Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751745AbdDNL1V (ORCPT ); Fri, 14 Apr 2017 07:27:21 -0400 Received: from mailout4.samsung.com ([203.254.224.34]:35014 "EHLO mailout4.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751323AbdDNL1R (ORCPT ); Fri, 14 Apr 2017 07:27:17 -0400 X-AuditID: b6c32a2c-f79be6d0000051f7-58-58f0b21161f0 From: Bartlomiej Zolnierkiewicz To: David Howells Cc: linux-kernel@vger.kernel.org, gnomes@lxorguk.ukuu.org.uk, linux-fbdev@vger.kernel.org, gregkh@linuxfoundation.org, linux-security-module@vger.kernel.org, Tomi Valkeinen , keyrings@vger.kernel.org, Jaya Kumar Subject: Re: [PATCH 32/38] Annotate hardware config module parameters in drivers/video/ Date: Fri, 14 Apr 2017 13:27:11 +0200 Message-id: <1776542.mxlLkUsWmV@amdc3058> User-Agent: KMail/4.13.3 (Linux/3.13.0-96-generic; KDE/4.13.3; x86_64; ; ) In-reply-to: <149141169417.29162.14993661679501972758.stgit@warthog.procyon.org.uk> MIME-version: 1.0 Content-transfer-encoding: 7Bit Content-type: text/plain; charset=us-ascii X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrIKsWRmVeSWpSXmKPExsWy7bCmuq7Qpg8RBjNXsVi8a/rNYjFpyl82 i+bF69ksph37x2Sx9U4Tm8WJvg+sFpd3zWGz+NDziM1i/fxbbA6cHtua97F67J+7ht2j9eQm Vo/3+66yeRy/sZ3J4/MmuQC2KC6blNSczLLUIn27BK6Mzjf9zAULeCrO3z/G2MDYwdXFyMkh IWAiceD1VFYIW0ziwr31bCC2kMBSRon2zzldjFxAdjuTxN7pF9hgGj7dPsgGkZjDKPH7/C0o 5yujxMXL8xlBqtgErCQmtq8Cs0UE1CUeLdvIDFLELNDBJLFtzTmgfRwcwgKREtf/6IOYLAKq EqcaNUDKeQU0JSbs7mIBsUUFvCS27GtnArE5BUIlGve9ZIeoEZT4MfkeWA2zgLzEvv0QHzAL 6EicPbaOEWSVhMA+dok5zQuZQOZLCMhKbDrADPGAi8Tap11MELawxKvjW9ghbGmJv0tvMULY 0xkltv+WgJizmVFi1e4JUEXWEoePX4RaxifR+/sJ1HxeiY42IYgSD4klF2dClTtKLHt6ggkS Pu8YJQ7/6GGbwCg/C8kPs5D8MAvJDwsYmVcxiqUWFOempxabFhjqFSfmFpfmpesl5+duYgQn HC2dHYz3FngfYhTgYFTi4d2Q8CFCiDWxrLgy9xCjBAezkghv1zqgEG9KYmVValF+fFFpTmrx IUZpDhYlcV6NldcihATSE0tSs1NTC1KLYLJMHJxSDYxz7mpt3Dnn36H/+glTv+qv5eKs/jjT 6GeoGOse88Qrz+oruT4VtnRIFt61zSizdZWpUplSOC1d4qvlm2nKIjqMvysrxbQ+cOlN36C3 ryKX+2ejv4mnw2PB2b+7Io41bFYSnVLwMpZvhkY190GlszO899xof/pmecyqikln2H0+N+go q9a/+KbEUpyRaKjFXFScCABvs70bNAMAAA== X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrIIsWRmVeSWpSXmKPExsVy+t9jQV3BTR8iDL51GFq8a/rNYjFpyl82 i+bF69ksph37x2Sx9U4Tm8WJvg+sFpd3zWGz+NDziM1i/fxbbA6cHtua97F67J+7ht2j9eQm Vo/3+66yeRy/sZ3J4/MmuQC2KDebjNTElNQihdS85PyUzLx0W6XQEDddCyWFvMTcVFulCF3f kCAlhbLEnFIgz8gADTg4B7gHK+nbJbhldL7pZy5YwFNx/v4xxgbGDq4uRk4OCQETiU+3D7JB 2GISF+6tB7K5OIQEZjFKLJp8lh3C+coocfTKCxaQKjYBK4mJ7asYQWwRAXWJR8s2MoPYzAJt TBKz7+Z1MXJwCAtESlz/ow9isgioSpxq1ACp4BXQlJiwuwtsiqiAl8SWfe1MICWcAqESXf3q IGEhgTmMEq+P1kCUC0r8mHyPBWK4vMS+/VNZIWwtifU7jzNNYAS6EaFsFpKyWUjKFjAyr2KU SC1ILihOSs81ykst1ytOzC0uzUvXS87P3cQIjr5n0jsYD+9yP8QowMGoxMMbUfs+Qog1say4 MvcQowQHs5IIb9e6DxFCvCmJlVWpRfnxRaU5qcWHGE2B3pvILCWanA9MDHkl8YYm5ibmxgYW 5paWJkZK4ryNs5+FCwmkJ5akZqemFqQWwfQxcXBKNTCK6rT8P7hvmrkB62ZrPW3DhS8u/hSa rN/MP5ltrlGkuewH0dNzos9zR96NqHwdnr6NS7JNaNfGvdf3btX0utjPMMd6wV65oLMGD+cb Ktopx23NeWxv4Pc/+Z2X5AauyQ8mTzu2IlNlX3qCsebVxEihq1I3HaVk/VsZd5esML7w++vd p3EsdoxKLMUZiYZazEXFiQCibOC21AIAAA== X-MTR: 20000000000000000@CPGS X-CMS-MailID: 20170414112713epcas5p218f3663e4f0ea4ca1bfaf4155d4724c8 X-Msg-Generator: CA X-Sender-IP: 203.254.230.27 X-Local-Sender: =?UTF-8?B?QmFydGxvbWllaiBab2xuaWVya2lld2ljehtTUlBPTC1LZXJu?= =?UTF-8?B?ZWwgKFRQKRvsgrzshLHsoITsnpAbU2VuaW9yIFNvZnR3YXJlIEVuZ2luZWVy?= X-Global-Sender: =?UTF-8?B?QmFydGxvbWllaiBab2xuaWVya2lld2ljehtTUlBPTC1LZXJu?= =?UTF-8?B?ZWwgKFRQKRtTYW1zdW5nIEVsZWN0cm9uaWNzG1NlbmlvciBTb2Z0d2FyZSBF?= =?UTF-8?B?bmdpbmVlcg==?= X-Sender-Code: =?UTF-8?B?QzEwG0VIURtDMTBDRDAyQ0QwMjczOTI=?= CMS-TYPE: 105P X-HopCount: 7 X-CMS-RootMailID: 20170414112713epcas5p218f3663e4f0ea4ca1bfaf4155d4724c8 X-RootMTR: 20170414112713epcas5p218f3663e4f0ea4ca1bfaf4155d4724c8 References: <149141141298.29162.5612793122429261720.stgit@warthog.procyon.org.uk> <149141169417.29162.14993661679501972758.stgit@warthog.procyon.org.uk> Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1532 Lines: 34 On Wednesday, April 05, 2017 06:01:34 PM David Howells wrote: > When the kernel is running in secure boot mode, we lock down the kernel to > prevent userspace from modifying the running kernel image. Whilst this > includes prohibiting access to things like /dev/mem, it must also prevent > access by means of configuring driver modules in such a way as to cause a > device to access or modify the kernel image. > > To this end, annotate module_param* statements that refer to hardware > configuration and indicate for future reference what type of parameter they > specify. The parameter parser in the core sees this information and can > skip such parameters with an error message if the kernel is locked down. > The module initialisation then runs as normal, but just sees whatever the > default values for those parameters is. > > Note that we do still need to do the module initialisation because some > drivers have viable defaults set in case parameters aren't specified and > some drivers support automatic configuration (e.g. PNP or PCI) in addition > to manually coded parameters. > > This patch annotates drivers in drivers/video/. > > Suggested-by: Alan Cox > Signed-off-by: David Howells > cc: Jaya Kumar > cc: Tomi Valkeinen > cc: linux-fbdev@vger.kernel.org Acked-by: Bartlomiej Zolnierkiewicz Best regards, -- Bartlomiej Zolnierkiewicz Samsung R&D Institute Poland Samsung Electronics