1. 05 Apr, 2017 21 commits
    • David Howells's avatar
      Annotate hardware config module parameters in fs/pstore/ · b68845c3
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in fs/pstore/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Anton Vorontsov <anton@enomsg.org>
      cc: Colin Cross <ccross@android.com>
      cc: Kees Cook <keescook@chromium.org>
      cc: Tony Luck <tony.luck@intel.com>
      b68845c3
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/watchdog/ · 66640382
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/watchdog/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Reviewed-by: default avatarGuenter Roeck <linux@roeck-us.net>
      cc: Wim Van Sebroeck <wim@iguana.be>
      cc: Zwane Mwaikambo <zwanem@gmail.com>
      cc: linux-watchdog@vger.kernel.org
      66640382
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/video/ · 1692fe8e
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/video/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Jaya Kumar <jayalk@intworks.biz>
      cc: Tomi Valkeinen <tomi.valkeinen@ti.com>
      cc: linux-fbdev@vger.kernel.org
      1692fe8e
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/tty/ · 87194408
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/tty/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      cc: Jiri Slaby <jslaby@suse.com>
      cc: linux-serial@vger.kernel.org
      87194408
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/staging/vme/ · ae177957
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/staging/vme/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Martyn Welch <martyn@welchs.me.uk>
      cc: Manohar Vanga <manohar.vanga@gmail.com>
      cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      cc: devel@driverdev.osuosl.org
      ae177957
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/staging/speakup/ · 1f78a159
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/staging/speakup/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      cc: speakup@linux-speakup.org
      cc: devel@driverdev.osuosl.org
      1f78a159
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/staging/media/ · db33ab46
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/staging/media/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Mauro Carvalho Chehab <mchehab@kernel.org>
      cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      cc: linux-media@vger.kernel.org
      cc: devel@driverdev.osuosl.org
      db33ab46
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/scsi/ · e3d65178
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/scsi/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: "Juergen E. Fischer" <fischer@norbit.de>
      cc: "James E.J. Bottomley" <jejb@linux.vnet.ibm.com>
      cc: "Martin K. Petersen" <martin.petersen@oracle.com>
      cc: Dario Ballabio <ballabio_dario@emc.com>
      cc: Finn Thain <fthain@telegraphics.com.au>
      cc: Michael Schmitz <schmitzmic@gmail.com>
      cc: Achim Leubner <achim_leubner@adaptec.com>
      cc: linux-scsi@vger.kernel.org
      e3d65178
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/pcmcia/ · abc3baae
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/pcmcia/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: linux-pcmcia@lists.infradead.org
      abc3baae
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/pci/hotplug/ · 683739ab
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/pci/hotplug/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarBjorn Helgaas <bhelgaas@google.com>
      cc: Scott Murray <scott@spiteful.org>
      cc: linux-pci@vger.kernel.org
      683739ab
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/parport/ · e2450282
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/parport/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
      e2450282
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/wireless/ · 8108f1c7
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/wireless/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Kalle Valo <kvalo@codeaurora.org>
      cc: linux-wireless@vger.kernel.org
      cc: netdev@vger.kernel.org
      8108f1c7
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/wan/ · ded1b99e
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/wan/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: "Jan \"Yenya\" Kasprzak" <kas@fi.muni.cz>
      cc: netdev@vger.kernel.org
      ded1b99e
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/irda/ · b14425b5
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/irda/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Samuel Ortiz <samuel@sortiz.org>
      cc: netdev@vger.kernel.org
      b14425b5
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/hamradio/ · 2bf23e0f
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/hamradio/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Thomas Sailer <t.sailer@alumni.ethz.ch>
      cc: Joerg Reuter <jreuter@yaina.de>
      cc: linux-hams@vger.kernel.org
      cc: netdev@vger.kernel.org
      2bf23e0f
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/ethernet/ · 36f7a604
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/ethernet/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Steffen Klassert <klassert@mathematik.tu-chemnitz.de>
      cc: Jaroslav Kysela <perex@perex.cz>
      cc: netdev@vger.kernel.org
      cc: linux-parisc@vger.kernel.org
      36f7a604
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/can/ · 062a92af
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/can/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarMarc Kleine-Budde <mkl@pengutronix.de>
      cc: Wolfgang Grandegger <wg@grandegger.com>
      cc: linux-can@vger.kernel.org
      cc: netdev@vger.kernel.org
      062a92af
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/arcnet/ · 7606cd50
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/arcnet/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Michael Grzeschik <m.grzeschik@pengutronix.de>
      cc: netdev@vger.kernel.org
      7606cd50
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/net/appletalk/ · 78e66f19
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/net/appletalk/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
      cc: netdev@vger.kernel.org
      78e66f19
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/mmc/host/ · eddcdc1b
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/mmc/host/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Pierre Ossman <pierre@ossman.eu>
      cc: Ulf Hansson <ulf.hansson@linaro.org>
      cc: linux-mmc@vger.kernel.org
      eddcdc1b
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/misc/ · 78c42a67
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/misc/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Arnd Bergmann <arnd@arndb.de>
      cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      78c42a67
  2. 04 Apr, 2017 13 commits
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/media/ · 9e256c58
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/media/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Mauro Carvalho Chehab <mchehab@kernel.org>
      cc: mjpeg-users@lists.sourceforge.net
      cc: linux-media@vger.kernel.org
      9e256c58
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/isdn/ · 79685191
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/isdn/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Karsten Keil <isdn@linux-pingi.de>
      cc: netdev@vger.kernel.org
      79685191
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/input/ · 5b90489e
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/input/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarDmitry Torokhov <dmitry.torokhov@gmail.com>
      cc: linux-input@vger.kernel.org
      5b90489e
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/iio/ · 104ad466
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/iio/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarWilliam Breathitt Gray <vilhelm.gray@gmail.com>
      Acked-by: default avatarJonathan Cameron <jic23@kernel.org>
      cc: linux-iio@vger.kernel.org
      104ad466
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/i2c/ · e03e00c1
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/i2c/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Wolfram Sang <wsa@the-dreams.de>
      cc: Jean Delvare <jdelvare@suse.com>
      cc: linux-i2c@vger.kernel.org
      e03e00c1
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/gpio/ · fc57a891
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/gpio/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatarWilliam Breathitt Gray <vilhelm.gray@gmail.com>
      Acked-by: default avatarLinus Walleij <linus.walleij@linaro.org>
      cc: Alexandre Courbot <gnurou@gmail.com>
      cc: linux-gpio@vger.kernel.org
      fc57a891
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/cpufreq/ · 889dc5a7
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/cpufreq/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Acked-by: default avatar"Rafael J. Wysocki" <rjw@rjwysocki.net>
      cc: Viresh Kumar <viresh.kumar@linaro.org>
      cc: linux-pm@vger.kernel.org
      889dc5a7
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/clocksource/ · 8a3dad31
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/clocksource/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Daniel Lezcano <daniel.lezcano@linaro.org>
      cc: Thomas Gleixner <tglx@linutronix.de>
      cc: linux-kernel@vger.kernel.org
      8a3dad31
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/char/ · 3a5a43a8
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/char/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Arnd Bergmann <arnd@arndb.de>
      cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
      3a5a43a8
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/char/mwave/ · 70f233e8
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/char/mwave/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      70f233e8
    • David Howells's avatar
      Annotate hardware config module parameters in drivers/char/ipmi/ · a72157f0
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in drivers/char/ipmi/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      Reviewed-by: default avatarCorey Minyard <cminyard@mvista.com>
      cc: openipmi-developer@lists.sourceforge.net
      a72157f0
    • David Howells's avatar
      Annotate hardware config module parameters in arch/x86/mm/ · 89a35b5d
      David Howells authored
      When the kernel is running in secure boot mode, we lock down the kernel to
      prevent userspace from modifying the running kernel image.  Whilst this
      includes prohibiting access to things like /dev/mem, it must also prevent
      access by means of configuring driver modules in such a way as to cause a
      device to access or modify the kernel image.
      
      To this end, annotate module_param* statements that refer to hardware
      configuration and indicate for future reference what type of parameter they
      specify.  The parameter parser in the core sees this information and can
      skip such parameters with an error message if the kernel is locked down.
      The module initialisation then runs as normal, but just sees whatever the
      default values for those parameters is.
      
      Note that we do still need to do the module initialisation because some
      drivers have viable defaults set in case parameters aren't specified and
      some drivers support automatic configuration (e.g. PNP or PCI) in addition
      to manually coded parameters.
      
      This patch annotates drivers in arch/x86/mm/.
      Suggested-by: default avatarAlan Cox <gnomes@lxorguk.ukuu.org.uk>
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      cc: Steven Rostedt <rostedt@goodmis.org>
      cc: Ingo Molnar <mingo@kernel.org>
      cc: Thomas Gleixner <tglx@linutronix.de>
      cc: "H. Peter Anvin" <hpa@zytor.com>
      cc: x86@kernel.org
      cc: linux-kernel@vger.kernel.org
      cc: nouveau@lists.freedesktop.org
      89a35b5d
    • David Howells's avatar
      Annotate module params that specify hardware parameters (eg. ioport) · bf616d21
      David Howells authored
      Provided an annotation for module parameters that specify hardware
      parameters (such as io ports, iomem addresses, irqs, dma channels, fixed
      dma buffers and other types).
      
      This will enable such parameters to be locked down in the core parameter
      parser for secure boot support.
      
      I've also included annotations as to what sort of hardware configuration
      each module is dealing with for future use.  Some of these are
      straightforward (ioport, iomem, irq, dma), but there are also:
      
       (1) drivers that switch the semantics of a parameter between ioport and
           iomem depending on a second parameter,
      
       (2) drivers that appear to reserve a CPU memory buffer at a fixed address,
      
       (3) other parameters, such as bus types and irq selection bitmasks.
      
      For the moment, the hardware configuration type isn't actually stored,
      though its validity is checked.
      Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
      bf616d21
  3. 03 Apr, 2017 2 commits
  4. 30 Mar, 2017 1 commit
  5. 28 Mar, 2017 2 commits
    • Tetsuo Handa's avatar
      LSM: Revive security_task_alloc() hook and per "struct task_struct" security blob. · e4e55b47
      Tetsuo Handa authored
      We switched from "struct task_struct"->security to "struct cred"->security
      in Linux 2.6.29. But not all LSM modules were happy with that change.
      TOMOYO LSM module is an example which want to use per "struct task_struct"
      security blob, for TOMOYO's security context is defined based on "struct
      task_struct" rather than "struct cred". AppArmor LSM module is another
      example which want to use it, for AppArmor is currently abusing the cred
      a little bit to store the change_hat and setexeccon info. Although
      security_task_free() hook was revived in Linux 3.4 because Yama LSM module
      wanted to release per "struct task_struct" security blob,
      security_task_alloc() hook and "struct task_struct"->security field were
      not revived. Nowadays, we are getting proposals of lightweight LSM modules
      which want to use per "struct task_struct" security blob.
      
      We are already allowing multiple concurrent LSM modules (up to one fully
      armored module which uses "struct cred"->security field or exclusive hooks
      like security_xfrm_state_pol_flow_match(), plus unlimited number of
      lightweight modules which do not use "struct cred"->security nor exclusive
      hooks) as long as they are built into the kernel. But this patch does not
      implement variable length "struct task_struct"->security field which will
      become needed when multiple LSM modules want to use "struct task_struct"->
      security field. Although it won't be difficult to implement variable length
      "struct task_struct"->security field, let's think about it after we merged
      this patch.
      Signed-off-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
      Acked-by: default avatarJohn Johansen <john.johansen@canonical.com>
      Acked-by: default avatarSerge Hallyn <serge@hallyn.com>
      Acked-by: default avatarCasey Schaufler <casey@schaufler-ca.com>
      Tested-by: default avatarDjalal Harouni <tixxdz@gmail.com>
      Acked-by: default avatarJosé Bollo <jobol@nonadev.net>
      Cc: Paul Moore <paul@paul-moore.com>
      Cc: Stephen Smalley <sds@tycho.nsa.gov>
      Cc: Eric Paris <eparis@parisplace.org>
      Cc: Kees Cook <keescook@chromium.org>
      Cc: James Morris <james.l.morris@oracle.com>
      Cc: José Bollo <jobol@nonadev.net>
      Signed-off-by: default avatarJames Morris <james.l.morris@oracle.com>
      e4e55b47
    • James Morris's avatar
      840c91dc
  6. 26 Mar, 2017 1 commit