Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933194AbdDEREK (ORCPT ); Wed, 5 Apr 2017 13:04:10 -0400 Received: from mx1.redhat.com ([209.132.183.28]:38196 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755542AbdDERBz (ORCPT ); Wed, 5 Apr 2017 13:01:55 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 8AC148123D Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx01.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=dhowells@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 8AC148123D Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 3798903 Subject: [PATCH 34/38] Annotate hardware config module parameters in fs/pstore/ From: David Howells To: linux-kernel@vger.kernel.org Cc: gnomes@lxorguk.ukuu.org.uk, Tony Luck , Kees Cook , gregkh@linuxfoundation.org, Anton Vorontsov , dhowells@redhat.com, linux-security-module@vger.kernel.org, keyrings@vger.kernel.org, Colin Cross Date: Wed, 05 Apr 2017 18:01:51 +0100 Message-ID: <149141171185.29162.10595534113980773776.stgit@warthog.procyon.org.uk> In-Reply-To: <149141141298.29162.5612793122429261720.stgit@warthog.procyon.org.uk> References: <149141141298.29162.5612793122429261720.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Wed, 05 Apr 2017 17:01:55 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1881 Lines: 44 When the kernel is running in secure boot mode, we lock down the kernel to prevent userspace from modifying the running kernel image. Whilst this includes prohibiting access to things like /dev/mem, it must also prevent access by means of configuring driver modules in such a way as to cause a device to access or modify the kernel image. To this end, annotate module_param* statements that refer to hardware configuration and indicate for future reference what type of parameter they specify. The parameter parser in the core sees this information and can skip such parameters with an error message if the kernel is locked down. The module initialisation then runs as normal, but just sees whatever the default values for those parameters is. Note that we do still need to do the module initialisation because some drivers have viable defaults set in case parameters aren't specified and some drivers support automatic configuration (e.g. PNP or PCI) in addition to manually coded parameters. This patch annotates drivers in fs/pstore/. Suggested-by: Alan Cox Signed-off-by: David Howells cc: Anton Vorontsov cc: Colin Cross cc: Kees Cook cc: Tony Luck --- fs/pstore/ram.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c index 11f918d34b1e..cce1d38417ca 100644 --- a/fs/pstore/ram.c +++ b/fs/pstore/ram.c @@ -58,7 +58,7 @@ module_param_named(pmsg_size, ramoops_pmsg_size, ulong, 0400); MODULE_PARM_DESC(pmsg_size, "size of user space message log"); static unsigned long long mem_address; -module_param(mem_address, ullong, 0400); +module_param_hw(mem_address, ullong, other, 0400); MODULE_PARM_DESC(mem_address, "start of reserved RAM used to store oops/panic logs");