| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 9 Jun 2021 10:31:08 +0900
From: William Breathitt Gray <vilhelm.gray@...il.com>
To: jic23@...nel.org
Cc: linux-stm32@...md-mailman.stormreply.com, kernel@...gutronix.de,
a.fatoum@...gutronix.de, kamel.bouhara@...tlin.com,
gwendal@...omium.org, alexandre.belloni@...tlin.com,
david@...hnology.com, linux-iio@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
syednwaris@...il.com, patrick.havelange@...ensium.com,
fabrice.gasnier@...com, mcoquelin.stm32@...il.com,
alexandre.torgue@...com, o.rempel@...gutronix.de,
jarkko.nikula@...ux.intel.com,
William Breathitt Gray <vilhelm.gray@...il.com>
Subject: [PATCH v11 05/33] counter: 104-quad-8: Annotate hardware config module parameter
When the kernel is running in secure boot mode, we lock down the kernel to
prevent userspace from modifying the running kernel image. Whilst this
includes prohibiting access to things like /dev/mem, it must also prevent
access by means of configuring driver modules in such a way as to cause a
device to access or modify the kernel image.
To this end, annotate module_param* statements that refer to hardware
configuration and indicate for future reference what type of parameter they
specify. The parameter parser in the core sees this information and can
skip such parameters with an error message if the kernel is locked down.
The module initialisation then runs as normal, but just sees whatever the
default values for those parameters is.
Note that we do still need to do the module initialisation because some
drivers have viable defaults set in case parameters aren't specified and
some drivers support automatic configuration (e.g. PNP or PCI) in addition
to manually coded parameters.
This patch annotates the 104-QUAD-8 driver.
Acked-by: Syed Nayyar Waris <syednwaris@...il.com>
Signed-off-by: William Breathitt Gray <vilhelm.gray@...il.com>
---
drivers/counter/104-quad-8.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/counter/104-quad-8.c b/drivers/counter/104-quad-8.c
index 233a3acc1377..0fd61cc82d30 100644
--- a/drivers/counter/104-quad-8.c
+++ b/drivers/counter/104-quad-8.c
@@ -21,7 +21,7 @@
static unsigned int base[max_num_isa_dev(QUAD8_EXTENT)];
static unsigned int num_quad8;
-module_param_array(base, uint, &num_quad8, 0);
+module_param_hw_array(base, uint, ioport, &num_quad8, 0);
MODULE_PARM_DESC(base, "ACCES 104-QUAD-8 base addresses");
#define QUAD8_NUM_COUNTERS 8
--
2.32.0
Powered by blists - more mailing lists