugfs_size_t_set, "%llu\n"); struct dentry *debugfs_create_size_t(const char *name, umode_t mode, struct dentry *parent, size_t *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_size_t, - &fops_size_t_ro, &fops_size_t_wo); + return debugfs_create_mode_unsafe(name, mode, parent, value, + &fops_size_t, &fops_size_t_ro, + &fops_size_t_wo); } EXPORT_SYMBOL_GPL(debugfs_create_size_t); @@ -701,10 +725,12 @@ static int debugfs_atomic_t_get(void *data, u64 *val) *val = atomic_read((atomic_t *)data); return 0; } -DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t, debugfs_atomic_t_get, +DEFINE_DEBUGFS_ATTRIBUTE(fops_atomic_t, debugfs_atomic_t_get, debugfs_atomic_t_set, "%lld\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t_ro, debugfs_atomic_t_get, NULL, "%lld\n"); -DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t_wo, NULL, debugfs_atomic_t_set, "%lld\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_atomic_t_ro, debugfs_atomic_t_get, NULL, + "%lld\n"); +DEFINE_DEBUGFS_ATTRIBUTE(fops_atomic_t_wo, NULL, debugfs_atomic_t_set, + "%lld\n"); /** * debugfs_create_atomic_t - create a debugfs file that is used to read and @@ -720,8 +746,9 @@ DEFINE_SIMPLE_ATTRIBUTE(fops_atomic_t_wo, NULL, debugfs_atomic_t_set, "%lld\n"); struct dentry *debugfs_create_atomic_t(const char *name, umode_t mode, struct dentry *parent, atomic_t *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_atomic_t, - &fops_atomic_t_ro, &fops_atomic_t_wo); + return debugfs_create_mode_unsafe(name, mode, parent, value, + &fops_atomic_t, &fops_atomic_t_ro, + &fops_atomic_t_wo); } EXPORT_SYMBOL_GPL(debugfs_create_atomic_t); From patchwork Fri Jun 19 16:50:05 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313199 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxl1MbGzB4Cc; Sat, 20 Jun 2020 02:52:59 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKG6-0000QE-Eg; Fri, 19 Jun 2020 16:52:54 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEZ-0007T2-3L for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:19 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEX-0006Rx-Kj for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:17 +0000 Received: by mail-il1-f199.google.com with SMTP id c11so6898395ilq.0 for ; Fri, 19 Jun 2020 09:51:17 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hwPoeli+qzwZJfZXH+AlISZky/JO0Rc4ZflE8juiyA4=; b=ajcl+LfZBi1IqC/4kg+xgOpJ+6f72DxpGGTxHIkcvoNFHz0ffIW2EtpwwxQ9TIWm12 4WExEbThHBu6N29K8tLXbAn5SUkJNrr84euS1BlbtNsIU3LHaItHeeZTBNTptnrU6Vhf yooj9j6E6cSTx/orBkSgx+YLFujHXuUQF4TDeMp+T1cEV2mkcIzWCbGACo8kfm0DFpwN XaEz9B9Xp8ShnBIb6hHjrK+HcLG61Dp0QYhAVUihruEzloIyqjobS57Mqe/F0zrOaluz W0+f4BhicLiZT3lCWrII7zRbMboRRxewugKvhYr145h8hsUQjSzJilSgUagRA6wNC9bP 8heA== X-Gm-Message-State: AOAM530cU8pY29CrWeRsROxN2Fd6mD6SW4E5K9QyhdfBQXMD0dvu8kiO q3EZqahBA/Ey6mmQO+imtlReCqPtyaazdcbco0aC3hMPAzJsOQN69X9tuT2YSpCq9ZBIe4PDTdB mdT0h07eyWHgQPv7dRm1KwBg//lUH34cwBVVEembErA== X-Received: by 2002:a02:950a:: with SMTP id y10mr4733295jah.42.1592585476376; Fri, 19 Jun 2020 09:51:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx+g2tKUtiySDSnu8G7JS0ynToawJeWSJkpS+AxOq+DNNW6Xmldz/Kw7SWiW47NLv4Cvb87Tg== X-Received: by 2002:a02:950a:: with SMTP id y10mr4733279jah.42.1592585476141; Fri, 19 Jun 2020 09:51:16 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id y6sm3393790ilj.56.2020.06.19.09.51.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:15 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 52/57][X] debugfs: unproxify files created through debugfs_create_bool() Date: Fri, 19 Jun 2020 11:50:05 -0500 Message-Id: <20200619165010.645925-53-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Currently, the struct file_operations fops_bool associated with files created through the debugfs_create_bool() helpers are not file lifetime aware. Thus, a lifetime managing proxy is created around fops_bool each time such a file is opened which is an unnecessary waste of resources. Implement file lifetime management for the fops_bool file_operations. Namely, make debugfs_read_file_bool() and debugfs_write_file_bool() safe against file removals by means of debugfs_use_file_start() and debugfs_use_file_finish(). Make debugfs_create_bool() create its files in non-proxying operation mode through debugfs_create_mode_unsafe(). Finally, purge debugfs_create_mode() as debugfs_create_bool() had been its last user. Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 4d45f7974ccf0aa783034fef2661573b3a28609e) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 4b3967e86e97..8a548bee1b3d 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -312,22 +312,6 @@ ssize_t debugfs_attr_write(struct file *file, const char __user *buf, } EXPORT_SYMBOL_GPL(debugfs_attr_write); -static struct dentry *debugfs_create_mode(const char *name, umode_t mode, - struct dentry *parent, void *value, - const struct file_operations *fops, - const struct file_operations *fops_ro, - const struct file_operations *fops_wo) -{ - /* if there are no write bits set, make read only */ - if (!(mode & S_IWUGO)) - return debugfs_create_file(name, mode, parent, value, fops_ro); - /* if there are no read bits set, make write only */ - if (!(mode & S_IRUGO)) - return debugfs_create_file(name, mode, parent, value, fops_wo); - - return debugfs_create_file(name, mode, parent, value, fops); -} - static struct dentry *debugfs_create_mode_unsafe(const char *name, umode_t mode, struct dentry *parent, void *value, const struct file_operations *fops, @@ -756,9 +740,17 @@ ssize_t debugfs_read_file_bool(struct file *file, char __user *user_buf, size_t count, loff_t *ppos) { char buf[3]; - bool *val = file->private_data; + bool val; + int r, srcu_idx; + + r = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!r)) + val = *(bool *)file->private_data; + debugfs_use_file_finish(srcu_idx); + if (r) + return r; - if (*val) + if (val) buf[0] = 'Y'; else buf[0] = 'N'; @@ -774,6 +766,7 @@ ssize_t debugfs_write_file_bool(struct file *file, const char __user *user_buf, char buf[32]; size_t buf_size; bool bv; + int r, srcu_idx; bool *val = file->private_data; buf_size = min(count, (sizeof(buf)-1)); @@ -781,8 +774,14 @@ ssize_t debugfs_write_file_bool(struct file *file, const char __user *user_buf, return -EFAULT; buf[buf_size] = '\0'; - if (strtobool(buf, &bv) == 0) - *val = bv; + if (strtobool(buf, &bv) == 0) { + r = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!r)) + *val = bv; + debugfs_use_file_finish(srcu_idx); + if (r) + return r; + } return count; } @@ -834,7 +833,7 @@ static const struct file_operations fops_bool_wo = { struct dentry *debugfs_create_bool(const char *name, umode_t mode, struct dentry *parent, bool *value) { - return debugfs_create_mode(name, mode, parent, value, &fops_bool, + return debugfs_create_mode_unsafe(name, mode, parent, value, &fops_bool, &fops_bool_ro, &fops_bool_wo); } EXPORT_SYMBOL_GPL(debugfs_create_bool); From patchwork Fri Jun 19 16:50:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313200 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxm1p36zB4Cq; Sat, 20 Jun 2020 02:53:00 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKG7-0000Rf-Pr; Fri, 19 Jun 2020 16:52:55 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEb-0007UO-5t for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:21 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEZ-0006S1-7i for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:19 +0000 Received: by mail-il1-f197.google.com with SMTP id k13so6823201ilh.23 for ; Fri, 19 Jun 2020 09:51:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=XzwOXmbfK6RgJET7yluQITNNBvpNYT1x45HKFsZumcM=; b=p3dbRHMEEB8hkeRsJ4zK+XYqjx5UwA4VdRVrSAQDf1VyP5JLRqR3q6jmzaPJctOx7p kYaBPTy18Mx0Nf2AlPQVDhxJpRzN5BrmhASGWYTCTS1h0IErylNRau3l4IqNyIAvg4nL 7RAR5un1a1twgT5lrNvEb0wqyA2HJZR27pIMrmh1BCHX6Baj5IiRS+JIHy065D9Lxisr Okussx2o9eIa1j5k/BWs2OMB/aATgoVLK0zmQCmbCuBUmqdAJwhomKtkIESNO1Wjz5Uk e8QQ3sH21w9rvk1uXthA3SvT3B9iKaGZMkjIbnpNzx0ZGr8wN6n0veiWRI8W+2oD3Whn 31mw== X-Gm-Message-State: AOAM531K1EnZbj8KN3qiRUHakIUY7XAe+V72eIXnAPEWc6b7sBho+1AD RpVmCkloU5M84e9nB20f/E/iRuc2qpoxCO0kl9ta1FUjceHVqyzLMkvH7mNhrv//AREus1tso6Z va+wi/XDEF5Pe1+YYXb2YpjHE3QVW2VX5//lazXvPJg== X-Received: by 2002:a05:6602:2c8f:: with SMTP id i15mr5309606iow.45.1592585478046; Fri, 19 Jun 2020 09:51:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxeBn1jTVXsMx+aMh2dBm10cFRAvo2MDdkk66CL/SFgOmAIU0yDrTFAc3IkbNjTIlopr/F8RQ== X-Received: by 2002:a05:6602:2c8f:: with SMTP id i15mr5309590iow.45.1592585477811; Fri, 19 Jun 2020 09:51:17 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id k18sm3587305ioj.54.2020.06.19.09.51.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:17 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 53/57][X] debugfs: unproxify files created through debugfs_create_blob() Date: Fri, 19 Jun 2020 11:50:06 -0500 Message-Id: <20200619165010.645925-54-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Currently, the struct file_operations fops_blob associated with files created through the debugfs_create_blob() helpers are not file lifetime aware. Thus, a lifetime managing proxy is created around fops_blob each time such a file is opened which is an unnecessary waste of resources. Implement file lifetime management for the fops_bool file_operations. Namely, make read_file_blob() safe gainst file removals by means of debugfs_use_file_start() and debugfs_use_file_finish(). Make debugfs_create_blob() create its files in non-proxying operation mode by means of debugfs_create_file_unsafe(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 83b711cbf4ff42a9996c5f092762b3967d307d73) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 8a548bee1b3d..2e86d66f7850 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -842,8 +842,15 @@ static ssize_t read_file_blob(struct file *file, char __user *user_buf, size_t count, loff_t *ppos) { struct debugfs_blob_wrapper *blob = file->private_data; - return simple_read_from_buffer(user_buf, count, ppos, blob->data, - blob->size); + ssize_t r; + int srcu_idx; + + r = debugfs_use_file_start(F_DENTRY(file), &srcu_idx); + if (likely(!r)) + r = simple_read_from_buffer(user_buf, count, ppos, blob->data, + blob->size); + debugfs_use_file_finish(srcu_idx); + return r; } static const struct file_operations fops_blob = { @@ -880,7 +887,7 @@ struct dentry *debugfs_create_blob(const char *name, umode_t mode, struct dentry *parent, struct debugfs_blob_wrapper *blob) { - return debugfs_create_file(name, mode, parent, blob, &fops_blob); + return debugfs_create_file_unsafe(name, mode, parent, blob, &fops_blob); } EXPORT_SYMBOL_GPL(debugfs_create_blob); From patchwork Fri Jun 19 16:50:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313201 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxn2Qx0zB4Cs; Sat, 20 Jun 2020 02:53:01 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKG8-0000Sy-RP; Fri, 19 Jun 2020 16:52:56 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEe-0007Wg-NV for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:24 +0000 Received: from mail-il1-f198.google.com ([209.85.166.198]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEc-0006SR-Hu for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:22 +0000 Received: by mail-il1-f198.google.com with SMTP id v14so6872504ilo.19 for ; Fri, 19 Jun 2020 09:51:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=hyVHJKie/5Sw3NQbB0E04ssa1p3ARWri39eh4JiTFU8=; b=duXajKs3cMVsOEEwpKhtIcYNLu7aY5uXNIDPOArJYWMSbYC58Wq8tEDXL56Kat0UJe i3MnOjk1mxbfMDB8tlofLc36n7rRsTUF57LUliM00SeEy6JT4xhOdMgNw9FfNlFblLlG 0gmB1Mh2djnv8eLNyELqPnCFHTiXjwdiF+Mi/L9/MHBKgn9Opd36JDC0fdG2LOnmJTEj I2ySRy2oV5+zl6TfIpPN5TMquM+h2LJHUlhrAXfhBPmd9JaahaBQecsfqXJqGr6IL5Hk MUXiz/VnRFtJ0MydqLyj7kp0JFn/D4/W6OSa2frjJVbVVwmmFw72jN5IQOI0XVPkKF/g K8jg== X-Gm-Message-State: AOAM5318lqgd0+phxzSjyy9aKwQL/5hPvXegu/r70nT+Y/+drTKP+wKo 212j/8ne3RCZEpNKmNoKTmOu2EGY04gUXq+gTezqFRg8yzCNQnSf0ftbvUSxxbMT0tLyoZ1gFfS 27WMGIEB9HyvKvUrNIv0rWtCfmZKFhb9ZEK8iYX+gvA== X-Received: by 2002:a6b:c992:: with SMTP id z140mr5335446iof.54.1592585481141; Fri, 19 Jun 2020 09:51:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJygwEyuLkMECC8VTVZqcwghKq4kuV4VEnGLgJeja0HLB09VHDytb21cZBOl3YVz/8Y/G4l28A== X-Received: by 2002:a6b:c992:: with SMTP id z140mr5335420iof.54.1592585480832; Fri, 19 Jun 2020 09:51:20 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id n7sm3362011ile.76.2020.06.19.09.51.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:18 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 54/57][X] debugfs: unproxify files created through debugfs_create_u32_array() Date: Fri, 19 Jun 2020 11:50:07 -0500 Message-Id: <20200619165010.645925-55-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 The struct file_operations u32_array_fops associated with files created through debugfs_create_u32_array() has been lifetime aware already: everything needed for subsequent operation is copied to a ->f_private buffer at file opening time in u32_array_open(). Now, ->open() is always protected against file removal issues by the debugfs core. There is no need for the debugfs core to wrap the u32_array_fops with a file lifetime managing proxy. Make debugfs_create_u32_array() create its files in non-proxying operation mode by means of debugfs_create_file_unsafe(). Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit c4a74f63dfd2e75e7d40a9aaa4052b0ef26e617c) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 2e86d66f7850..9c1c9a01b7e5 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -992,7 +992,8 @@ struct dentry *debugfs_create_u32_array(const char *name, umode_t mode, data->array = array; data->elements = elements; - return debugfs_create_file(name, mode, parent, data, &u32_array_fops); + return debugfs_create_file_unsafe(name, mode, parent, data, + &u32_array_fops); } EXPORT_SYMBOL_GPL(debugfs_create_u32_array); From patchwork Fri Jun 19 16:50:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313196 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxf044yzB4CT; Sat, 20 Jun 2020 02:52:53 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKG0-0000JS-CZ; Fri, 19 Jun 2020 16:52:48 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEj-0007bU-OZ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:29 +0000 Received: from mail-il1-f197.google.com ([209.85.166.197]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEi-0006Sq-ND for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:28 +0000 Received: by mail-il1-f197.google.com with SMTP id o12so6897513ilf.6 for ; Fri, 19 Jun 2020 09:51:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GW8aNucHHFLoEUw3v2p4Pf8Cy1GhbghS0McjHxyj78c=; b=Xn0Oz+qfN4WDkCbZ9xVGxIk3/LOXBxy9ywE5yMCOPktVf6K4UvggLj1tDL5/0C+lps tLLtZMN6W4qYQGX3ZLaUXd/eNZLzZ3GJvygHk8kxcZVsmQGvR/e+UoxLmDPN1ye7eIcM Cku2YueWK+bfJzSCGK/NjP4yTwO/2SfKhZoDTJVcxRuSftHlQVx+4hH9b1s0A4sIB/qu 7tCSms5IakuL20EQ3pGoL8FfAFfAhK9t1ntisoByvYJCaITKGKw5Zjw2dr0mbl/RT5le KKhbOqNT49cV9EO7idiz6fQjGq2aOFYXMldVD67kdtQokho/PkW8e8K4I+d7HEcrxPoY +4nQ== X-Gm-Message-State: AOAM531sMaJsntzcTFK3UyDkAtFoAzSO71e/W9PVPmHYY9TJiFC6Vqiv sPXBKCKwC45OmNuzajsGLKou+ekSb4Jf0D503KpAj1MAir7CLBIYcy+sx9IP5yn73Iiuayb4W/D bPzLZWb/FU1khy2hVweEo4xRxHiMZ3rouxLLEpYvjNQ== X-Received: by 2002:a92:ca92:: with SMTP id t18mr4780035ilo.132.1592585487576; Fri, 19 Jun 2020 09:51:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyBK/s0I6JCKTTITXs8l5IXUUVbH3IA4NBBR44LyhUHb/lGDqzSx1fT/IYgW7TVt4lR6Coftg== X-Received: by 2002:a92:ca92:: with SMTP id t18mr4780015ilo.132.1592585487348; Fri, 19 Jun 2020 09:51:27 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id k5sm3353579ili.80.2020.06.19.09.51.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:23 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 55/57][X] debugfs: full_proxy_open(): free proxy on ->open() failure Date: Fri, 19 Jun 2020 11:50:08 -0500 Message-Id: <20200619165010.645925-56-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Debugfs' full_proxy_open(), the ->open() installed at all inodes created through debugfs_create_file(), - grabs a reference to the original struct file_operations instance passed to debugfs_create_file(), - dynamically allocates a proxy struct file_operations instance wrapping the original - and installs this at the file's ->f_op. Afterwards, it calls the original ->open() and passes its return value back to the VFS layer. Now, if that return value indicates failure, the VFS layer won't ever call ->release() and thus, neither the reference to the original file_operations nor the memory for the proxy file_operations will get released, i.e. both are leaked. Upon failure of the original fops' ->open(), undo the proxy installation. That is: - Set the struct file ->f_op to what it had been when full_proxy_open() was entered. - Drop the reference to the original file_operations. - Free the memory holding the proxy file_operations. Fixes: 49d200deaa68 ("debugfs: prevent access to removed files' private data") Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit b10e3e90485e32e4cea9e35d2295ee7bffaeff73) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 9c1c9a01b7e5..d1ec80331414 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -262,8 +262,10 @@ static int full_proxy_open(struct inode *inode, struct file *filp) if (real_fops->open) { r = real_fops->open(inode, filp); - - if (filp->f_op != proxy_fops) { + if (r) { + replace_fops(filp, d_inode(dentry)->i_fop); + goto free_proxy; + } else if (filp->f_op != proxy_fops) { /* No protection against file removal anymore. */ WARN(1, "debugfs file owner replaced proxy fops: %pd", dentry); From patchwork Fri Jun 19 16:50:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313202 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxs66fLzB4CS; Sat, 20 Jun 2020 02:53:05 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKGC-0000Wm-16; Fri, 19 Jun 2020 16:53:00 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEm-0007d4-RZ for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:32 +0000 Received: from mail-io1-f71.google.com ([209.85.166.71]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEl-0006Sy-1T for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:31 +0000 Received: by mail-io1-f71.google.com with SMTP id b11so7186858ioh.22 for ; Fri, 19 Jun 2020 09:51:30 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=iXVclPAD8uNllTdfblB19QyRLXGDcDn+13nF6xefZYo=; b=FZuQRRwWuWwvh6qXNHeUuQ5tD08lC+MDUtNlqBRI68/nAq5se58AXjbRJ7lBT8evm6 DyTNCoDha4PMmfm7NtE7RaY4oFMauDDwCyjsfnEX8lt8olggIc6lZC8mk1TZnSg1f1lo K59yacCl4kczZ6NIOVYCVfHe9KdKPE+zuGwqGyOc4l47QcxJOHlAfUr1EEw+asV2kW2W hcA9pfA4ZUKixZc2RsWkXvYDBIb9oG/DOXsuQ6BCwrcP2+786j+fat8+hA44kasKEpSF dK8Zr8x9TGRw4ZZzF0/t/+/LDMXOdrk2aoWrfcSTYxH9tJWKgreRhNHMxB54/3RORKhE VXkw== X-Gm-Message-State: AOAM532mFQSiXMDAB5ukjKO3Y+uNRQ4uStPVs645sYVGDH2aqFydczNg raTAMp44TxgSHqlpQOZYzB2QVGwm16rsyWWaCn+XsgAuouLjdIxLwhzmSxlPcx7WgmRn+ZNrQF0 oM76OyJBvEn/f/5guQ4+j72kmywd507P4dc/syl7Lfg== X-Received: by 2002:a02:a68b:: with SMTP id j11mr4687608jam.128.1592585489636; Fri, 19 Jun 2020 09:51:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx6C7zVjINuABAG/GfdgPpJoO2mtvQv4T83QDMS91knPVYaI8Ap+ZB8f9gWKjkdgVysXXeuRg== X-Received: by 2002:a02:a68b:: with SMTP id j11mr4687584jam.128.1592585489324; Fri, 19 Jun 2020 09:51:29 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id u20sm3702869iom.30.2020.06.19.09.51.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:28 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 56/57][X] debugfs: open_proxy_open(): avoid double fops release Date: Fri, 19 Jun 2020 11:50:09 -0500 Message-Id: <20200619165010.645925-57-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: Nicolai Stange BugLink: https://bugs.launchpad.net/bugs/1884159 Debugfs' open_proxy_open(), the ->open() installed at all inodes created through debugfs_create_file_unsafe(), - grabs a reference to the original file_operations instance passed to debugfs_create_file_unsafe() via fops_get(), - installs it at the file's ->f_op by means of replace_fops() - and calls fops_put() on it. Since the semantics of replace_fops() are such that the reference's ownership is transferred, the subsequent fops_put() will result in a double release when the file is eventually closed. Currently, this is not an issue since fops_put() basically does a module_put() on the file_operations' ->owner only and there don't exist any modules calling debugfs_create_file_unsafe() yet. This is expected to change in the future though, c.f. commit c64688081490 ("debugfs: add support for self-protecting attribute file fops"). Remove the call to fops_put() from open_proxy_open(). Fixes: 9fd4dcece43a ("debugfs: prevent access to possibly dead file_operations at file open") Signed-off-by: Nicolai Stange Signed-off-by: Greg Kroah-Hartman (cherry picked from commit 75f0b68b75dabb3ff551440163fd67b3fc62901a) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index d1ec80331414..592059f88e04 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -127,7 +127,6 @@ static int open_proxy_open(struct inode *inode, struct file *filp) r = real_fops->open(inode, filp); out: - fops_put(real_fops); debugfs_use_file_finish(srcu_idx); return r; } From patchwork Fri Jun 19 16:50:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Seth Forshee X-Patchwork-Id: 1313203 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 49pPxv0QcfzB4Cd; Sat, 20 Jun 2020 02:53:07 +1000 (AEST) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jmKGD-0000Yh-VB; Fri, 19 Jun 2020 16:53:02 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEn-0007dy-UH for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:34 +0000 Received: from mail-il1-f199.google.com ([209.85.166.199]) by youngberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jmKEm-0006T2-JD for kernel-team@lists.ubuntu.com; Fri, 19 Jun 2020 16:51:32 +0000 Received: by mail-il1-f199.google.com with SMTP id w65so6876336ilk.14 for ; Fri, 19 Jun 2020 09:51:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=roBK7cpLNQtrnpZr2CAYrqD8UQ+4lo5VUZHRSmMqhRM=; b=tVlOucIjjYaED8xjq4s7/vWbCkqH93b58yMghD0mYTH4HrKmQ/+teAm5QDig59xsMf ECdEul1IZRU7vqgHqdgSIgKzGnkMdEfAkj2+b/PjWh0qKiDDj7lBXOmEki7ciz6fnOwM /pqVDnYbluCXBuSG5ZDWWDm+sA+6j0dkU4rR0VoCyomSyIFvZaxmoBHDlx4ZTjyIGj31 gxIJXMc4jnRhZngRqT7aG0kbBWHiQ/EsqAP1FHTiz/FGLbw1DXz20RUESKA9GAtu7i2w Qglv0OE+uQKJi19OO6LUKmZltG0pCAkAX6Pv2TSY5iKr4O2Ppj+4yEcmHwUMSgFVePne EAww== X-Gm-Message-State: AOAM530tfHBRu/YRuypKGyWaPQ4F6HzpmOjmMKKreZMrUFROOGuwOiwE OctXB210T6tByw/8tzky+2HWu0TQwvUCUdSaphxdxYDP6VtkVe5OrZxX3KuQ5qgVu0REu0/23wk cubeZ2RSudaInLtTMTrOG3MDOIqQIO5sDmuRFpuvGMg== X-Received: by 2002:a92:2906:: with SMTP id l6mr4630987ilg.105.1592585491260; Fri, 19 Jun 2020 09:51:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxTSYZR+pjRUTYcgNZ30UZL9dwrE6OYReiVaqVaxPzZeAxUkdNognyXhBsYMaYea+Dsi2aVUw== X-Received: by 2002:a92:2906:: with SMTP id l6mr4630975ilg.105.1592585491062; Fri, 19 Jun 2020 09:51:31 -0700 (PDT) Received: from localhost ([2605:a601:ac0f:820:f090:1573:c2fc:6389]) by smtp.gmail.com with ESMTPSA id a13sm3525570ill.51.2020.06.19.09.51.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Jun 2020 09:51:30 -0700 (PDT) From: Seth Forshee To: kernel-team@lists.ubuntu.com Subject: [PATCH v2 57/57][X] UBUNTU: SAUCE: (efi-lockdown) debugfs: Disallow use of debugfs files when the kernel is locked down Date: Fri, 19 Jun 2020 11:50:10 -0500 Message-Id: <20200619165010.645925-58-seth.forshee@canonical.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619165010.645925-1-seth.forshee@canonical.com> References: <20200619165010.645925-1-seth.forshee@canonical.com> MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" From: David Howells BugLink: https://bugs.launchpad.net/bugs/1884159 Disallow opening of debugfs files when the kernel is locked down as various drivers give raw access to hardware through debugfs. Accesses to tracefs should use /sys/kernel/tracing/ rather than /sys/kernel/debug/tracing/. Possibly a symlink should be emplaced. Normal device interaction should be done through configfs or a miscdev, not debugfs. Note that this makes it unnecessary to specifically lock down show_dsts(), show_devs() and show_call() in the asus-wmi driver. Signed-off-by: David Howells cc: Andy Shevchenko cc: acpi4asus-user@lists.sourceforge.net cc: platform-driver-x86@vger.kernel.org cc: Matthew Garrett cc: Thomas Gleixner (backported from commit 125da2e1c5d0a6aca5faafba336c8e8506a4e000 git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git) Signed-off-by: Seth Forshee --- fs/debugfs/file.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 592059f88e04..98521a791504 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -106,6 +106,9 @@ static int open_proxy_open(struct inode *inode, struct file *filp) const struct file_operations *real_fops = NULL; int srcu_idx, r; + if (secure_modules()) + return -EPERM; + r = debugfs_use_file_start(dentry, &srcu_idx); if (r) { r = -ENOENT; @@ -235,6 +238,9 @@ static int full_proxy_open(struct inode *inode, struct file *filp) struct file_operations *proxy_fops = NULL; int srcu_idx, r; + if (secure_modules()) + return -EPERM; + r = debugfs_use_file_start(dentry, &srcu_idx); if (r) { r = -ENOENT;