diff --git a/debian/changelog b/debian/changelog index a2cf9e6a2..4743db41b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,7 @@ linux (4.11~rc7-1~exp1) UNRELEASED; urgency=medium [ Ben Hutchings ] * aufs: Update support patchset to aufs4.x-rcN-20170410 + * [arm64,x86] Replace securelevel patch set with lockdown patch set -- Lukas Wunner Sun, 16 Apr 2017 16:09:27 +0200 diff --git a/debian/config/arm64/config b/debian/config/arm64/config index 2be794a6c..4b6592e62 100644 --- a/debian/config/arm64/config +++ b/debian/config/arm64/config @@ -15,7 +15,7 @@ CONFIG_XEN=y CONFIG_RANDOMIZE_BASE=y CONFIG_RANDOMIZE_MODULE_REGION_FULL=y CONFIG_ARM64_ACPI_PARKING_PROTOCOL=y -CONFIG_EFI_SECURE_BOOT_SECURELEVEL=y +CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y CONFIG_COMPAT=y ## diff --git a/debian/config/config b/debian/config/config index 222ae2565..b631c6fab 100644 --- a/debian/config/config +++ b/debian/config/config @@ -6799,11 +6799,11 @@ CONFIG_SECURITY=y CONFIG_SECURITY_NETWORK=y CONFIG_SECURITY_NETWORK_XFRM=y # CONFIG_SECURITY_PATH is not set -CONFIG_SECURITY_SECURELEVEL=y # CONFIG_INTEL_TXT is not set CONFIG_LSM_MMAP_MIN_ADDR=32768 CONFIG_HARDENED_USERCOPY=y # CONFIG_HARDENED_USERCOPY_PAGESPAN is not set +CONFIG_LOCK_DOWN_KERNEL=y ## choice: Default security module CONFIG_DEFAULT_SECURITY_DAC=y ## end choice diff --git a/debian/config/kernelarch-x86/config b/debian/config/kernelarch-x86/config index dd45ec847..e7ba0dead 100644 --- a/debian/config/kernelarch-x86/config +++ b/debian/config/kernelarch-x86/config @@ -55,7 +55,7 @@ CONFIG_X86_SMAP=y CONFIG_X86_INTEL_MPX=y CONFIG_EFI=y CONFIG_EFI_STUB=y -CONFIG_EFI_SECURE_BOOT_SECURELEVEL=y +CONFIG_EFI_SECURE_BOOT_LOCK_DOWN=y CONFIG_SECCOMP=y CONFIG_KEXEC=y CONFIG_CRASH_DUMP=y diff --git a/debian/patches/features/all/lockdown/0001-Annotate-module-params-that-specify-hardware-paramet.patch b/debian/patches/features/all/lockdown/0001-Annotate-module-params-that-specify-hardware-paramet.patch new file mode 100644 index 000000000..3f2d4dd3e --- /dev/null +++ b/debian/patches/features/all/lockdown/0001-Annotate-module-params-that-specify-hardware-paramet.patch @@ -0,0 +1,117 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:21 +0100 +Subject: [01/62] Annotate module params that specify hardware parameters (eg. + ioport) +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=bf616d21f41174389c6d720ae21bf40f154474c8 + +Provided an annotation for module parameters that specify hardware +parameters (such as io ports, iomem addresses, irqs, dma channels, fixed +dma buffers and other types). + +This will enable such parameters to be locked down in the core parameter +parser for secure boot support. + +I've also included annotations as to what sort of hardware configuration +each module is dealing with for future use. Some of these are +straightforward (ioport, iomem, irq, dma), but there are also: + + (1) drivers that switch the semantics of a parameter between ioport and + iomem depending on a second parameter, + + (2) drivers that appear to reserve a CPU memory buffer at a fixed address, + + (3) other parameters, such as bus types and irq selection bitmasks. + +For the moment, the hardware configuration type isn't actually stored, +though its validity is checked. + +Signed-off-by: David Howells +--- + include/linux/moduleparam.h | 65 ++++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 64 insertions(+), 1 deletion(-) + +diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h +index 52666d90ca94..6be1949ebcdf 100644 +--- a/include/linux/moduleparam.h ++++ b/include/linux/moduleparam.h +@@ -60,9 +60,11 @@ struct kernel_param_ops { + * Flags available for kernel_param + * + * UNSAFE - the parameter is dangerous and setting it will taint the kernel ++ * HWPARAM - Hardware param not permitted in lockdown mode + */ + enum { +- KERNEL_PARAM_FL_UNSAFE = (1 << 0) ++ KERNEL_PARAM_FL_UNSAFE = (1 << 0), ++ KERNEL_PARAM_FL_HWPARAM = (1 << 1), + }; + + struct kernel_param { +@@ -451,6 +453,67 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp); + perm, -1, 0); \ + __MODULE_PARM_TYPE(name, "array of " #type) + ++enum hwparam_type { ++ hwparam_ioport, /* Module parameter configures an I/O port */ ++ hwparam_iomem, /* Module parameter configures an I/O mem address */ ++ hwparam_ioport_or_iomem, /* Module parameter could be either, depending on other option */ ++ hwparam_irq, /* Module parameter configures an I/O port */ ++ hwparam_dma, /* Module parameter configures a DMA channel */ ++ hwparam_dma_addr, /* Module parameter configures a DMA buffer address */ ++ hwparam_other, /* Module parameter configures some other value */ ++}; ++ ++/** ++ * module_param_hw_named - A parameter representing a hw parameters ++ * @name: a valid C identifier which is the parameter name. ++ * @value: the actual lvalue to alter. ++ * @type: the type of the parameter ++ * @hwtype: what the value represents (enum hwparam_type) ++ * @perm: visibility in sysfs. ++ * ++ * Usually it's a good idea to have variable names and user-exposed names the ++ * same, but that's harder if the variable must be non-static or is inside a ++ * structure. This allows exposure under a different name. ++ */ ++#define module_param_hw_named(name, value, type, hwtype, perm) \ ++ param_check_##type(name, &(value)); \ ++ __module_param_call(MODULE_PARAM_PREFIX, name, \ ++ ¶m_ops_##type, &value, \ ++ perm, -1, \ ++ KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ ++ __MODULE_PARM_TYPE(name, #type) ++ ++#define module_param_hw(name, type, hwtype, perm) \ ++ module_param_hw_named(name, name, type, hwtype, perm) ++ ++/** ++ * module_param_hw_array - A parameter representing an array of hw parameters ++ * @name: the name of the array variable ++ * @type: the type, as per module_param() ++ * @hwtype: what the value represents (enum hwparam_type) ++ * @nump: optional pointer filled in with the number written ++ * @perm: visibility in sysfs ++ * ++ * Input and output are as comma-separated values. Commas inside values ++ * don't work properly (eg. an array of charp). ++ * ++ * ARRAY_SIZE(@name) is used to determine the number of elements in the ++ * array, so the definition must be visible. ++ */ ++#define module_param_hw_array(name, type, hwtype, nump, perm) \ ++ param_check_##type(name, &(name)[0]); \ ++ static const struct kparam_array __param_arr_##name \ ++ = { .max = ARRAY_SIZE(name), .num = nump, \ ++ .ops = ¶m_ops_##type, \ ++ .elemsize = sizeof(name[0]), .elem = name }; \ ++ __module_param_call(MODULE_PARAM_PREFIX, name, \ ++ ¶m_array_ops, \ ++ .arr = &__param_arr_##name, \ ++ perm, -1, \ ++ KERNEL_PARAM_FL_HWPARAM | (hwparam_##hwtype & 0)); \ ++ __MODULE_PARM_TYPE(name, "array of " #type) ++ ++ + extern const struct kernel_param_ops param_array_ops; + + extern const struct kernel_param_ops param_ops_string; diff --git a/debian/patches/features/all/lockdown/0002-Annotate-hardware-config-module-parameters-in-arch-x.patch b/debian/patches/features/all/lockdown/0002-Annotate-hardware-config-module-parameters-in-arch-x.patch new file mode 100644 index 000000000..6b5bf43d1 --- /dev/null +++ b/debian/patches/features/all/lockdown/0002-Annotate-hardware-config-module-parameters-in-arch-x.patch @@ -0,0 +1,51 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:21 +0100 +Subject: [02/62] Annotate hardware config module parameters in arch/x86/mm/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=89a35b5df5de26b9eaed0791580cea872232d563 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in arch/x86/mm/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Steven Rostedt +cc: Ingo Molnar +cc: Thomas Gleixner +cc: "H. Peter Anvin" +cc: x86@kernel.org +cc: linux-kernel@vger.kernel.org +cc: nouveau@lists.freedesktop.org +--- + arch/x86/mm/testmmiotrace.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/arch/x86/mm/testmmiotrace.c b/arch/x86/mm/testmmiotrace.c +index 38868adf07ea..f6ae6830b341 100644 +--- a/arch/x86/mm/testmmiotrace.c ++++ b/arch/x86/mm/testmmiotrace.c +@@ -9,7 +9,7 @@ + #include + + static unsigned long mmio_address; +-module_param(mmio_address, ulong, 0); ++module_param_hw(mmio_address, ulong, iomem, 0); + MODULE_PARM_DESC(mmio_address, " Start address of the mapping of 16 kB " + "(or 8 MB if read_far is non-zero)."); + diff --git a/debian/patches/features/all/lockdown/0003-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0003-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..d1401718e --- /dev/null +++ b/debian/patches/features/all/lockdown/0003-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,85 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:21 +0100 +Subject: [03/62] Annotate hardware config module parameters in + drivers/char/ipmi/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a72157f0fe047bc3dd4a4111c5db764b03269122 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/char/ipmi/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Reviewed-by: Corey Minyard +cc: openipmi-developer@lists.sourceforge.net +--- + drivers/char/ipmi/ipmi_si_intf.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c +index 2a7c425ddfa7..e2f34eb59998 100644 +--- a/drivers/char/ipmi/ipmi_si_intf.c ++++ b/drivers/char/ipmi/ipmi_si_intf.c +@@ -1375,39 +1375,39 @@ MODULE_PARM_DESC(type, "Defines the type of each interface, each" + " interface separated by commas. The types are 'kcs'," + " 'smic', and 'bt'. For example si_type=kcs,bt will set" + " the first interface to kcs and the second to bt"); +-module_param_array(addrs, ulong, &num_addrs, 0); ++module_param_hw_array(addrs, ulong, iomem, &num_addrs, 0); + MODULE_PARM_DESC(addrs, "Sets the memory address of each interface, the" + " addresses separated by commas. Only use if an interface" + " is in memory. Otherwise, set it to zero or leave" + " it blank."); +-module_param_array(ports, uint, &num_ports, 0); ++module_param_hw_array(ports, uint, ioport, &num_ports, 0); + MODULE_PARM_DESC(ports, "Sets the port address of each interface, the" + " addresses separated by commas. Only use if an interface" + " is a port. Otherwise, set it to zero or leave" + " it blank."); +-module_param_array(irqs, int, &num_irqs, 0); ++module_param_hw_array(irqs, int, irq, &num_irqs, 0); + MODULE_PARM_DESC(irqs, "Sets the interrupt of each interface, the" + " addresses separated by commas. Only use if an interface" + " has an interrupt. Otherwise, set it to zero or leave" + " it blank."); +-module_param_array(regspacings, int, &num_regspacings, 0); ++module_param_hw_array(regspacings, int, other, &num_regspacings, 0); + MODULE_PARM_DESC(regspacings, "The number of bytes between the start address" + " and each successive register used by the interface. For" + " instance, if the start address is 0xca2 and the spacing" + " is 2, then the second address is at 0xca4. Defaults" + " to 1."); +-module_param_array(regsizes, int, &num_regsizes, 0); ++module_param_hw_array(regsizes, int, other, &num_regsizes, 0); + MODULE_PARM_DESC(regsizes, "The size of the specific IPMI register in bytes." + " This should generally be 1, 2, 4, or 8 for an 8-bit," + " 16-bit, 32-bit, or 64-bit register. Use this if you" + " the 8-bit IPMI register has to be read from a larger" + " register."); +-module_param_array(regshifts, int, &num_regshifts, 0); ++module_param_hw_array(regshifts, int, other, &num_regshifts, 0); + MODULE_PARM_DESC(regshifts, "The amount to shift the data read from the." + " IPMI register, in bits. For instance, if the data" + " is read from a 32-bit word and the IPMI data is in" + " bit 8-15, then the shift would be 8"); +-module_param_array(slave_addrs, int, &num_slave_addrs, 0); ++module_param_hw_array(slave_addrs, int, other, &num_slave_addrs, 0); + MODULE_PARM_DESC(slave_addrs, "Set the default IPMB slave address for" + " the controller. Normally this is 0x20, but can be" + " overridden by this parm. This is an array indexed" diff --git a/debian/patches/features/all/lockdown/0004-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0004-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..286fbb98b --- /dev/null +++ b/debian/patches/features/all/lockdown/0004-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,51 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:21 +0100 +Subject: [04/62] Annotate hardware config module parameters in + drivers/char/mwave/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=70f233e85b60cb259279e451313dce6cbc84d041 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/char/mwave/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +--- + drivers/char/mwave/mwavedd.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/char/mwave/mwavedd.c b/drivers/char/mwave/mwavedd.c +index 3a3ff2eb6cba..b5e3103c1175 100644 +--- a/drivers/char/mwave/mwavedd.c ++++ b/drivers/char/mwave/mwavedd.c +@@ -80,10 +80,10 @@ int mwave_3780i_io = 0; + int mwave_uart_irq = 0; + int mwave_uart_io = 0; + module_param(mwave_debug, int, 0); +-module_param(mwave_3780i_irq, int, 0); +-module_param(mwave_3780i_io, int, 0); +-module_param(mwave_uart_irq, int, 0); +-module_param(mwave_uart_io, int, 0); ++module_param_hw(mwave_3780i_irq, int, irq, 0); ++module_param_hw(mwave_3780i_io, int, ioport, 0); ++module_param_hw(mwave_uart_irq, int, irq, 0); ++module_param_hw(mwave_uart_io, int, ioport, 0); + + static int mwave_open(struct inode *inode, struct file *file); + static int mwave_close(struct inode *inode, struct file *file); diff --git a/debian/patches/features/all/lockdown/0005-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0005-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..ab60a7182 --- /dev/null +++ b/debian/patches/features/all/lockdown/0005-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,49 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:22 +0100 +Subject: [05/62] Annotate hardware config module parameters in drivers/char/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=3a5a43a8e71e6c0f03ba07d7125faccc8c851d65 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/char/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Arnd Bergmann +cc: Greg Kroah-Hartman +--- + drivers/char/applicom.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/char/applicom.c b/drivers/char/applicom.c +index e770ad977472..b67263d6e34b 100644 +--- a/drivers/char/applicom.c ++++ b/drivers/char/applicom.c +@@ -94,9 +94,9 @@ static struct applicom_board { + static unsigned int irq = 0; /* interrupt number IRQ */ + static unsigned long mem = 0; /* physical segment of board */ + +-module_param(irq, uint, 0); ++module_param_hw(irq, uint, irq, 0); + MODULE_PARM_DESC(irq, "IRQ of the Applicom board"); +-module_param(mem, ulong, 0); ++module_param_hw(mem, ulong, iomem, 0); + MODULE_PARM_DESC(mem, "Shared Memory Address of Applicom board"); + + static unsigned int numboards; /* number of installed boards */ diff --git a/debian/patches/features/all/lockdown/0006-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0006-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..0e0765439 --- /dev/null +++ b/debian/patches/features/all/lockdown/0006-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,48 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:22 +0100 +Subject: [06/62] Annotate hardware config module parameters in + drivers/clocksource/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=8a3dad31f7c45c744a27dd6c7587efc2330bafd7 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/clocksource/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Daniel Lezcano +cc: Thomas Gleixner +cc: linux-kernel@vger.kernel.org +--- + drivers/clocksource/cs5535-clockevt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/clocksource/cs5535-clockevt.c b/drivers/clocksource/cs5535-clockevt.c +index 9a7e37cf56b0..a1df588343f2 100644 +--- a/drivers/clocksource/cs5535-clockevt.c ++++ b/drivers/clocksource/cs5535-clockevt.c +@@ -22,7 +22,7 @@ + #define DRV_NAME "cs5535-clockevt" + + static int timer_irq; +-module_param_named(irq, timer_irq, int, 0644); ++module_param_hw_named(irq, timer_irq, int, irq, 0644); + MODULE_PARM_DESC(irq, "Which IRQ to use for the clock source MFGPT ticks."); + + /* diff --git a/debian/patches/features/all/lockdown/0007-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0007-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..29df96714 --- /dev/null +++ b/debian/patches/features/all/lockdown/0007-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,48 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:22 +0100 +Subject: [07/62] Annotate hardware config module parameters in + drivers/cpufreq/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=889dc5a750fe6ec7088dcb77a23f1a5745d3fd2a + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/cpufreq/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Acked-by: "Rafael J. Wysocki" +cc: Viresh Kumar +cc: linux-pm@vger.kernel.org +--- + drivers/cpufreq/speedstep-smi.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/cpufreq/speedstep-smi.c b/drivers/cpufreq/speedstep-smi.c +index 770a9ae1999a..37b30071c220 100644 +--- a/drivers/cpufreq/speedstep-smi.c ++++ b/drivers/cpufreq/speedstep-smi.c +@@ -378,7 +378,7 @@ static void __exit speedstep_exit(void) + cpufreq_unregister_driver(&speedstep_driver); + } + +-module_param(smi_port, int, 0444); ++module_param_hw(smi_port, int, ioport, 0444); + module_param(smi_cmd, int, 0444); + module_param(smi_sig, uint, 0444); + diff --git a/debian/patches/features/all/lockdown/0008-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0008-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..04001c849 --- /dev/null +++ b/debian/patches/features/all/lockdown/0008-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,124 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:22 +0100 +Subject: [08/62] Annotate hardware config module parameters in drivers/gpio/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=fc57a891601a964e9c80c1ea9a0bfa40da3764db + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/gpio/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Acked-by: William Breathitt Gray +Acked-by: Linus Walleij +cc: Alexandre Courbot +cc: linux-gpio@vger.kernel.org +--- + drivers/gpio/gpio-104-dio-48e.c | 4 ++-- + drivers/gpio/gpio-104-idi-48.c | 4 ++-- + drivers/gpio/gpio-104-idio-16.c | 4 ++-- + drivers/gpio/gpio-gpio-mm.c | 2 +- + drivers/gpio/gpio-ws16c48.c | 4 ++-- + 5 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/drivers/gpio/gpio-104-dio-48e.c b/drivers/gpio/gpio-104-dio-48e.c +index 17bd2ab4ebe2..dfa1a298e4f6 100644 +--- a/drivers/gpio/gpio-104-dio-48e.c ++++ b/drivers/gpio/gpio-104-dio-48e.c +@@ -33,11 +33,11 @@ + + static unsigned int base[MAX_NUM_DIO48E]; + static unsigned int num_dio48e; +-module_param_array(base, uint, &num_dio48e, 0); ++module_param_hw_array(base, uint, ioport, &num_dio48e, 0); + MODULE_PARM_DESC(base, "ACCES 104-DIO-48E base addresses"); + + static unsigned int irq[MAX_NUM_DIO48E]; +-module_param_array(irq, uint, NULL, 0); ++module_param_hw_array(irq, uint, irq, NULL, 0); + MODULE_PARM_DESC(irq, "ACCES 104-DIO-48E interrupt line numbers"); + + /** +diff --git a/drivers/gpio/gpio-104-idi-48.c b/drivers/gpio/gpio-104-idi-48.c +index 568375a7ebc2..c369b2083876 100644 +--- a/drivers/gpio/gpio-104-idi-48.c ++++ b/drivers/gpio/gpio-104-idi-48.c +@@ -33,11 +33,11 @@ + + static unsigned int base[MAX_NUM_IDI_48]; + static unsigned int num_idi_48; +-module_param_array(base, uint, &num_idi_48, 0); ++module_param_hw_array(base, uint, ioport, &num_idi_48, 0); + MODULE_PARM_DESC(base, "ACCES 104-IDI-48 base addresses"); + + static unsigned int irq[MAX_NUM_IDI_48]; +-module_param_array(irq, uint, NULL, 0); ++module_param_hw_array(irq, uint, irq, NULL, 0); + MODULE_PARM_DESC(irq, "ACCES 104-IDI-48 interrupt line numbers"); + + /** +diff --git a/drivers/gpio/gpio-104-idio-16.c b/drivers/gpio/gpio-104-idio-16.c +index 7053cf736648..5949123986f2 100644 +--- a/drivers/gpio/gpio-104-idio-16.c ++++ b/drivers/gpio/gpio-104-idio-16.c +@@ -33,11 +33,11 @@ + + static unsigned int base[MAX_NUM_IDIO_16]; + static unsigned int num_idio_16; +-module_param_array(base, uint, &num_idio_16, 0); ++module_param_hw_array(base, uint, ioport, &num_idio_16, 0); + MODULE_PARM_DESC(base, "ACCES 104-IDIO-16 base addresses"); + + static unsigned int irq[MAX_NUM_IDIO_16]; +-module_param_array(irq, uint, NULL, 0); ++module_param_hw_array(irq, uint, irq, NULL, 0); + MODULE_PARM_DESC(irq, "ACCES 104-IDIO-16 interrupt line numbers"); + + /** +diff --git a/drivers/gpio/gpio-gpio-mm.c b/drivers/gpio/gpio-gpio-mm.c +index fa4baa2543db..11ade5b288f8 100644 +--- a/drivers/gpio/gpio-gpio-mm.c ++++ b/drivers/gpio/gpio-gpio-mm.c +@@ -31,7 +31,7 @@ + + static unsigned int base[MAX_NUM_GPIOMM]; + static unsigned int num_gpiomm; +-module_param_array(base, uint, &num_gpiomm, 0); ++module_param_hw_array(base, uint, ioport, &num_gpiomm, 0); + MODULE_PARM_DESC(base, "Diamond Systems GPIO-MM base addresses"); + + /** +diff --git a/drivers/gpio/gpio-ws16c48.c b/drivers/gpio/gpio-ws16c48.c +index 901b5ccb032d..f8a4f91f36c7 100644 +--- a/drivers/gpio/gpio-ws16c48.c ++++ b/drivers/gpio/gpio-ws16c48.c +@@ -30,11 +30,11 @@ + + static unsigned int base[MAX_NUM_WS16C48]; + static unsigned int num_ws16c48; +-module_param_array(base, uint, &num_ws16c48, 0); ++module_param_hw_array(base, uint, ioport, &num_ws16c48, 0); + MODULE_PARM_DESC(base, "WinSystems WS16C48 base addresses"); + + static unsigned int irq[MAX_NUM_WS16C48]; +-module_param_array(irq, uint, NULL, 0); ++module_param_hw_array(irq, uint, irq, NULL, 0); + MODULE_PARM_DESC(irq, "WinSystems WS16C48 interrupt line numbers"); + + /** diff --git a/debian/patches/features/all/lockdown/0009-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0009-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..871e4c958 --- /dev/null +++ b/debian/patches/features/all/lockdown/0009-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,157 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:23 +0100 +Subject: [09/62] Annotate hardware config module parameters in drivers/i2c/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e03e00c1c3dc3178b092971000390bbc1cbcea6c + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/i2c/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Wolfram Sang +cc: Jean Delvare +cc: linux-i2c@vger.kernel.org +--- + drivers/i2c/busses/i2c-ali15x3.c | 2 +- + drivers/i2c/busses/i2c-elektor.c | 6 +++--- + drivers/i2c/busses/i2c-parport-light.c | 4 ++-- + drivers/i2c/busses/i2c-pca-isa.c | 4 ++-- + drivers/i2c/busses/i2c-piix4.c | 2 +- + drivers/i2c/busses/i2c-sis5595.c | 2 +- + drivers/i2c/busses/i2c-viapro.c | 2 +- + drivers/i2c/busses/scx200_acb.c | 2 +- + 8 files changed, 12 insertions(+), 12 deletions(-) + +diff --git a/drivers/i2c/busses/i2c-ali15x3.c b/drivers/i2c/busses/i2c-ali15x3.c +index 45c5c4883022..6e6bf46bcb52 100644 +--- a/drivers/i2c/busses/i2c-ali15x3.c ++++ b/drivers/i2c/busses/i2c-ali15x3.c +@@ -119,7 +119,7 @@ + /* If force_addr is set to anything different from 0, we forcibly enable + the device at the given address. */ + static u16 force_addr; +-module_param(force_addr, ushort, 0); ++module_param_hw(force_addr, ushort, ioport, 0); + MODULE_PARM_DESC(force_addr, + "Initialize the base address of the i2c controller"); + +diff --git a/drivers/i2c/busses/i2c-elektor.c b/drivers/i2c/busses/i2c-elektor.c +index 8af62fb3fe41..5416003e0605 100644 +--- a/drivers/i2c/busses/i2c-elektor.c ++++ b/drivers/i2c/busses/i2c-elektor.c +@@ -323,9 +323,9 @@ MODULE_AUTHOR("Hans Berglund "); + MODULE_DESCRIPTION("I2C-Bus adapter routines for PCF8584 ISA bus adapter"); + MODULE_LICENSE("GPL"); + +-module_param(base, int, 0); +-module_param(irq, int, 0); ++module_param_hw(base, int, ioport_or_iomem, 0); ++module_param_hw(irq, int, irq, 0); + module_param(clock, int, 0); + module_param(own, int, 0); +-module_param(mmapped, int, 0); ++module_param_hw(mmapped, int, other, 0); + module_isa_driver(i2c_elektor_driver, 1); +diff --git a/drivers/i2c/busses/i2c-parport-light.c b/drivers/i2c/busses/i2c-parport-light.c +index 1bcdd10b68b9..faa8fb8f2b8f 100644 +--- a/drivers/i2c/busses/i2c-parport-light.c ++++ b/drivers/i2c/busses/i2c-parport-light.c +@@ -38,11 +38,11 @@ + static struct platform_device *pdev; + + static u16 base; +-module_param(base, ushort, 0); ++module_param_hw(base, ushort, ioport, 0); + MODULE_PARM_DESC(base, "Base I/O address"); + + static int irq; +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "IRQ (optional)"); + + /* ----- Low-level parallel port access ----------------------------------- */ +diff --git a/drivers/i2c/busses/i2c-pca-isa.c b/drivers/i2c/busses/i2c-pca-isa.c +index ba88f17f636c..946ac646de2a 100644 +--- a/drivers/i2c/busses/i2c-pca-isa.c ++++ b/drivers/i2c/busses/i2c-pca-isa.c +@@ -197,9 +197,9 @@ MODULE_AUTHOR("Ian Campbell "); + MODULE_DESCRIPTION("ISA base PCA9564/PCA9665 driver"); + MODULE_LICENSE("GPL"); + +-module_param(base, ulong, 0); ++module_param_hw(base, ulong, ioport, 0); + MODULE_PARM_DESC(base, "I/O base address"); +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "IRQ"); + module_param(clock, int, 0); + MODULE_PARM_DESC(clock, "Clock rate in hertz.\n\t\t" +diff --git a/drivers/i2c/busses/i2c-piix4.c b/drivers/i2c/busses/i2c-piix4.c +index c21ca7bf2efe..0ecdb47a23ab 100644 +--- a/drivers/i2c/busses/i2c-piix4.c ++++ b/drivers/i2c/busses/i2c-piix4.c +@@ -106,7 +106,7 @@ MODULE_PARM_DESC(force, "Forcibly enable the PIIX4. DANGEROUS!"); + /* If force_addr is set to anything different from 0, we forcibly enable + the PIIX4 at the given address. VERY DANGEROUS! */ + static int force_addr; +-module_param (force_addr, int, 0); ++module_param_hw(force_addr, int, ioport, 0); + MODULE_PARM_DESC(force_addr, + "Forcibly enable the PIIX4 at the given address. " + "EXTREMELY DANGEROUS!"); +diff --git a/drivers/i2c/busses/i2c-sis5595.c b/drivers/i2c/busses/i2c-sis5595.c +index 7d58a40faf2d..d543a9867ba4 100644 +--- a/drivers/i2c/busses/i2c-sis5595.c ++++ b/drivers/i2c/busses/i2c-sis5595.c +@@ -119,7 +119,7 @@ static int blacklist[] = { + /* If force_addr is set to anything different from 0, we forcibly enable + the device at the given address. */ + static u16 force_addr; +-module_param(force_addr, ushort, 0); ++module_param_hw(force_addr, ushort, ioport, 0); + MODULE_PARM_DESC(force_addr, "Initialize the base address of the i2c controller"); + + static struct pci_driver sis5595_driver; +diff --git a/drivers/i2c/busses/i2c-viapro.c b/drivers/i2c/busses/i2c-viapro.c +index 0ee2646f3b00..0dc45e12bb1d 100644 +--- a/drivers/i2c/busses/i2c-viapro.c ++++ b/drivers/i2c/busses/i2c-viapro.c +@@ -94,7 +94,7 @@ MODULE_PARM_DESC(force, "Forcibly enable the SMBus. DANGEROUS!"); + /* If force_addr is set to anything different from 0, we forcibly enable + the VT596 at the given address. VERY DANGEROUS! */ + static u16 force_addr; +-module_param(force_addr, ushort, 0); ++module_param_hw(force_addr, ushort, ioport, 0); + MODULE_PARM_DESC(force_addr, + "Forcibly enable the SMBus at the given address. " + "EXTREMELY DANGEROUS!"); +diff --git a/drivers/i2c/busses/scx200_acb.c b/drivers/i2c/busses/scx200_acb.c +index 0a7e410b6195..e0923bee8d1f 100644 +--- a/drivers/i2c/busses/scx200_acb.c ++++ b/drivers/i2c/busses/scx200_acb.c +@@ -42,7 +42,7 @@ MODULE_LICENSE("GPL"); + + #define MAX_DEVICES 4 + static int base[MAX_DEVICES] = { 0x820, 0x840 }; +-module_param_array(base, int, NULL, 0); ++module_param_hw_array(base, int, ioport, NULL, 0); + MODULE_PARM_DESC(base, "Base addresses for the ACCESS.bus controllers"); + + #define POLL_TIMEOUT (HZ/5) diff --git a/debian/patches/features/all/lockdown/0010-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0010-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..930e5f180 --- /dev/null +++ b/debian/patches/features/all/lockdown/0010-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,61 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:23 +0100 +Subject: [10/62] Annotate hardware config module parameters in drivers/iio/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=104ad466c252fa90cc84d4dd4e0aa5074c43f47e + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/iio/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Acked-by: William Breathitt Gray +Acked-by: Jonathan Cameron +cc: linux-iio@vger.kernel.org +--- + drivers/iio/adc/stx104.c | 2 +- + drivers/iio/dac/cio-dac.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/iio/adc/stx104.c b/drivers/iio/adc/stx104.c +index be2de48844bc..7dd396f88f6b 100644 +--- a/drivers/iio/adc/stx104.c ++++ b/drivers/iio/adc/stx104.c +@@ -49,7 +49,7 @@ + + static unsigned int base[max_num_isa_dev(STX104_EXTENT)]; + static unsigned int num_stx104; +-module_param_array(base, uint, &num_stx104, 0); ++module_param_hw_array(base, uint, ioport, &num_stx104, 0); + MODULE_PARM_DESC(base, "Apex Embedded Systems STX104 base addresses"); + + /** +diff --git a/drivers/iio/dac/cio-dac.c b/drivers/iio/dac/cio-dac.c +index 5a743e2a779d..dac086129edf 100644 +--- a/drivers/iio/dac/cio-dac.c ++++ b/drivers/iio/dac/cio-dac.c +@@ -39,7 +39,7 @@ + + static unsigned int base[max_num_isa_dev(CIO_DAC_EXTENT)]; + static unsigned int num_cio_dac; +-module_param_array(base, uint, &num_cio_dac, 0); ++module_param_hw_array(base, uint, ioport, &num_cio_dac, 0); + MODULE_PARM_DESC(base, "Measurement Computing CIO-DAC base addresses"); + + /** diff --git a/debian/patches/features/all/lockdown/0011-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0011-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..a848503a3 --- /dev/null +++ b/debian/patches/features/all/lockdown/0011-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,79 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:23 +0100 +Subject: [11/62] Annotate hardware config module parameters in drivers/input/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=5b90489efd9bb9b2b9e68b2b4e803985fa890cb8 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/input/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Acked-by: Dmitry Torokhov +cc: linux-input@vger.kernel.org +--- + drivers/input/mouse/inport.c | 2 +- + drivers/input/mouse/logibm.c | 2 +- + drivers/input/touchscreen/mk712.c | 4 ++-- + 3 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/input/mouse/inport.c b/drivers/input/mouse/inport.c +index 3827a22362de..9ce71dfa0de1 100644 +--- a/drivers/input/mouse/inport.c ++++ b/drivers/input/mouse/inport.c +@@ -78,7 +78,7 @@ MODULE_LICENSE("GPL"); + #define INPORT_IRQ 5 + + static int inport_irq = INPORT_IRQ; +-module_param_named(irq, inport_irq, uint, 0); ++module_param_hw_named(irq, inport_irq, uint, irq, 0); + MODULE_PARM_DESC(irq, "IRQ number (5=default)"); + + static struct input_dev *inport_dev; +diff --git a/drivers/input/mouse/logibm.c b/drivers/input/mouse/logibm.c +index e2413113df22..6f165e053f4d 100644 +--- a/drivers/input/mouse/logibm.c ++++ b/drivers/input/mouse/logibm.c +@@ -69,7 +69,7 @@ MODULE_LICENSE("GPL"); + #define LOGIBM_IRQ 5 + + static int logibm_irq = LOGIBM_IRQ; +-module_param_named(irq, logibm_irq, uint, 0); ++module_param_hw_named(irq, logibm_irq, uint, irq, 0); + MODULE_PARM_DESC(irq, "IRQ number (5=default)"); + + static struct input_dev *logibm_dev; +diff --git a/drivers/input/touchscreen/mk712.c b/drivers/input/touchscreen/mk712.c +index 36e57deacd03..bd5352824f77 100644 +--- a/drivers/input/touchscreen/mk712.c ++++ b/drivers/input/touchscreen/mk712.c +@@ -50,11 +50,11 @@ MODULE_DESCRIPTION("ICS MicroClock MK712 TouchScreen driver"); + MODULE_LICENSE("GPL"); + + static unsigned int mk712_io = 0x260; /* Also 0x200, 0x208, 0x300 */ +-module_param_named(io, mk712_io, uint, 0); ++module_param_hw_named(io, mk712_io, uint, ioport, 0); + MODULE_PARM_DESC(io, "I/O base address of MK712 touchscreen controller"); + + static unsigned int mk712_irq = 10; /* Also 12, 14, 15 */ +-module_param_named(irq, mk712_irq, uint, 0); ++module_param_hw_named(irq, mk712_irq, uint, irq, 0); + MODULE_PARM_DESC(irq, "IRQ of MK712 touchscreen controller"); + + /* eight 8-bit registers */ diff --git a/debian/patches/features/all/lockdown/0012-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0012-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..368a3f597 --- /dev/null +++ b/debian/patches/features/all/lockdown/0012-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,88 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:24 +0100 +Subject: [12/62] Annotate hardware config module parameters in drivers/isdn/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=7968519108dc80b5da2fe7a8e6aa27c296586c25 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/isdn/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Karsten Keil +cc: netdev@vger.kernel.org +--- + drivers/isdn/hardware/avm/b1isa.c | 4 ++-- + drivers/isdn/hardware/avm/t1isa.c | 4 ++-- + drivers/isdn/hisax/config.c | 10 +++++----- + 3 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/drivers/isdn/hardware/avm/b1isa.c b/drivers/isdn/hardware/avm/b1isa.c +index 31ef8130a87f..54e871a47387 100644 +--- a/drivers/isdn/hardware/avm/b1isa.c ++++ b/drivers/isdn/hardware/avm/b1isa.c +@@ -169,8 +169,8 @@ static struct pci_dev isa_dev[MAX_CARDS]; + static int io[MAX_CARDS]; + static int irq[MAX_CARDS]; + +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(io, "I/O base address(es)"); + MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); + +diff --git a/drivers/isdn/hardware/avm/t1isa.c b/drivers/isdn/hardware/avm/t1isa.c +index 72ef18853951..9516203c735f 100644 +--- a/drivers/isdn/hardware/avm/t1isa.c ++++ b/drivers/isdn/hardware/avm/t1isa.c +@@ -516,8 +516,8 @@ static int io[MAX_CARDS]; + static int irq[MAX_CARDS]; + static int cardnr[MAX_CARDS]; + +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param_array(cardnr, int, NULL, 0); + MODULE_PARM_DESC(io, "I/O base address(es)"); + MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); +diff --git a/drivers/isdn/hisax/config.c b/drivers/isdn/hisax/config.c +index 2d12c6ceeb89..c7d68675b028 100644 +--- a/drivers/isdn/hisax/config.c ++++ b/drivers/isdn/hisax/config.c +@@ -350,13 +350,13 @@ MODULE_AUTHOR("Karsten Keil"); + MODULE_LICENSE("GPL"); + module_param_array(type, int, NULL, 0); + module_param_array(protocol, int, NULL, 0); +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); +-module_param_array(mem, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); ++module_param_hw_array(mem, int, iomem, NULL, 0); + module_param(id, charp, 0); + #ifdef IO0_IO1 +-module_param_array(io0, int, NULL, 0); +-module_param_array(io1, int, NULL, 0); ++module_param_hw_array(io0, int, ioport, NULL, 0); ++module_param_hw_array(io1, int, ioport, NULL, 0); + #endif + #endif /* MODULE */ + diff --git a/debian/patches/features/all/lockdown/0013-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0013-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..ab8c5e7e3 --- /dev/null +++ b/debian/patches/features/all/lockdown/0013-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,83 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:24 +0100 +Subject: [13/62] Annotate hardware config module parameters in drivers/media/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=9e256c58933510b128a6f00691f751ef55ea1fd2 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/media/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Mauro Carvalho Chehab +cc: mjpeg-users@lists.sourceforge.net +cc: linux-media@vger.kernel.org +--- + drivers/media/pci/zoran/zoran_card.c | 2 +- + drivers/media/rc/serial_ir.c | 10 +++++----- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/drivers/media/pci/zoran/zoran_card.c b/drivers/media/pci/zoran/zoran_card.c +index 5266755add63..4680f001653a 100644 +--- a/drivers/media/pci/zoran/zoran_card.c ++++ b/drivers/media/pci/zoran/zoran_card.c +@@ -69,7 +69,7 @@ MODULE_PARM_DESC(card, "Card type"); + */ + + static unsigned long vidmem; /* default = 0 - Video memory base address */ +-module_param(vidmem, ulong, 0444); ++module_param_hw(vidmem, ulong, iomem, 0444); + MODULE_PARM_DESC(vidmem, "Default video memory base address"); + + /* +diff --git a/drivers/media/rc/serial_ir.c b/drivers/media/rc/serial_ir.c +index 41b54e40176c..40d305842a9b 100644 +--- a/drivers/media/rc/serial_ir.c ++++ b/drivers/media/rc/serial_ir.c +@@ -833,11 +833,11 @@ MODULE_LICENSE("GPL"); + module_param(type, int, 0444); + MODULE_PARM_DESC(type, "Hardware type (0 = home-brew, 1 = IRdeo, 2 = IRdeo Remote, 3 = AnimaX, 4 = IgorPlug"); + +-module_param(io, int, 0444); ++module_param_hw(io, int, ioport, 0444); + MODULE_PARM_DESC(io, "I/O address base (0x3f8 or 0x2f8)"); + + /* some architectures (e.g. intel xscale) have memory mapped registers */ +-module_param(iommap, bool, 0444); ++module_param_hw(iommap, bool, other, 0444); + MODULE_PARM_DESC(iommap, "physical base for memory mapped I/O (0 = no memory mapped io)"); + + /* +@@ -845,13 +845,13 @@ MODULE_PARM_DESC(iommap, "physical base for memory mapped I/O (0 = no memory map + * on 32bit word boundaries. + * See linux-kernel/drivers/tty/serial/8250/8250.c serial_in()/out() + */ +-module_param(ioshift, int, 0444); ++module_param_hw(ioshift, int, other, 0444); + MODULE_PARM_DESC(ioshift, "shift I/O register offset (0 = no shift)"); + +-module_param(irq, int, 0444); ++module_param_hw(irq, int, irq, 0444); + MODULE_PARM_DESC(irq, "Interrupt (4 or 3)"); + +-module_param(share_irq, bool, 0444); ++module_param_hw(share_irq, bool, other, 0444); + MODULE_PARM_DESC(share_irq, "Share interrupts (0 = off, 1 = on)"); + + module_param(sense, int, 0444); diff --git a/debian/patches/features/all/lockdown/0014-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0014-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..84d3f41fb --- /dev/null +++ b/debian/patches/features/all/lockdown/0014-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,45 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:24 +0100 +Subject: [14/62] Annotate hardware config module parameters in drivers/misc/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=78c42a679f4795421aa74c469bbce417f9eed08d + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/misc/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Arnd Bergmann +cc: Greg Kroah-Hartman +--- + drivers/misc/dummy-irq.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/misc/dummy-irq.c b/drivers/misc/dummy-irq.c +index acbbe0390be4..76a1015d5783 100644 +--- a/drivers/misc/dummy-irq.c ++++ b/drivers/misc/dummy-irq.c +@@ -59,6 +59,6 @@ module_exit(dummy_irq_exit); + + MODULE_LICENSE("GPL"); + MODULE_AUTHOR("Jiri Kosina"); +-module_param(irq, uint, 0444); ++module_param_hw(irq, uint, irq, 0444); + MODULE_PARM_DESC(irq, "The IRQ to register for"); + MODULE_DESCRIPTION("Dummy IRQ handler driver"); diff --git a/debian/patches/features/all/lockdown/0015-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0015-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..d7c9637d4 --- /dev/null +++ b/debian/patches/features/all/lockdown/0015-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,55 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:25 +0100 +Subject: [15/62] Annotate hardware config module parameters in + drivers/mmc/host/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=eddcdc1bef4e3fa95de7f670e0aeaca85e2ab9af + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/mmc/host/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Pierre Ossman +cc: Ulf Hansson +cc: linux-mmc@vger.kernel.org +--- + drivers/mmc/host/wbsd.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/mmc/host/wbsd.c b/drivers/mmc/host/wbsd.c +index bd04e8bae010..e15a9733fcfd 100644 +--- a/drivers/mmc/host/wbsd.c ++++ b/drivers/mmc/host/wbsd.c +@@ -2001,11 +2001,11 @@ static void __exit wbsd_drv_exit(void) + module_init(wbsd_drv_init); + module_exit(wbsd_drv_exit); + #ifdef CONFIG_PNP +-module_param_named(nopnp, param_nopnp, uint, 0444); ++module_param_hw_named(nopnp, param_nopnp, uint, other, 0444); + #endif +-module_param_named(io, param_io, uint, 0444); +-module_param_named(irq, param_irq, uint, 0444); +-module_param_named(dma, param_dma, int, 0444); ++module_param_hw_named(io, param_io, uint, ioport, 0444); ++module_param_hw_named(irq, param_irq, uint, irq, 0444); ++module_param_hw_named(dma, param_dma, int, dma, 0444); + + MODULE_LICENSE("GPL"); + MODULE_AUTHOR("Pierre Ossman "); diff --git a/debian/patches/features/all/lockdown/0016-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0016-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..b4e8cee71 --- /dev/null +++ b/debian/patches/features/all/lockdown/0016-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,47 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:25 +0100 +Subject: [16/62] Annotate hardware config module parameters in + drivers/net/appletalk/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=78e66f194ab1de8df4088761add8e9e747d8e9c3 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/appletalk/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Arnaldo Carvalho de Melo +cc: netdev@vger.kernel.org +[bwh: Drop changes to cops driver, which we removed] +--- +--- a/drivers/net/appletalk/ltpc.c ++++ b/drivers/net/appletalk/ltpc.c +@@ -1231,9 +1231,9 @@ static struct net_device *dev_ltpc; + + MODULE_LICENSE("GPL"); + module_param(debug, int, 0); +-module_param(io, int, 0); +-module_param(irq, int, 0); +-module_param(dma, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); ++module_param_hw(dma, int, dma, 0); + + + static int __init ltpc_module_init(void) diff --git a/debian/patches/features/all/lockdown/0017-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0017-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..9909a8452 --- /dev/null +++ b/debian/patches/features/all/lockdown/0017-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,81 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:25 +0100 +Subject: [17/62] Annotate hardware config module parameters in + drivers/net/arcnet/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=7606cd506c88e6f9a0f001c57fb1bd9d4d648db8 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/arcnet/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Michael Grzeschik +cc: netdev@vger.kernel.org +--- + drivers/net/arcnet/com20020-isa.c | 4 ++-- + drivers/net/arcnet/com90io.c | 4 ++-- + drivers/net/arcnet/com90xx.c | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/drivers/net/arcnet/com20020-isa.c b/drivers/net/arcnet/com20020-isa.c +index b9e9931353b2..38fa60ddaf2e 100644 +--- a/drivers/net/arcnet/com20020-isa.c ++++ b/drivers/net/arcnet/com20020-isa.c +@@ -129,8 +129,8 @@ static int clockp = 0; + static int clockm = 0; + + module_param(node, int, 0); +-module_param(io, int, 0); +-module_param(irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); + module_param_string(device, device, sizeof(device), 0); + module_param(timeout, int, 0); + module_param(backplane, int, 0); +diff --git a/drivers/net/arcnet/com90io.c b/drivers/net/arcnet/com90io.c +index b57863df5bf5..4e56aaf2b984 100644 +--- a/drivers/net/arcnet/com90io.c ++++ b/drivers/net/arcnet/com90io.c +@@ -347,8 +347,8 @@ static int io; /* use the insmod io= irq= shmem= options */ + static int irq; + static char device[9]; /* use eg. device=arc1 to change name */ + +-module_param(io, int, 0); +-module_param(irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); + module_param_string(device, device, sizeof(device), 0); + MODULE_LICENSE("GPL"); + +diff --git a/drivers/net/arcnet/com90xx.c b/drivers/net/arcnet/com90xx.c +index 81f90c4703ae..ca4a57c30bf8 100644 +--- a/drivers/net/arcnet/com90xx.c ++++ b/drivers/net/arcnet/com90xx.c +@@ -88,8 +88,8 @@ static int irq; + static int shmem; + static char device[9]; /* use eg. device=arc1 to change name */ + +-module_param(io, int, 0); +-module_param(irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); + module_param(shmem, int, 0); + module_param_string(device, device, sizeof(device), 0); + diff --git a/debian/patches/features/all/lockdown/0018-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0018-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..b854537a7 --- /dev/null +++ b/debian/patches/features/all/lockdown/0018-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,87 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:25 +0100 +Subject: [18/62] Annotate hardware config module parameters in + drivers/net/can/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=062a92aff0917dc6c418648979564e1632924f2e + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/can/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Acked-by: Marc Kleine-Budde +cc: Wolfgang Grandegger +cc: linux-can@vger.kernel.org +cc: netdev@vger.kernel.org +--- + drivers/net/can/cc770/cc770_isa.c | 8 ++++---- + drivers/net/can/sja1000/sja1000_isa.c | 8 ++++---- + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/drivers/net/can/cc770/cc770_isa.c b/drivers/net/can/cc770/cc770_isa.c +index e0d15711e9ac..3a30fd3b4498 100644 +--- a/drivers/net/can/cc770/cc770_isa.c ++++ b/drivers/net/can/cc770/cc770_isa.c +@@ -82,16 +82,16 @@ static u8 cor[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; + static u8 bcr[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; + static int indirect[MAXDEV] = {[0 ... (MAXDEV - 1)] = -1}; + +-module_param_array(port, ulong, NULL, S_IRUGO); ++module_param_hw_array(port, ulong, ioport, NULL, S_IRUGO); + MODULE_PARM_DESC(port, "I/O port number"); + +-module_param_array(mem, ulong, NULL, S_IRUGO); ++module_param_hw_array(mem, ulong, iomem, NULL, S_IRUGO); + MODULE_PARM_DESC(mem, "I/O memory address"); + +-module_param_array(indirect, int, NULL, S_IRUGO); ++module_param_hw_array(indirect, int, ioport, NULL, S_IRUGO); + MODULE_PARM_DESC(indirect, "Indirect access via address and data port"); + +-module_param_array(irq, int, NULL, S_IRUGO); ++module_param_hw_array(irq, int, irq, NULL, S_IRUGO); + MODULE_PARM_DESC(irq, "IRQ number"); + + module_param_array(clk, int, NULL, S_IRUGO); +diff --git a/drivers/net/can/sja1000/sja1000_isa.c b/drivers/net/can/sja1000/sja1000_isa.c +index e97e6d35b300..a89c1e92554d 100644 +--- a/drivers/net/can/sja1000/sja1000_isa.c ++++ b/drivers/net/can/sja1000/sja1000_isa.c +@@ -48,16 +48,16 @@ static unsigned char ocr[MAXDEV] = {[0 ... (MAXDEV - 1)] = 0xff}; + static int indirect[MAXDEV] = {[0 ... (MAXDEV - 1)] = -1}; + static spinlock_t indirect_lock[MAXDEV]; /* lock for indirect access mode */ + +-module_param_array(port, ulong, NULL, S_IRUGO); ++module_param_hw_array(port, ulong, ioport, NULL, S_IRUGO); + MODULE_PARM_DESC(port, "I/O port number"); + +-module_param_array(mem, ulong, NULL, S_IRUGO); ++module_param_hw_array(mem, ulong, iomem, NULL, S_IRUGO); + MODULE_PARM_DESC(mem, "I/O memory address"); + +-module_param_array(indirect, int, NULL, S_IRUGO); ++module_param_hw_array(indirect, int, ioport, NULL, S_IRUGO); + MODULE_PARM_DESC(indirect, "Indirect access via address and data port"); + +-module_param_array(irq, int, NULL, S_IRUGO); ++module_param_hw_array(irq, int, irq, NULL, S_IRUGO); + MODULE_PARM_DESC(irq, "IRQ number"); + + module_param_array(clk, int, NULL, S_IRUGO); diff --git a/debian/patches/features/all/lockdown/0019-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0019-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..20f4f3bc1 --- /dev/null +++ b/debian/patches/features/all/lockdown/0019-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,234 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:26 +0100 +Subject: [19/62] Annotate hardware config module parameters in + drivers/net/ethernet/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=36f7a604f8c2b0564722e84b903d6de6c2644f85 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/ethernet/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Steffen Klassert +cc: Jaroslav Kysela +cc: netdev@vger.kernel.org +cc: linux-parisc@vger.kernel.org +--- + drivers/net/ethernet/3com/3c509.c | 2 +- + drivers/net/ethernet/3com/3c59x.c | 4 ++-- + drivers/net/ethernet/8390/ne.c | 4 ++-- + drivers/net/ethernet/8390/smc-ultra.c | 4 ++-- + drivers/net/ethernet/8390/wd.c | 8 ++++---- + drivers/net/ethernet/amd/lance.c | 6 +++--- + drivers/net/ethernet/amd/ni65.c | 6 +++--- + drivers/net/ethernet/cirrus/cs89x0.c | 6 +++--- + drivers/net/ethernet/dec/tulip/de4x5.c | 2 +- + drivers/net/ethernet/hp/hp100.c | 2 +- + drivers/net/ethernet/realtek/atp.c | 4 ++-- + drivers/net/ethernet/smsc/smc9194.c | 4 ++-- + 12 files changed, 26 insertions(+), 26 deletions(-) + +diff --git a/drivers/net/ethernet/3com/3c509.c b/drivers/net/ethernet/3com/3c509.c +index c7f9f2c77da7..db8592d412ab 100644 +--- a/drivers/net/ethernet/3com/3c509.c ++++ b/drivers/net/ethernet/3com/3c509.c +@@ -1371,7 +1371,7 @@ el3_resume(struct device *pdev) + #endif /* CONFIG_PM */ + + module_param(debug,int, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param(max_interrupt_work, int, 0); + MODULE_PARM_DESC(debug, "debug level (0-6)"); + MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); +diff --git a/drivers/net/ethernet/3com/3c59x.c b/drivers/net/ethernet/3com/3c59x.c +index 40196f41768a..e41245a54f8b 100644 +--- a/drivers/net/ethernet/3com/3c59x.c ++++ b/drivers/net/ethernet/3com/3c59x.c +@@ -813,8 +813,8 @@ module_param(global_enable_wol, int, 0); + module_param_array(enable_wol, int, NULL, 0); + module_param(rx_copybreak, int, 0); + module_param(max_interrupt_work, int, 0); +-module_param(compaq_ioaddr, int, 0); +-module_param(compaq_irq, int, 0); ++module_param_hw(compaq_ioaddr, int, ioport, 0); ++module_param_hw(compaq_irq, int, irq, 0); + module_param(compaq_device_id, int, 0); + module_param(watchdog, int, 0); + module_param(global_use_mmio, int, 0); +diff --git a/drivers/net/ethernet/8390/ne.c b/drivers/net/ethernet/8390/ne.c +index c063b410a163..66f47987e2a2 100644 +--- a/drivers/net/ethernet/8390/ne.c ++++ b/drivers/net/ethernet/8390/ne.c +@@ -74,8 +74,8 @@ static int bad[MAX_NE_CARDS]; + static u32 ne_msg_enable; + + #ifdef MODULE +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param_array(bad, int, NULL, 0); + module_param_named(msg_enable, ne_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); + MODULE_PARM_DESC(io, "I/O base address(es),required"); +diff --git a/drivers/net/ethernet/8390/smc-ultra.c b/drivers/net/ethernet/8390/smc-ultra.c +index 364b6514f65f..4e02f6a23575 100644 +--- a/drivers/net/ethernet/8390/smc-ultra.c ++++ b/drivers/net/ethernet/8390/smc-ultra.c +@@ -561,8 +561,8 @@ static struct net_device *dev_ultra[MAX_ULTRA_CARDS]; + static int io[MAX_ULTRA_CARDS]; + static int irq[MAX_ULTRA_CARDS]; + +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param_named(msg_enable, ultra_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); + MODULE_PARM_DESC(io, "I/O base address(es)"); + MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)"); +diff --git a/drivers/net/ethernet/8390/wd.c b/drivers/net/ethernet/8390/wd.c +index ad019cbc698f..6efa2722f850 100644 +--- a/drivers/net/ethernet/8390/wd.c ++++ b/drivers/net/ethernet/8390/wd.c +@@ -503,10 +503,10 @@ static int irq[MAX_WD_CARDS]; + static int mem[MAX_WD_CARDS]; + static int mem_end[MAX_WD_CARDS]; /* for non std. mem size */ + +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); +-module_param_array(mem, int, NULL, 0); +-module_param_array(mem_end, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); ++module_param_hw_array(mem, int, iomem, NULL, 0); ++module_param_hw_array(mem_end, int, iomem, NULL, 0); + module_param_named(msg_enable, wd_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); + MODULE_PARM_DESC(io, "I/O base address(es)"); + MODULE_PARM_DESC(irq, "IRQ number(s) (ignored for PureData boards)"); +diff --git a/drivers/net/ethernet/amd/lance.c b/drivers/net/ethernet/amd/lance.c +index 61a641f23149..12a6a93d221b 100644 +--- a/drivers/net/ethernet/amd/lance.c ++++ b/drivers/net/ethernet/amd/lance.c +@@ -318,9 +318,9 @@ static int io[MAX_CARDS]; + static int dma[MAX_CARDS]; + static int irq[MAX_CARDS]; + +-module_param_array(io, int, NULL, 0); +-module_param_array(dma, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(dma, int, dma, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param(lance_debug, int, 0); + MODULE_PARM_DESC(io, "LANCE/PCnet I/O base address(es),required"); + MODULE_PARM_DESC(dma, "LANCE/PCnet ISA DMA channel (ignored for some devices)"); +diff --git a/drivers/net/ethernet/amd/ni65.c b/drivers/net/ethernet/amd/ni65.c +index 5985bf220a8d..e248d1ab3e47 100644 +--- a/drivers/net/ethernet/amd/ni65.c ++++ b/drivers/net/ethernet/amd/ni65.c +@@ -1227,9 +1227,9 @@ static void set_multicast_list(struct net_device *dev) + #ifdef MODULE + static struct net_device *dev_ni65; + +-module_param(irq, int, 0); +-module_param(io, int, 0); +-module_param(dma, int, 0); ++module_param_hw(irq, int, irq, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(dma, int, dma, 0); + MODULE_PARM_DESC(irq, "ni6510 IRQ number (ignored for some cards)"); + MODULE_PARM_DESC(io, "ni6510 I/O base address"); + MODULE_PARM_DESC(dma, "ni6510 ISA DMA channel (ignored for some cards)"); +diff --git a/drivers/net/ethernet/cirrus/cs89x0.c b/drivers/net/ethernet/cirrus/cs89x0.c +index 3647b28e8de0..8f660d9761cc 100644 +--- a/drivers/net/ethernet/cirrus/cs89x0.c ++++ b/drivers/net/ethernet/cirrus/cs89x0.c +@@ -1704,12 +1704,12 @@ static int use_dma; /* These generate unused var warnings if ALLOW_DMA = 0 */ + static int dma; + static int dmasize = 16; /* or 64 */ + +-module_param(io, int, 0); +-module_param(irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); + module_param(debug, int, 0); + module_param_string(media, media, sizeof(media), 0); + module_param(duplex, int, 0); +-module_param(dma , int, 0); ++module_param_hw(dma , int, dma, 0); + module_param(dmasize , int, 0); + module_param(use_dma , int, 0); + MODULE_PARM_DESC(io, "cs89x0 I/O base address"); +diff --git a/drivers/net/ethernet/dec/tulip/de4x5.c b/drivers/net/ethernet/dec/tulip/de4x5.c +index df4a871df633..fd6bcf024729 100644 +--- a/drivers/net/ethernet/dec/tulip/de4x5.c ++++ b/drivers/net/ethernet/dec/tulip/de4x5.c +@@ -1015,7 +1015,7 @@ static int compact_infoblock(struct net_device *dev, u_char count, u_char *p + + static int io=0x0;/* EDIT THIS LINE FOR YOUR CONFIGURATION IF NEEDED */ + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + module_param(de4x5_debug, int, 0); + module_param(dec_only, int, 0); + module_param(args, charp, 0); +diff --git a/drivers/net/ethernet/hp/hp100.c b/drivers/net/ethernet/hp/hp100.c +index 1a31bee6e728..5673b071e39d 100644 +--- a/drivers/net/ethernet/hp/hp100.c ++++ b/drivers/net/ethernet/hp/hp100.c +@@ -2966,7 +2966,7 @@ MODULE_DESCRIPTION("HP CASCADE Architecture Driver for 100VG-AnyLan Network Adap + #define HP100_DEVICES 5 + /* Parameters set by insmod */ + static int hp100_port[HP100_DEVICES] = { 0, [1 ... (HP100_DEVICES-1)] = -1 }; +-module_param_array(hp100_port, int, NULL, 0); ++module_param_hw_array(hp100_port, int, ioport, NULL, 0); + + /* List of devices */ + static struct net_device *hp100_devlist[HP100_DEVICES]; +diff --git a/drivers/net/ethernet/realtek/atp.c b/drivers/net/ethernet/realtek/atp.c +index 9bcd4aefc9c5..bed34684994f 100644 +--- a/drivers/net/ethernet/realtek/atp.c ++++ b/drivers/net/ethernet/realtek/atp.c +@@ -151,8 +151,8 @@ MODULE_LICENSE("GPL"); + + module_param(max_interrupt_work, int, 0); + module_param(debug, int, 0); +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param_array(xcvr, int, NULL, 0); + MODULE_PARM_DESC(max_interrupt_work, "ATP maximum events handled per interrupt"); + MODULE_PARM_DESC(debug, "ATP debug level (0-7)"); +diff --git a/drivers/net/ethernet/smsc/smc9194.c b/drivers/net/ethernet/smsc/smc9194.c +index c8d84679ede7..d3bb2ba51f40 100644 +--- a/drivers/net/ethernet/smsc/smc9194.c ++++ b/drivers/net/ethernet/smsc/smc9194.c +@@ -1501,8 +1501,8 @@ static void smc_set_multicast_list(struct net_device *dev) + static struct net_device *devSMC9194; + MODULE_LICENSE("GPL"); + +-module_param(io, int, 0); +-module_param(irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); + module_param(ifport, int, 0); + MODULE_PARM_DESC(io, "SMC 99194 I/O base address"); + MODULE_PARM_DESC(irq, "SMC 99194 IRQ number"); diff --git a/debian/patches/features/all/lockdown/0020-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0020-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..621ba0b18 --- /dev/null +++ b/debian/patches/features/all/lockdown/0020-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,111 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:26 +0100 +Subject: [20/62] Annotate hardware config module parameters in + drivers/net/hamradio/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=2bf23e0fa97ea5c3bad27fa6f878b6ecde838ea4 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/hamradio/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Thomas Sailer +cc: Joerg Reuter +cc: linux-hams@vger.kernel.org +cc: netdev@vger.kernel.org +--- + drivers/net/hamradio/baycom_epp.c | 2 +- + drivers/net/hamradio/baycom_par.c | 2 +- + drivers/net/hamradio/baycom_ser_fdx.c | 4 ++-- + drivers/net/hamradio/baycom_ser_hdx.c | 4 ++-- + drivers/net/hamradio/dmascc.c | 2 +- + 5 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/drivers/net/hamradio/baycom_epp.c b/drivers/net/hamradio/baycom_epp.c +index 594fa1407e29..1503f10122f7 100644 +--- a/drivers/net/hamradio/baycom_epp.c ++++ b/drivers/net/hamradio/baycom_epp.c +@@ -1176,7 +1176,7 @@ static int iobase[NR_PORTS] = { 0x378, }; + + module_param_array(mode, charp, NULL, 0); + MODULE_PARM_DESC(mode, "baycom operating mode"); +-module_param_array(iobase, int, NULL, 0); ++module_param_hw_array(iobase, int, ioport, NULL, 0); + MODULE_PARM_DESC(iobase, "baycom io base address"); + + MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); +diff --git a/drivers/net/hamradio/baycom_par.c b/drivers/net/hamradio/baycom_par.c +index 809dc25909d1..92b13b39f426 100644 +--- a/drivers/net/hamradio/baycom_par.c ++++ b/drivers/net/hamradio/baycom_par.c +@@ -481,7 +481,7 @@ static int iobase[NR_PORTS] = { 0x378, }; + + module_param_array(mode, charp, NULL, 0); + MODULE_PARM_DESC(mode, "baycom operating mode; eg. par96 or picpar"); +-module_param_array(iobase, int, NULL, 0); ++module_param_hw_array(iobase, int, ioport, NULL, 0); + MODULE_PARM_DESC(iobase, "baycom io base address"); + + MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); +diff --git a/drivers/net/hamradio/baycom_ser_fdx.c b/drivers/net/hamradio/baycom_ser_fdx.c +index ebc06822fd4d..d9a646acca20 100644 +--- a/drivers/net/hamradio/baycom_ser_fdx.c ++++ b/drivers/net/hamradio/baycom_ser_fdx.c +@@ -614,9 +614,9 @@ static int baud[NR_PORTS] = { [0 ... NR_PORTS-1] = 1200 }; + + module_param_array(mode, charp, NULL, 0); + MODULE_PARM_DESC(mode, "baycom operating mode; * for software DCD"); +-module_param_array(iobase, int, NULL, 0); ++module_param_hw_array(iobase, int, ioport, NULL, 0); + MODULE_PARM_DESC(iobase, "baycom io base address"); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "baycom irq number"); + module_param_array(baud, int, NULL, 0); + MODULE_PARM_DESC(baud, "baycom baud rate (300 to 4800)"); +diff --git a/drivers/net/hamradio/baycom_ser_hdx.c b/drivers/net/hamradio/baycom_ser_hdx.c +index 60fcf512c208..f1c8a9ff3891 100644 +--- a/drivers/net/hamradio/baycom_ser_hdx.c ++++ b/drivers/net/hamradio/baycom_ser_hdx.c +@@ -642,9 +642,9 @@ static int irq[NR_PORTS] = { 4, }; + + module_param_array(mode, charp, NULL, 0); + MODULE_PARM_DESC(mode, "baycom operating mode; * for software DCD"); +-module_param_array(iobase, int, NULL, 0); ++module_param_hw_array(iobase, int, ioport, NULL, 0); + MODULE_PARM_DESC(iobase, "baycom io base address"); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "baycom irq number"); + + MODULE_AUTHOR("Thomas M. Sailer, sailer@ife.ee.ethz.ch, hb9jnx@hb9w.che.eu"); +diff --git a/drivers/net/hamradio/dmascc.c b/drivers/net/hamradio/dmascc.c +index 2479072981a1..dec6b76bc0fb 100644 +--- a/drivers/net/hamradio/dmascc.c ++++ b/drivers/net/hamradio/dmascc.c +@@ -274,7 +274,7 @@ static unsigned long rand; + + MODULE_AUTHOR("Klaus Kudielka"); + MODULE_DESCRIPTION("Driver for high-speed SCC boards"); +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_LICENSE("GPL"); + + static void __exit dmascc_exit(void) diff --git a/debian/patches/features/all/lockdown/0021-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0021-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..bd760af44 --- /dev/null +++ b/debian/patches/features/all/lockdown/0021-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,125 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:26 +0100 +Subject: [21/62] Annotate hardware config module parameters in + drivers/net/irda/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=b14425b5b7dfe055d20f4e5b7e9c7013cf5784ac + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/irda/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Samuel Ortiz +cc: netdev@vger.kernel.org +--- + drivers/net/irda/ali-ircc.c | 6 +++--- + drivers/net/irda/nsc-ircc.c | 6 +++--- + drivers/net/irda/smsc-ircc2.c | 10 +++++----- + drivers/net/irda/w83977af_ir.c | 4 ++-- + 4 files changed, 13 insertions(+), 13 deletions(-) + +diff --git a/drivers/net/irda/ali-ircc.c b/drivers/net/irda/ali-ircc.c +index c285eafd3f1c..35f198d83701 100644 +--- a/drivers/net/irda/ali-ircc.c ++++ b/drivers/net/irda/ali-ircc.c +@@ -2207,11 +2207,11 @@ MODULE_LICENSE("GPL"); + MODULE_ALIAS("platform:" ALI_IRCC_DRIVER_NAME); + + +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io, "Base I/O addresses"); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "IRQ lines"); +-module_param_array(dma, int, NULL, 0); ++module_param_hw_array(dma, int, dma, NULL, 0); + MODULE_PARM_DESC(dma, "DMA channels"); + + module_init(ali_ircc_init); +diff --git a/drivers/net/irda/nsc-ircc.c b/drivers/net/irda/nsc-ircc.c +index aaecc3baaf30..7beae147be11 100644 +--- a/drivers/net/irda/nsc-ircc.c ++++ b/drivers/net/irda/nsc-ircc.c +@@ -2396,11 +2396,11 @@ MODULE_LICENSE("GPL"); + + module_param(qos_mtt_bits, int, 0); + MODULE_PARM_DESC(qos_mtt_bits, "Minimum Turn Time"); +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io, "Base I/O addresses"); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "IRQ lines"); +-module_param_array(dma, int, NULL, 0); ++module_param_hw_array(dma, int, dma, NULL, 0); + MODULE_PARM_DESC(dma, "DMA channels"); + module_param(dongle_id, int, 0); + MODULE_PARM_DESC(dongle_id, "Type-id of used dongle"); +diff --git a/drivers/net/irda/smsc-ircc2.c b/drivers/net/irda/smsc-ircc2.c +index dcf92ba80872..23ed89ae5ddc 100644 +--- a/drivers/net/irda/smsc-ircc2.c ++++ b/drivers/net/irda/smsc-ircc2.c +@@ -82,24 +82,24 @@ MODULE_PARM_DESC(nopnp, "Do not use PNP to detect controller settings, defaults + + #define DMA_INVAL 255 + static int ircc_dma = DMA_INVAL; +-module_param(ircc_dma, int, 0); ++module_param_hw(ircc_dma, int, dma, 0); + MODULE_PARM_DESC(ircc_dma, "DMA channel"); + + #define IRQ_INVAL 255 + static int ircc_irq = IRQ_INVAL; +-module_param(ircc_irq, int, 0); ++module_param_hw(ircc_irq, int, irq, 0); + MODULE_PARM_DESC(ircc_irq, "IRQ line"); + + static int ircc_fir; +-module_param(ircc_fir, int, 0); ++module_param_hw(ircc_fir, int, ioport, 0); + MODULE_PARM_DESC(ircc_fir, "FIR Base Address"); + + static int ircc_sir; +-module_param(ircc_sir, int, 0); ++module_param_hw(ircc_sir, int, ioport, 0); + MODULE_PARM_DESC(ircc_sir, "SIR Base Address"); + + static int ircc_cfg; +-module_param(ircc_cfg, int, 0); ++module_param_hw(ircc_cfg, int, ioport, 0); + MODULE_PARM_DESC(ircc_cfg, "Configuration register base address"); + + static int ircc_transceiver; +diff --git a/drivers/net/irda/w83977af_ir.c b/drivers/net/irda/w83977af_ir.c +index 8d5b903d1d9d..282b6c9ae05b 100644 +--- a/drivers/net/irda/w83977af_ir.c ++++ b/drivers/net/irda/w83977af_ir.c +@@ -1263,9 +1263,9 @@ MODULE_LICENSE("GPL"); + + module_param(qos_mtt_bits, int, 0); + MODULE_PARM_DESC(qos_mtt_bits, "Mimimum Turn Time"); +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io, "Base I/O addresses"); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "IRQ lines"); + + /* diff --git a/debian/patches/features/all/lockdown/0022-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0022-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..781baae85 --- /dev/null +++ b/debian/patches/features/all/lockdown/0022-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,112 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:27 +0100 +Subject: [22/62] Annotate hardware config module parameters in + drivers/net/wan/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=ded1b99ef0c3cc59cd79b7a8c20c844cf3374bb5 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/wan/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: "Jan \"Yenya\" Kasprzak" +cc: netdev@vger.kernel.org +--- + drivers/net/wan/cosa.c | 6 +++--- + drivers/net/wan/hostess_sv11.c | 6 +++--- + drivers/net/wan/sbni.c | 4 ++-- + drivers/net/wan/sealevel.c | 8 ++++---- + 4 files changed, 12 insertions(+), 12 deletions(-) + +diff --git a/drivers/net/wan/cosa.c b/drivers/net/wan/cosa.c +index 4ca71bca39ac..6ea16260ec76 100644 +--- a/drivers/net/wan/cosa.c ++++ b/drivers/net/wan/cosa.c +@@ -232,11 +232,11 @@ static int irq[MAX_CARDS+1] = { -1, -1, -1, -1, -1, -1, 0, }; + static struct class *cosa_class; + + #ifdef MODULE +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io, "The I/O bases of the COSA or SRP cards"); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "The IRQ lines of the COSA or SRP cards"); +-module_param_array(dma, int, NULL, 0); ++module_param_hw_array(dma, int, dma, NULL, 0); + MODULE_PARM_DESC(dma, "The DMA channels of the COSA or SRP cards"); + + MODULE_AUTHOR("Jan \"Yenya\" Kasprzak, "); +diff --git a/drivers/net/wan/hostess_sv11.c b/drivers/net/wan/hostess_sv11.c +index dd6bb3364ad2..4de0737fbf8a 100644 +--- a/drivers/net/wan/hostess_sv11.c ++++ b/drivers/net/wan/hostess_sv11.c +@@ -324,11 +324,11 @@ static void sv11_shutdown(struct z8530_dev *dev) + static int io = 0x200; + static int irq = 9; + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, "The I/O base of the Comtrol Hostess SV11 card"); +-module_param(dma, int, 0); ++module_param_hw(dma, int, dma, 0); + MODULE_PARM_DESC(dma, "Set this to 1 to use DMA1/DMA3 for TX/RX"); +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "The interrupt line setting for the Comtrol Hostess SV11 card"); + + MODULE_AUTHOR("Alan Cox"); +diff --git a/drivers/net/wan/sbni.c b/drivers/net/wan/sbni.c +index 3ca3419c54a0..bde8c0339831 100644 +--- a/drivers/net/wan/sbni.c ++++ b/drivers/net/wan/sbni.c +@@ -1463,8 +1463,8 @@ set_multicast_list( struct net_device *dev ) + + + #ifdef MODULE +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param_array(baud, int, NULL, 0); + module_param_array(rxl, int, NULL, 0); + module_param_array(mac, int, NULL, 0); +diff --git a/drivers/net/wan/sealevel.c b/drivers/net/wan/sealevel.c +index fbb5aa2c4d8f..c56f2c252113 100644 +--- a/drivers/net/wan/sealevel.c ++++ b/drivers/net/wan/sealevel.c +@@ -363,13 +363,13 @@ static int rxdma=3; + static int irq=5; + static bool slow=false; + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, "The I/O base of the Sealevel card"); +-module_param(txdma, int, 0); ++module_param_hw(txdma, int, dma, 0); + MODULE_PARM_DESC(txdma, "Transmit DMA channel"); +-module_param(rxdma, int, 0); ++module_param_hw(rxdma, int, dma, 0); + MODULE_PARM_DESC(rxdma, "Receive DMA channel"); +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "The interrupt line setting for the SeaLevel card"); + module_param(slow, bool, 0); + MODULE_PARM_DESC(slow, "Set this for an older Sealevel card such as the 4012"); diff --git a/debian/patches/features/all/lockdown/0023-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0023-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..842f06455 --- /dev/null +++ b/debian/patches/features/all/lockdown/0023-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,50 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:27 +0100 +Subject: [23/62] Annotate hardware config module parameters in + drivers/net/wireless/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=8108f1c7cb7cc32f93f280322f4aa1ba5314a66e + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/net/wireless/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Kalle Valo +cc: linux-wireless@vger.kernel.org +cc: netdev@vger.kernel.org +--- + drivers/net/wireless/cisco/airo.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/wireless/cisco/airo.c b/drivers/net/wireless/cisco/airo.c +index 4b040451a9b8..1b7e125a28e2 100644 +--- a/drivers/net/wireless/cisco/airo.c ++++ b/drivers/net/wireless/cisco/airo.c +@@ -246,8 +246,8 @@ MODULE_DESCRIPTION("Support for Cisco/Aironet 802.11 wireless ethernet cards. " + "Direct support for ISA/PCI/MPI cards and support for PCMCIA when used with airo_cs."); + MODULE_LICENSE("Dual BSD/GPL"); + MODULE_SUPPORTED_DEVICE("Aironet 4500, 4800 and Cisco 340/350"); +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param_array(rates, int, NULL, 0); + module_param_array(ssids, charp, NULL, 0); + module_param(auto_wep, int, 0); diff --git a/debian/patches/features/all/lockdown/0024-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0024-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..64db79014 --- /dev/null +++ b/debian/patches/features/all/lockdown/0024-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,55 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:27 +0100 +Subject: [24/62] Annotate hardware config module parameters in + drivers/parport/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e2450282634057131e64fb8bb83a22e1a9427694 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/parport/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Sudip Mukherjee +--- + drivers/parport/parport_pc.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/parport/parport_pc.c b/drivers/parport/parport_pc.c +index 9d42dfe65d44..5548193a28a6 100644 +--- a/drivers/parport/parport_pc.c ++++ b/drivers/parport/parport_pc.c +@@ -3150,13 +3150,13 @@ static char *irq[PARPORT_PC_MAX_PORTS]; + static char *dma[PARPORT_PC_MAX_PORTS]; + + MODULE_PARM_DESC(io, "Base I/O address (SPP regs)"); +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io_hi, "Base I/O address (ECR)"); +-module_param_array(io_hi, int, NULL, 0); ++module_param_hw_array(io_hi, int, ioport, NULL, 0); + MODULE_PARM_DESC(irq, "IRQ line"); +-module_param_array(irq, charp, NULL, 0); ++module_param_hw_array(irq, charp, irq, NULL, 0); + MODULE_PARM_DESC(dma, "DMA channel"); +-module_param_array(dma, charp, NULL, 0); ++module_param_hw_array(dma, charp, dma, NULL, 0); + #if defined(CONFIG_PARPORT_PC_SUPERIO) || \ + (defined(CONFIG_PARPORT_1284) && defined(CONFIG_PARPORT_PC_FIFO)) + MODULE_PARM_DESC(verbose_probing, "Log chit-chat during initialisation"); diff --git a/debian/patches/features/all/lockdown/0025-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0025-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..c00449ad8 --- /dev/null +++ b/debian/patches/features/all/lockdown/0025-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,48 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:27 +0100 +Subject: [25/62] Annotate hardware config module parameters in + drivers/pci/hotplug/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=683739ab2441e5a3c530bee7d7c79f13a38bb425 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/pci/hotplug/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Acked-by: Bjorn Helgaas +cc: Scott Murray +cc: linux-pci@vger.kernel.org +--- + drivers/pci/hotplug/cpcihp_generic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/drivers/pci/hotplug/cpcihp_generic.c b/drivers/pci/hotplug/cpcihp_generic.c +index 88a44a707b96..bbf9cf8aeaad 100644 +--- a/drivers/pci/hotplug/cpcihp_generic.c ++++ b/drivers/pci/hotplug/cpcihp_generic.c +@@ -220,7 +220,7 @@ module_param(first_slot, byte, 0); + MODULE_PARM_DESC(first_slot, "Hotswap bus first slot number"); + module_param(last_slot, byte, 0); + MODULE_PARM_DESC(last_slot, "Hotswap bus last slot number"); +-module_param(port, ushort, 0); ++module_param_hw(port, ushort, ioport, 0); + MODULE_PARM_DESC(port, "#ENUM signal I/O port"); + module_param(enum_bit, uint, 0); + MODULE_PARM_DESC(enum_bit, "#ENUM signal bit (0-7)"); diff --git a/debian/patches/features/all/lockdown/0026-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0026-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..0c35057d1 --- /dev/null +++ b/debian/patches/features/all/lockdown/0026-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,75 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:27 +0100 +Subject: [26/62] Annotate hardware config module parameters in drivers/pcmcia/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=abc3baae64c4956fd6d5b1b2b0d78cdc75fb8765 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/pcmcia/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: linux-pcmcia@lists.infradead.org +--- + drivers/pcmcia/i82365.c | 8 ++++---- + drivers/pcmcia/tcic.c | 8 ++++---- + 2 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/drivers/pcmcia/i82365.c b/drivers/pcmcia/i82365.c +index eb0d80a429e4..fb38cc01859f 100644 +--- a/drivers/pcmcia/i82365.c ++++ b/drivers/pcmcia/i82365.c +@@ -108,12 +108,12 @@ static int async_clock = -1; + static int cable_mode = -1; + static int wakeup = 0; + +-module_param(i365_base, ulong, 0444); ++module_param_hw(i365_base, ulong, ioport, 0444); + module_param(ignore, int, 0444); + module_param(extra_sockets, int, 0444); +-module_param(irq_mask, int, 0444); +-module_param_array(irq_list, int, &irq_list_count, 0444); +-module_param(cs_irq, int, 0444); ++module_param_hw(irq_mask, int, other, 0444); ++module_param_hw_array(irq_list, int, irq, &irq_list_count, 0444); ++module_param_hw(cs_irq, int, irq, 0444); + module_param(async_clock, int, 0444); + module_param(cable_mode, int, 0444); + module_param(wakeup, int, 0444); +diff --git a/drivers/pcmcia/tcic.c b/drivers/pcmcia/tcic.c +index 1ee63e5f0550..a1ac72d51d70 100644 +--- a/drivers/pcmcia/tcic.c ++++ b/drivers/pcmcia/tcic.c +@@ -85,12 +85,12 @@ static int poll_quick = HZ/20; + /* CCLK external clock time, in nanoseconds. 70 ns = 14.31818 MHz */ + static int cycle_time = 70; + +-module_param(tcic_base, ulong, 0444); ++module_param_hw(tcic_base, ulong, ioport, 0444); + module_param(ignore, int, 0444); + module_param(do_scan, int, 0444); +-module_param(irq_mask, int, 0444); +-module_param_array(irq_list, int, &irq_list_count, 0444); +-module_param(cs_irq, int, 0444); ++module_param_hw(irq_mask, int, other, 0444); ++module_param_hw_array(irq_list, int, irq, &irq_list_count, 0444); ++module_param_hw(cs_irq, int, irq, 0444); + module_param(poll_interval, int, 0444); + module_param(poll_quick, int, 0444); + module_param(cycle_time, int, 0444); diff --git a/debian/patches/features/all/lockdown/0027-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0027-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..cc6ed9853 --- /dev/null +++ b/debian/patches/features/all/lockdown/0027-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,131 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:27 +0100 +Subject: [27/62] Annotate hardware config module parameters in drivers/scsi/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=e3d6517827cdca4e24f36d50df94b0241e91ae8a + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/scsi/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: "Juergen E. Fischer" +cc: "James E.J. Bottomley" +cc: "Martin K. Petersen" +cc: Dario Ballabio +cc: Finn Thain +cc: Michael Schmitz +cc: Achim Leubner +cc: linux-scsi@vger.kernel.org +--- + drivers/scsi/aha152x.c | 4 ++-- + drivers/scsi/aha1542.c | 2 +- + drivers/scsi/g_NCR5380.c | 8 ++++---- + drivers/scsi/gdth.c | 2 +- + drivers/scsi/qlogicfas.c | 4 ++-- + 5 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/drivers/scsi/aha152x.c b/drivers/scsi/aha152x.c +index f44d0487236e..ce5dc73d85bb 100644 +--- a/drivers/scsi/aha152x.c ++++ b/drivers/scsi/aha152x.c +@@ -331,11 +331,11 @@ MODULE_LICENSE("GPL"); + #if !defined(PCMCIA) + #if defined(MODULE) + static int io[] = {0, 0}; +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io,"base io address of controller"); + + static int irq[] = {0, 0}; +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq,"interrupt for controller"); + + static int scsiid[] = {7, 7}; +diff --git a/drivers/scsi/aha1542.c b/drivers/scsi/aha1542.c +index 7db448ec8beb..a23cc9ac5acd 100644 +--- a/drivers/scsi/aha1542.c ++++ b/drivers/scsi/aha1542.c +@@ -31,7 +31,7 @@ module_param(isapnp, bool, 0); + MODULE_PARM_DESC(isapnp, "enable PnP support (default=1)"); + + static int io[MAXBOARDS] = { 0x330, 0x334, 0, 0 }; +-module_param_array(io, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); + MODULE_PARM_DESC(io, "base IO address of controller (0x130,0x134,0x230,0x234,0x330,0x334, default=0x330,0x334)"); + + /* time AHA spends on the AT-bus during data transfer */ +diff --git a/drivers/scsi/g_NCR5380.c b/drivers/scsi/g_NCR5380.c +index 67c8dac321ad..c34fc91ba486 100644 +--- a/drivers/scsi/g_NCR5380.c ++++ b/drivers/scsi/g_NCR5380.c +@@ -85,8 +85,8 @@ static int ncr_53c400; + static int ncr_53c400a; + static int dtc_3181e; + static int hp_c2502; +-module_param(ncr_irq, int, 0); +-module_param(ncr_addr, int, 0); ++module_param_hw(ncr_irq, int, irq, 0); ++module_param_hw(ncr_addr, int, ioport, 0); + module_param(ncr_5380, int, 0); + module_param(ncr_53c400, int, 0); + module_param(ncr_53c400a, int, 0); +@@ -94,11 +94,11 @@ module_param(dtc_3181e, int, 0); + module_param(hp_c2502, int, 0); + + static int irq[] = { -1, -1, -1, -1, -1, -1, -1, -1 }; +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(irq, "IRQ number(s) (0=none, 254=auto [default])"); + + static int base[] = { 0, 0, 0, 0, 0, 0, 0, 0 }; +-module_param_array(base, int, NULL, 0); ++module_param_hw_array(base, int, ioport, NULL, 0); + MODULE_PARM_DESC(base, "base address(es)"); + + static int card[] = { -1, -1, -1, -1, -1, -1, -1, -1 }; +diff --git a/drivers/scsi/gdth.c b/drivers/scsi/gdth.c +index d020a13646ae..facc7271f932 100644 +--- a/drivers/scsi/gdth.c ++++ b/drivers/scsi/gdth.c +@@ -353,7 +353,7 @@ static int probe_eisa_isa = 0; + static int force_dma32 = 0; + + /* parameters for modprobe/insmod */ +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + module_param(disable, int, 0); + module_param(reserve_mode, int, 0); + module_param_array(reserve_list, int, NULL, 0); +diff --git a/drivers/scsi/qlogicfas.c b/drivers/scsi/qlogicfas.c +index 61cac87fb86f..840823b99e51 100644 +--- a/drivers/scsi/qlogicfas.c ++++ b/drivers/scsi/qlogicfas.c +@@ -137,8 +137,8 @@ static struct Scsi_Host *__qlogicfas_detect(struct scsi_host_template *host, + static struct qlogicfas408_priv *cards; + static int iobase[MAX_QLOGICFAS]; + static int irq[MAX_QLOGICFAS] = { [0 ... MAX_QLOGICFAS-1] = -1 }; +-module_param_array(iobase, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(iobase, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + MODULE_PARM_DESC(iobase, "I/O address"); + MODULE_PARM_DESC(irq, "IRQ"); + diff --git a/debian/patches/features/all/lockdown/0028-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0028-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..2ec69034b --- /dev/null +++ b/debian/patches/features/all/lockdown/0028-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,53 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:28 +0100 +Subject: [28/62] Annotate hardware config module parameters in + drivers/staging/media/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=db33ab46d89c69211f56940278c394067fe6876e + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/staging/media/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Mauro Carvalho Chehab +cc: Greg Kroah-Hartman +cc: linux-media@vger.kernel.org +cc: devel@driverdev.osuosl.org +--- + drivers/staging/media/lirc/lirc_sir.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/drivers/staging/media/lirc/lirc_sir.c b/drivers/staging/media/lirc/lirc_sir.c +index c6c3de94adaa..dde46dd8cabb 100644 +--- a/drivers/staging/media/lirc/lirc_sir.c ++++ b/drivers/staging/media/lirc/lirc_sir.c +@@ -826,10 +826,10 @@ MODULE_AUTHOR("Milan Pikula"); + #endif + MODULE_LICENSE("GPL"); + +-module_param(io, int, S_IRUGO); ++module_param_hw(io, int, ioport, S_IRUGO); + MODULE_PARM_DESC(io, "I/O address base (0x3f8 or 0x2f8)"); + +-module_param(irq, int, S_IRUGO); ++module_param_hw(irq, int, irq, S_IRUGO); + MODULE_PARM_DESC(irq, "Interrupt (4 or 3)"); + + module_param(threshold, int, S_IRUGO); diff --git a/debian/patches/features/all/lockdown/0029-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0029-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..c2fe660a4 --- /dev/null +++ b/debian/patches/features/all/lockdown/0029-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,76 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:28 +0100 +Subject: [29/62] Annotate hardware config module parameters in + drivers/staging/speakup/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=1f78a159fa613a2d95754c1e3ea067c749aeb509 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/staging/speakup/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Greg Kroah-Hartman +cc: speakup@linux-speakup.org +cc: devel@driverdev.osuosl.org +--- + drivers/staging/speakup/speakup_acntpc.c | 2 +- + drivers/staging/speakup/speakup_dtlk.c | 2 +- + drivers/staging/speakup/speakup_keypc.c | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/staging/speakup/speakup_acntpc.c b/drivers/staging/speakup/speakup_acntpc.c +index c7fab261d860..b6fbf9de1f85 100644 +--- a/drivers/staging/speakup/speakup_acntpc.c ++++ b/drivers/staging/speakup/speakup_acntpc.c +@@ -307,7 +307,7 @@ static void accent_release(void) + speakup_info.port_tts = 0; + } + +-module_param_named(port, port_forced, int, 0444); ++module_param_hw_named(port, port_forced, int, ioport, 0444); + module_param_named(start, synth_acntpc.startup, short, 0444); + + MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); +diff --git a/drivers/staging/speakup/speakup_dtlk.c b/drivers/staging/speakup/speakup_dtlk.c +index e2bf20806d8d..9c097fda07b0 100644 +--- a/drivers/staging/speakup/speakup_dtlk.c ++++ b/drivers/staging/speakup/speakup_dtlk.c +@@ -378,7 +378,7 @@ static void dtlk_release(void) + speakup_info.port_tts = 0; + } + +-module_param_named(port, port_forced, int, 0444); ++module_param_hw_named(port, port_forced, int, ioport, 0444); + module_param_named(start, synth_dtlk.startup, short, 0444); + + MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); +diff --git a/drivers/staging/speakup/speakup_keypc.c b/drivers/staging/speakup/speakup_keypc.c +index 10f4964782e2..e653b52175b8 100644 +--- a/drivers/staging/speakup/speakup_keypc.c ++++ b/drivers/staging/speakup/speakup_keypc.c +@@ -309,7 +309,7 @@ static void keynote_release(void) + synth_port = 0; + } + +-module_param_named(port, port_forced, int, 0444); ++module_param_hw_named(port, port_forced, int, ioport, 0444); + module_param_named(start, synth_keypc.startup, short, 0444); + + MODULE_PARM_DESC(port, "Set the port for the synthesizer (override probing)."); diff --git a/debian/patches/features/all/lockdown/0030-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0030-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..2b9ef64d9 --- /dev/null +++ b/debian/patches/features/all/lockdown/0030-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,61 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:28 +0100 +Subject: [30/62] Annotate hardware config module parameters in + drivers/staging/vme/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=ae1779570a11610bc25974a9574e2cbc29ba1508 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/staging/vme/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Martyn Welch +cc: Manohar Vanga +cc: Greg Kroah-Hartman +cc: devel@driverdev.osuosl.org +--- + drivers/staging/vme/devices/vme_pio2_core.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/drivers/staging/vme/devices/vme_pio2_core.c b/drivers/staging/vme/devices/vme_pio2_core.c +index 20a2d835fdaa..367535b4b77f 100644 +--- a/drivers/staging/vme/devices/vme_pio2_core.c ++++ b/drivers/staging/vme/devices/vme_pio2_core.c +@@ -466,16 +466,16 @@ static void __exit pio2_exit(void) + + /* These are required for each board */ + MODULE_PARM_DESC(bus, "Enumeration of VMEbus to which the board is connected"); +-module_param_array(bus, int, &bus_num, 0444); ++module_param_hw_array(bus, int, other, &bus_num, 0444); + + MODULE_PARM_DESC(base, "Base VME address for PIO2 Registers"); +-module_param_array(base, long, &base_num, 0444); ++module_param_hw_array(base, long, other, &base_num, 0444); + + MODULE_PARM_DESC(vector, "VME IRQ Vector (Lower 4 bits masked)"); +-module_param_array(vector, int, &vector_num, 0444); ++module_param_hw_array(vector, int, other, &vector_num, 0444); + + MODULE_PARM_DESC(level, "VME IRQ Level"); +-module_param_array(level, int, &level_num, 0444); ++module_param_hw_array(level, int, other, &level_num, 0444); + + MODULE_PARM_DESC(variant, "Last 4 characters of PIO2 board variant"); + module_param_array(variant, charp, &variant_num, 0444); diff --git a/debian/patches/features/all/lockdown/0031-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0031-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..85ac44bbd --- /dev/null +++ b/debian/patches/features/all/lockdown/0031-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,144 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:29 +0100 +Subject: [31/62] Annotate hardware config module parameters in drivers/tty/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=87194408fc816138aa4900548202ad45d5816b54 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/tty/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Greg Kroah-Hartman +cc: Jiri Slaby +cc: linux-serial@vger.kernel.org +--- + drivers/tty/cyclades.c | 4 ++-- + drivers/tty/moxa.c | 2 +- + drivers/tty/mxser.c | 2 +- + drivers/tty/rocket.c | 10 +++++----- + drivers/tty/serial/8250/8250_core.c | 4 ++-- + drivers/tty/synclink.c | 6 +++--- + 6 files changed, 14 insertions(+), 14 deletions(-) + +diff --git a/drivers/tty/cyclades.c b/drivers/tty/cyclades.c +index 5e4fa9206861..104f09c58163 100644 +--- a/drivers/tty/cyclades.c ++++ b/drivers/tty/cyclades.c +@@ -156,8 +156,8 @@ static unsigned int cy_isa_addresses[] = { + static long maddr[NR_CARDS]; + static int irq[NR_CARDS]; + +-module_param_array(maddr, long, NULL, 0); +-module_param_array(irq, int, NULL, 0); ++module_param_hw_array(maddr, long, iomem, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); + + #endif /* CONFIG_ISA */ + +diff --git a/drivers/tty/moxa.c b/drivers/tty/moxa.c +index 4caf0c3b1f99..3b251f4e5df0 100644 +--- a/drivers/tty/moxa.c ++++ b/drivers/tty/moxa.c +@@ -179,7 +179,7 @@ MODULE_FIRMWARE("c320tunx.cod"); + + module_param_array(type, uint, NULL, 0); + MODULE_PARM_DESC(type, "card type: C218=2, C320=4"); +-module_param_array(baseaddr, ulong, NULL, 0); ++module_param_hw_array(baseaddr, ulong, ioport, NULL, 0); + MODULE_PARM_DESC(baseaddr, "base address"); + module_param_array(numports, uint, NULL, 0); + MODULE_PARM_DESC(numports, "numports (ignored for C218)"); +diff --git a/drivers/tty/mxser.c b/drivers/tty/mxser.c +index 7b8f383fb090..8bd6fb6d9391 100644 +--- a/drivers/tty/mxser.c ++++ b/drivers/tty/mxser.c +@@ -183,7 +183,7 @@ static int ttymajor = MXSERMAJOR; + + MODULE_AUTHOR("Casper Yang"); + MODULE_DESCRIPTION("MOXA Smartio/Industio Family Multiport Board Device Driver"); +-module_param_array(ioaddr, ulong, NULL, 0); ++module_param_hw_array(ioaddr, ulong, ioport, NULL, 0); + MODULE_PARM_DESC(ioaddr, "ISA io addresses to look for a moxa board"); + module_param(ttymajor, int, 0); + MODULE_LICENSE("GPL"); +diff --git a/drivers/tty/rocket.c b/drivers/tty/rocket.c +index d66c1edd9892..b51a877da986 100644 +--- a/drivers/tty/rocket.c ++++ b/drivers/tty/rocket.c +@@ -250,15 +250,15 @@ static int sReadAiopNumChan(WordIO_t io); + + MODULE_AUTHOR("Theodore Ts'o"); + MODULE_DESCRIPTION("Comtrol RocketPort driver"); +-module_param(board1, ulong, 0); ++module_param_hw(board1, ulong, ioport, 0); + MODULE_PARM_DESC(board1, "I/O port for (ISA) board #1"); +-module_param(board2, ulong, 0); ++module_param_hw(board2, ulong, ioport, 0); + MODULE_PARM_DESC(board2, "I/O port for (ISA) board #2"); +-module_param(board3, ulong, 0); ++module_param_hw(board3, ulong, ioport, 0); + MODULE_PARM_DESC(board3, "I/O port for (ISA) board #3"); +-module_param(board4, ulong, 0); ++module_param_hw(board4, ulong, ioport, 0); + MODULE_PARM_DESC(board4, "I/O port for (ISA) board #4"); +-module_param(controller, ulong, 0); ++module_param_hw(controller, ulong, ioport, 0); + MODULE_PARM_DESC(controller, "I/O port for (ISA) rocketport controller"); + module_param(support_low_speed, bool, 0); + MODULE_PARM_DESC(support_low_speed, "1 means support 50 baud, 0 means support 460400 baud"); +diff --git a/drivers/tty/serial/8250/8250_core.c b/drivers/tty/serial/8250/8250_core.c +index 76e03a7de9cc..89fde17d9617 100644 +--- a/drivers/tty/serial/8250/8250_core.c ++++ b/drivers/tty/serial/8250/8250_core.c +@@ -1191,7 +1191,7 @@ module_exit(serial8250_exit); + MODULE_LICENSE("GPL"); + MODULE_DESCRIPTION("Generic 8250/16x50 serial driver"); + +-module_param(share_irqs, uint, 0644); ++module_param_hw(share_irqs, uint, other, 0644); + MODULE_PARM_DESC(share_irqs, "Share IRQs with other non-8250/16x50 devices (unsafe)"); + + module_param(nr_uarts, uint, 0644); +@@ -1201,7 +1201,7 @@ module_param(skip_txen_test, uint, 0644); + MODULE_PARM_DESC(skip_txen_test, "Skip checking for the TXEN bug at init time"); + + #ifdef CONFIG_SERIAL_8250_RSA +-module_param_array(probe_rsa, ulong, &probe_rsa_count, 0444); ++module_param_hw_array(probe_rsa, ulong, ioport, &probe_rsa_count, 0444); + MODULE_PARM_DESC(probe_rsa, "Probe I/O ports for RSA"); + #endif + MODULE_ALIAS_CHARDEV_MAJOR(TTY_MAJOR); +diff --git a/drivers/tty/synclink.c b/drivers/tty/synclink.c +index 657eed82eeb3..a2c308f7d637 100644 +--- a/drivers/tty/synclink.c ++++ b/drivers/tty/synclink.c +@@ -869,9 +869,9 @@ static int txholdbufs[MAX_TOTAL_DEVICES]; + + module_param(break_on_load, bool, 0); + module_param(ttymajor, int, 0); +-module_param_array(io, int, NULL, 0); +-module_param_array(irq, int, NULL, 0); +-module_param_array(dma, int, NULL, 0); ++module_param_hw_array(io, int, ioport, NULL, 0); ++module_param_hw_array(irq, int, irq, NULL, 0); ++module_param_hw_array(dma, int, dma, NULL, 0); + module_param(debug_level, int, 0); + module_param_array(maxframe, int, NULL, 0); + module_param_array(txdmabufs, int, NULL, 0); diff --git a/debian/patches/features/all/lockdown/0032-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0032-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..5bd485842 --- /dev/null +++ b/debian/patches/features/all/lockdown/0032-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,80 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:29 +0100 +Subject: [32/62] Annotate hardware config module parameters in drivers/video/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=1692fe8ef6a9f19be6c4943dda5d67f31ea0f561 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/video/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Jaya Kumar +cc: Tomi Valkeinen +cc: linux-fbdev@vger.kernel.org +--- + drivers/video/fbdev/arcfb.c | 8 ++++---- + drivers/video/fbdev/n411.c | 6 +++--- + 2 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/drivers/video/fbdev/arcfb.c b/drivers/video/fbdev/arcfb.c +index 1928cb2b5386..7e87d0d61658 100644 +--- a/drivers/video/fbdev/arcfb.c ++++ b/drivers/video/fbdev/arcfb.c +@@ -645,17 +645,17 @@ module_param(nosplash, uint, 0); + MODULE_PARM_DESC(nosplash, "Disable doing the splash screen"); + module_param(arcfb_enable, uint, 0); + MODULE_PARM_DESC(arcfb_enable, "Enable communication with Arc board"); +-module_param(dio_addr, ulong, 0); ++module_param_hw(dio_addr, ulong, ioport, 0); + MODULE_PARM_DESC(dio_addr, "IO address for data, eg: 0x480"); +-module_param(cio_addr, ulong, 0); ++module_param_hw(cio_addr, ulong, ioport, 0); + MODULE_PARM_DESC(cio_addr, "IO address for control, eg: 0x400"); +-module_param(c2io_addr, ulong, 0); ++module_param_hw(c2io_addr, ulong, ioport, 0); + MODULE_PARM_DESC(c2io_addr, "IO address for secondary control, eg: 0x408"); + module_param(splashval, ulong, 0); + MODULE_PARM_DESC(splashval, "Splash pattern: 0xFF is black, 0x00 is green"); + module_param(tuhold, ulong, 0); + MODULE_PARM_DESC(tuhold, "Time to hold between strobing data to Arc board"); +-module_param(irq, uint, 0); ++module_param_hw(irq, uint, irq, 0); + MODULE_PARM_DESC(irq, "IRQ for the Arc board"); + + module_init(arcfb_init); +diff --git a/drivers/video/fbdev/n411.c b/drivers/video/fbdev/n411.c +index 053deacad7cc..a3677313396e 100644 +--- a/drivers/video/fbdev/n411.c ++++ b/drivers/video/fbdev/n411.c +@@ -193,11 +193,11 @@ module_exit(n411_exit); + + module_param(nosplash, uint, 0); + MODULE_PARM_DESC(nosplash, "Disable doing the splash screen"); +-module_param(dio_addr, ulong, 0); ++module_param_hw(dio_addr, ulong, ioport, 0); + MODULE_PARM_DESC(dio_addr, "IO address for data, eg: 0x480"); +-module_param(cio_addr, ulong, 0); ++module_param_hw(cio_addr, ulong, ioport, 0); + MODULE_PARM_DESC(cio_addr, "IO address for control, eg: 0x400"); +-module_param(c2io_addr, ulong, 0); ++module_param_hw(c2io_addr, ulong, ioport, 0); + MODULE_PARM_DESC(c2io_addr, "IO address for secondary control, eg: 0x408"); + module_param(splashval, ulong, 0); + MODULE_PARM_DESC(splashval, "Splash pattern: 0x00 is black, 0x01 is white"); diff --git a/debian/patches/features/all/lockdown/0033-Annotate-hardware-config-module-parameters-in-driver.patch b/debian/patches/features/all/lockdown/0033-Annotate-hardware-config-module-parameters-in-driver.patch new file mode 100644 index 000000000..db39200c2 --- /dev/null +++ b/debian/patches/features/all/lockdown/0033-Annotate-hardware-config-module-parameters-in-driver.patch @@ -0,0 +1,111 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:29 +0100 +Subject: [33/62] Annotate hardware config module parameters in + drivers/watchdog/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=6664038216d98a13d389bc26dfb70859e2c9f9f7 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in drivers/watchdog/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +Reviewed-by: Guenter Roeck +cc: Wim Van Sebroeck +cc: Zwane Mwaikambo +cc: linux-watchdog@vger.kernel.org +--- + drivers/watchdog/cpu5wdt.c | 2 +- + drivers/watchdog/eurotechwdt.c | 4 ++-- + drivers/watchdog/pc87413_wdt.c | 2 +- + drivers/watchdog/sc1200wdt.c | 2 +- + drivers/watchdog/wdt.c | 4 ++-- + 5 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/drivers/watchdog/cpu5wdt.c b/drivers/watchdog/cpu5wdt.c +index 6d03e8e30f8b..6c3f78e45c26 100644 +--- a/drivers/watchdog/cpu5wdt.c ++++ b/drivers/watchdog/cpu5wdt.c +@@ -289,7 +289,7 @@ MODULE_DESCRIPTION("sma cpu5 watchdog driver"); + MODULE_SUPPORTED_DEVICE("sma cpu5 watchdog"); + MODULE_LICENSE("GPL"); + +-module_param(port, int, 0); ++module_param_hw(port, int, ioport, 0); + MODULE_PARM_DESC(port, "base address of watchdog card, default is 0x91"); + + module_param(verbose, int, 0); +diff --git a/drivers/watchdog/eurotechwdt.c b/drivers/watchdog/eurotechwdt.c +index 23ee53240c4c..38e96712264f 100644 +--- a/drivers/watchdog/eurotechwdt.c ++++ b/drivers/watchdog/eurotechwdt.c +@@ -97,9 +97,9 @@ MODULE_PARM_DESC(nowayout, + #define WDT_TIMER_CFG 0xf3 + + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, "Eurotech WDT io port (default=0x3f0)"); +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "Eurotech WDT irq (default=10)"); + module_param(ev, charp, 0); + MODULE_PARM_DESC(ev, "Eurotech WDT event type (default is `int')"); +diff --git a/drivers/watchdog/pc87413_wdt.c b/drivers/watchdog/pc87413_wdt.c +index 9f15dd9435d1..06a892e36a8d 100644 +--- a/drivers/watchdog/pc87413_wdt.c ++++ b/drivers/watchdog/pc87413_wdt.c +@@ -579,7 +579,7 @@ MODULE_AUTHOR("Marcus Junker "); + MODULE_DESCRIPTION("PC87413 WDT driver"); + MODULE_LICENSE("GPL"); + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, MODNAME " I/O port (default: " + __MODULE_STRING(IO_DEFAULT) ")."); + +diff --git a/drivers/watchdog/sc1200wdt.c b/drivers/watchdog/sc1200wdt.c +index 131193a7acdf..b34d3d5ba632 100644 +--- a/drivers/watchdog/sc1200wdt.c ++++ b/drivers/watchdog/sc1200wdt.c +@@ -88,7 +88,7 @@ MODULE_PARM_DESC(isapnp, + "When set to 0 driver ISA PnP support will be disabled"); + #endif + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, "io port"); + module_param(timeout, int, 0); + MODULE_PARM_DESC(timeout, "range is 0-255 minutes, default is 1"); +diff --git a/drivers/watchdog/wdt.c b/drivers/watchdog/wdt.c +index e0206b5b7d89..e481fbbc4ae7 100644 +--- a/drivers/watchdog/wdt.c ++++ b/drivers/watchdog/wdt.c +@@ -78,9 +78,9 @@ static int irq = 11; + + static DEFINE_SPINLOCK(wdt_lock); + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, "WDT io port (default=0x240)"); +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "WDT irq (default=11)"); + + /* Support for the Fan Tachometer on the WDT501-P */ diff --git a/debian/patches/features/all/lockdown/0034-Annotate-hardware-config-module-parameters-in-fs-pst.patch b/debian/patches/features/all/lockdown/0034-Annotate-hardware-config-module-parameters-in-fs-pst.patch new file mode 100644 index 000000000..c2db1b762 --- /dev/null +++ b/debian/patches/features/all/lockdown/0034-Annotate-hardware-config-module-parameters-in-fs-pst.patch @@ -0,0 +1,48 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:29 +0100 +Subject: [34/62] Annotate hardware config module parameters in fs/pstore/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=b68845c3946ffaf3fa58bb156c908a4e4531dcd9 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in fs/pstore/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Anton Vorontsov +cc: Colin Cross +cc: Kees Cook +cc: Tony Luck +--- + fs/pstore/ram.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c +index 11f918d34b1e..cce1d38417ca 100644 +--- a/fs/pstore/ram.c ++++ b/fs/pstore/ram.c +@@ -58,7 +58,7 @@ module_param_named(pmsg_size, ramoops_pmsg_size, ulong, 0400); + MODULE_PARM_DESC(pmsg_size, "size of user space message log"); + + static unsigned long long mem_address; +-module_param(mem_address, ullong, 0400); ++module_param_hw(mem_address, ullong, other, 0400); + MODULE_PARM_DESC(mem_address, + "start of reserved RAM used to store oops/panic logs"); + diff --git a/debian/patches/features/all/lockdown/0035-Annotate-hardware-config-module-parameters-in-sound-.patch b/debian/patches/features/all/lockdown/0035-Annotate-hardware-config-module-parameters-in-sound-.patch new file mode 100644 index 000000000..f45d36d28 --- /dev/null +++ b/debian/patches/features/all/lockdown/0035-Annotate-hardware-config-module-parameters-in-sound-.patch @@ -0,0 +1,84 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:30 +0100 +Subject: [35/62] Annotate hardware config module parameters in sound/drivers/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=75c07d4b39cebaebd1d185077c4d062036e7b967 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in sound/drivers/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Jaroslav Kysela +cc: Takashi Iwai +cc: alsa-devel@alsa-project.org +--- + sound/drivers/mpu401/mpu401.c | 4 ++-- + sound/drivers/mtpav.c | 4 ++-- + sound/drivers/serial-u16550.c | 4 ++-- + 3 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/sound/drivers/mpu401/mpu401.c b/sound/drivers/mpu401/mpu401.c +index fed7e7e2177b..9b86e00d7d95 100644 +--- a/sound/drivers/mpu401/mpu401.c ++++ b/sound/drivers/mpu401/mpu401.c +@@ -53,9 +53,9 @@ MODULE_PARM_DESC(enable, "Enable MPU-401 device."); + module_param_array(pnp, bool, NULL, 0444); + MODULE_PARM_DESC(pnp, "PnP detection for MPU-401 device."); + #endif +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for MPU-401 device."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for MPU-401 device."); + module_param_array(uart_enter, bool, NULL, 0444); + MODULE_PARM_DESC(uart_enter, "Issue UART_ENTER command at open."); +diff --git a/sound/drivers/mtpav.c b/sound/drivers/mtpav.c +index 00b31f92c504..0f6392001e30 100644 +--- a/sound/drivers/mtpav.c ++++ b/sound/drivers/mtpav.c +@@ -86,9 +86,9 @@ module_param(index, int, 0444); + MODULE_PARM_DESC(index, "Index value for MotuMTPAV MIDI."); + module_param(id, charp, 0444); + MODULE_PARM_DESC(id, "ID string for MotuMTPAV MIDI."); +-module_param(port, long, 0444); ++module_param_hw(port, long, ioport, 0444); + MODULE_PARM_DESC(port, "Parallel port # for MotuMTPAV MIDI."); +-module_param(irq, int, 0444); ++module_param_hw(irq, int, irq, 0444); + MODULE_PARM_DESC(irq, "Parallel IRQ # for MotuMTPAV MIDI."); + module_param(hwports, int, 0444); + MODULE_PARM_DESC(hwports, "Hardware ports # for MotuMTPAV MIDI."); +diff --git a/sound/drivers/serial-u16550.c b/sound/drivers/serial-u16550.c +index 60d51ac4ccfe..88e66ea0306d 100644 +--- a/sound/drivers/serial-u16550.c ++++ b/sound/drivers/serial-u16550.c +@@ -84,9 +84,9 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for Serial MIDI."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable UART16550A chip."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for UART16550A chip."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for UART16550A chip."); + module_param_array(speed, int, NULL, 0444); + MODULE_PARM_DESC(speed, "Speed in bauds."); diff --git a/debian/patches/features/all/lockdown/0036-Annotate-hardware-config-module-parameters-in-sound-.patch b/debian/patches/features/all/lockdown/0036-Annotate-hardware-config-module-parameters-in-sound-.patch new file mode 100644 index 000000000..c17e4467f --- /dev/null +++ b/debian/patches/features/all/lockdown/0036-Annotate-hardware-config-module-parameters-in-sound-.patch @@ -0,0 +1,731 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:30 +0100 +Subject: [36/62] Annotate hardware config module parameters in sound/isa/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=b7999a0d338e061fe8319b3860b86efacb12a056 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in sound/isa/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Jaroslav Kysela +cc: Takashi Iwai +cc: alsa-devel@alsa-project.org +--- + sound/isa/ad1848/ad1848.c | 6 +++--- + sound/isa/adlib.c | 2 +- + sound/isa/cmi8328.c | 12 ++++++------ + sound/isa/cmi8330.c | 20 ++++++++++---------- + sound/isa/cs423x/cs4231.c | 12 ++++++------ + sound/isa/cs423x/cs4236.c | 18 +++++++++--------- + sound/isa/es1688/es1688.c | 12 ++++++------ + sound/isa/es18xx.c | 12 ++++++------ + sound/isa/galaxy/galaxy.c | 16 ++++++++-------- + sound/isa/gus/gusclassic.c | 8 ++++---- + sound/isa/gus/gusextreme.c | 16 ++++++++-------- + sound/isa/gus/gusmax.c | 8 ++++---- + sound/isa/gus/interwave.c | 10 +++++----- + sound/isa/msnd/msnd_pinnacle.c | 20 ++++++++++---------- + sound/isa/opl3sa2.c | 16 ++++++++-------- + sound/isa/opti9xx/miro.c | 14 +++++++------- + sound/isa/opti9xx/opti92x-ad1848.c | 14 +++++++------- + sound/isa/sb/jazz16.c | 12 ++++++------ + sound/isa/sb/sb16.c | 14 +++++++------- + sound/isa/sb/sb8.c | 6 +++--- + sound/isa/sc6000.c | 12 ++++++------ + sound/isa/sscape.c | 12 ++++++------ + sound/isa/wavefront/wavefront.c | 18 +++++++++--------- + 23 files changed, 145 insertions(+), 145 deletions(-) + +diff --git a/sound/isa/ad1848/ad1848.c b/sound/isa/ad1848/ad1848.c +index a302d1f8d14f..e739b1c85c25 100644 +--- a/sound/isa/ad1848/ad1848.c ++++ b/sound/isa/ad1848/ad1848.c +@@ -55,11 +55,11 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); + module_param_array(thinkpad, bool, NULL, 0444); + MODULE_PARM_DESC(thinkpad, "Enable only for the onboard CS4248 of IBM Thinkpad 360/750/755 series."); +diff --git a/sound/isa/adlib.c b/sound/isa/adlib.c +index 8d3060fd7ad7..5fb619eca5c8 100644 +--- a/sound/isa/adlib.c ++++ b/sound/isa/adlib.c +@@ -27,7 +27,7 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); + + static int snd_adlib_match(struct device *dev, unsigned int n) +diff --git a/sound/isa/cmi8328.c b/sound/isa/cmi8328.c +index 787475084f46..8e1756c3b9bb 100644 +--- a/sound/isa/cmi8328.c ++++ b/sound/isa/cmi8328.c +@@ -51,18 +51,18 @@ MODULE_PARM_DESC(index, "Index value for CMI8328 soundcard."); + module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for CMI8328 soundcard."); + +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for CMI8328 driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for CMI8328 driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 for CMI8328 driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 for CMI8328 driver."); + +-module_param_array(mpuport, long, NULL, 0444); ++module_param_hw_array(mpuport, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpuport, "MPU-401 port # for CMI8328 driver."); +-module_param_array(mpuirq, int, NULL, 0444); ++module_param_hw_array(mpuirq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpuirq, "IRQ # for CMI8328 MPU-401 port."); + #ifdef SUPPORT_JOYSTICK + module_param_array(gameport, bool, NULL, 0444); +diff --git a/sound/isa/cmi8330.c b/sound/isa/cmi8330.c +index dfedfd85f205..f64b29ab5cc7 100644 +--- a/sound/isa/cmi8330.c ++++ b/sound/isa/cmi8330.c +@@ -95,27 +95,27 @@ module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); + #endif + +-module_param_array(sbport, long, NULL, 0444); ++module_param_hw_array(sbport, long, ioport, NULL, 0444); + MODULE_PARM_DESC(sbport, "Port # for CMI8330/CMI8329 SB driver."); +-module_param_array(sbirq, int, NULL, 0444); ++module_param_hw_array(sbirq, int, irq, NULL, 0444); + MODULE_PARM_DESC(sbirq, "IRQ # for CMI8330/CMI8329 SB driver."); +-module_param_array(sbdma8, int, NULL, 0444); ++module_param_hw_array(sbdma8, int, dma, NULL, 0444); + MODULE_PARM_DESC(sbdma8, "DMA8 for CMI8330/CMI8329 SB driver."); +-module_param_array(sbdma16, int, NULL, 0444); ++module_param_hw_array(sbdma16, int, dma, NULL, 0444); + MODULE_PARM_DESC(sbdma16, "DMA16 for CMI8330/CMI8329 SB driver."); + +-module_param_array(wssport, long, NULL, 0444); ++module_param_hw_array(wssport, long, ioport, NULL, 0444); + MODULE_PARM_DESC(wssport, "Port # for CMI8330/CMI8329 WSS driver."); +-module_param_array(wssirq, int, NULL, 0444); ++module_param_hw_array(wssirq, int, irq, NULL, 0444); + MODULE_PARM_DESC(wssirq, "IRQ # for CMI8330/CMI8329 WSS driver."); +-module_param_array(wssdma, int, NULL, 0444); ++module_param_hw_array(wssdma, int, dma, NULL, 0444); + MODULE_PARM_DESC(wssdma, "DMA for CMI8330/CMI8329 WSS driver."); + +-module_param_array(fmport, long, NULL, 0444); ++module_param_hw_array(fmport, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fmport, "FM port # for CMI8330/CMI8329 driver."); +-module_param_array(mpuport, long, NULL, 0444); ++module_param_hw_array(mpuport, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpuport, "MPU-401 port # for CMI8330/CMI8329 driver."); +-module_param_array(mpuirq, int, NULL, 0444); ++module_param_hw_array(mpuirq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpuirq, "IRQ # for CMI8330/CMI8329 MPU-401 port."); + #ifdef CONFIG_PNP + static int isa_registered; +diff --git a/sound/isa/cs423x/cs4231.c b/sound/isa/cs423x/cs4231.c +index ef7448e9f813..e8edd9017a2f 100644 +--- a/sound/isa/cs423x/cs4231.c ++++ b/sound/isa/cs423x/cs4231.c +@@ -55,17 +55,17 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for " CRD_NAME " driver."); + + static int snd_cs4231_match(struct device *dev, unsigned int n) +diff --git a/sound/isa/cs423x/cs4236.c b/sound/isa/cs423x/cs4236.c +index 9d7582c90a95..1f9a3b2be7a1 100644 +--- a/sound/isa/cs423x/cs4236.c ++++ b/sound/isa/cs423x/cs4236.c +@@ -98,23 +98,23 @@ MODULE_PARM_DESC(enable, "Enable " IDENT " soundcard."); + module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "ISA PnP detection for specified soundcard."); + #endif +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " IDENT " driver."); +-module_param_array(cport, long, NULL, 0444); ++module_param_hw_array(cport, long, ioport, NULL, 0444); + MODULE_PARM_DESC(cport, "Control port # for " IDENT " driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " IDENT " driver."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for " IDENT " driver."); +-module_param_array(sb_port, long, NULL, 0444); ++module_param_hw_array(sb_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(sb_port, "SB port # for " IDENT " driver (optional)."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for " IDENT " driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " IDENT " driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for " IDENT " driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for " IDENT " driver."); + + #ifdef CONFIG_PNP +diff --git a/sound/isa/es1688/es1688.c b/sound/isa/es1688/es1688.c +index 1901c2bb6c3b..36320e7f2789 100644 +--- a/sound/isa/es1688/es1688.c ++++ b/sound/isa/es1688/es1688.c +@@ -71,17 +71,17 @@ module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); + #endif + MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); +-module_param_array(irq, int, NULL, 0444); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for ES1688 driver."); + MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); +-module_param_array(dma8, int, NULL, 0444); ++module_param_hw_array(dma8, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma8, "8-bit DMA # for " CRD_NAME " driver."); + + #ifdef CONFIG_PNP +diff --git a/sound/isa/es18xx.c b/sound/isa/es18xx.c +index 5094b62d8f77..0cabe2b8974f 100644 +--- a/sound/isa/es18xx.c ++++ b/sound/isa/es18xx.c +@@ -1999,17 +1999,17 @@ MODULE_PARM_DESC(enable, "Enable ES18xx soundcard."); + module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); + #endif +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for ES18xx driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for ES18xx driver."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for ES18xx driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for ES18xx driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA 1 # for ES18xx driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA 2 # for ES18xx driver."); + + #ifdef CONFIG_PNP +diff --git a/sound/isa/galaxy/galaxy.c b/sound/isa/galaxy/galaxy.c +index 379abe2cbeb2..b9994cc9f5fb 100644 +--- a/sound/isa/galaxy/galaxy.c ++++ b/sound/isa/galaxy/galaxy.c +@@ -53,21 +53,21 @@ static int mpu_irq[SNDRV_CARDS] = SNDRV_DEFAULT_IRQ; + static int dma1[SNDRV_CARDS] = SNDRV_DEFAULT_DMA; + static int dma2[SNDRV_CARDS] = SNDRV_DEFAULT_DMA; + +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); +-module_param_array(wss_port, long, NULL, 0444); ++module_param_hw_array(wss_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(wss_port, "WSS port # for " CRD_NAME " driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for " CRD_NAME " driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "Playback DMA # for " CRD_NAME " driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "Capture DMA # for " CRD_NAME " driver."); + + /* +diff --git a/sound/isa/gus/gusclassic.c b/sound/isa/gus/gusclassic.c +index c169be49ed71..92a997ab1229 100644 +--- a/sound/isa/gus/gusclassic.c ++++ b/sound/isa/gus/gusclassic.c +@@ -58,13 +58,13 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for " CRD_NAME " driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for " CRD_NAME " driver."); + module_param_array(joystick_dac, int, NULL, 0444); + MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for " CRD_NAME " driver."); +diff --git a/sound/isa/gus/gusextreme.c b/sound/isa/gus/gusextreme.c +index 77ac2fd723b4..beb52c0f70ea 100644 +--- a/sound/isa/gus/gusextreme.c ++++ b/sound/isa/gus/gusextreme.c +@@ -66,21 +66,21 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for " CRD_NAME " soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable " CRD_NAME " soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for " CRD_NAME " driver."); +-module_param_array(gf1_port, long, NULL, 0444); ++module_param_hw_array(gf1_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(gf1_port, "GF1 port # for " CRD_NAME " driver (optional)."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for " CRD_NAME " driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for " CRD_NAME " driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for " CRD_NAME " driver."); +-module_param_array(gf1_irq, int, NULL, 0444); ++module_param_hw_array(gf1_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(gf1_irq, "GF1 IRQ # for " CRD_NAME " driver."); +-module_param_array(dma8, int, NULL, 0444); ++module_param_hw_array(dma8, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma8, "8-bit DMA # for " CRD_NAME " driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "GF1 DMA # for " CRD_NAME " driver."); + module_param_array(joystick_dac, int, NULL, 0444); + MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for " CRD_NAME " driver."); +diff --git a/sound/isa/gus/gusmax.c b/sound/isa/gus/gusmax.c +index dd88c9d33492..63309a453140 100644 +--- a/sound/isa/gus/gusmax.c ++++ b/sound/isa/gus/gusmax.c +@@ -56,13 +56,13 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for GUS MAX soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable GUS MAX soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for GUS MAX driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for GUS MAX driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for GUS MAX driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for GUS MAX driver."); + module_param_array(joystick_dac, int, NULL, 0444); + MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for GUS MAX driver."); +diff --git a/sound/isa/gus/interwave.c b/sound/isa/gus/interwave.c +index 70d0040484c8..0687b7ef3e53 100644 +--- a/sound/isa/gus/interwave.c ++++ b/sound/isa/gus/interwave.c +@@ -92,17 +92,17 @@ MODULE_PARM_DESC(enable, "Enable InterWave soundcard."); + module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "ISA PnP detection for specified soundcard."); + #endif +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for InterWave driver."); + #ifdef SNDRV_STB +-module_param_array(port_tc, long, NULL, 0444); ++module_param_hw_array(port_tc, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port_tc, "Tone control (TEA6330T - i2c bus) port # for InterWave driver."); + #endif +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for InterWave driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for InterWave driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for InterWave driver."); + module_param_array(joystick_dac, int, NULL, 0444); + MODULE_PARM_DESC(joystick_dac, "Joystick DAC level 0.59V-4.52V or 0.389V-2.98V for InterWave driver."); +diff --git a/sound/isa/msnd/msnd_pinnacle.c b/sound/isa/msnd/msnd_pinnacle.c +index 4c072666115d..ad4897337df5 100644 +--- a/sound/isa/msnd/msnd_pinnacle.c ++++ b/sound/isa/msnd/msnd_pinnacle.c +@@ -800,22 +800,22 @@ MODULE_LICENSE("GPL"); + MODULE_FIRMWARE(INITCODEFILE); + MODULE_FIRMWARE(PERMCODEFILE); + +-module_param_array(io, long, NULL, S_IRUGO); ++module_param_hw_array(io, long, ioport, NULL, S_IRUGO); + MODULE_PARM_DESC(io, "IO port #"); +-module_param_array(irq, int, NULL, S_IRUGO); +-module_param_array(mem, long, NULL, S_IRUGO); ++module_param_hw_array(irq, int, irq, NULL, S_IRUGO); ++module_param_hw_array(mem, long, iomem, NULL, S_IRUGO); + module_param_array(write_ndelay, int, NULL, S_IRUGO); + module_param(calibrate_signal, int, S_IRUGO); + #ifndef MSND_CLASSIC + module_param_array(digital, int, NULL, S_IRUGO); +-module_param_array(cfg, long, NULL, S_IRUGO); ++module_param_hw_array(cfg, long, ioport, NULL, S_IRUGO); + module_param_array(reset, int, 0, S_IRUGO); +-module_param_array(mpu_io, long, NULL, S_IRUGO); +-module_param_array(mpu_irq, int, NULL, S_IRUGO); +-module_param_array(ide_io0, long, NULL, S_IRUGO); +-module_param_array(ide_io1, long, NULL, S_IRUGO); +-module_param_array(ide_irq, int, NULL, S_IRUGO); +-module_param_array(joystick_io, long, NULL, S_IRUGO); ++module_param_hw_array(mpu_io, long, ioport, NULL, S_IRUGO); ++module_param_hw_array(mpu_irq, int, irq, NULL, S_IRUGO); ++module_param_hw_array(ide_io0, long, ioport, NULL, S_IRUGO); ++module_param_hw_array(ide_io1, long, ioport, NULL, S_IRUGO); ++module_param_hw_array(ide_irq, int, irq, NULL, S_IRUGO); ++module_param_hw_array(joystick_io, long, ioport, NULL, S_IRUGO); + #endif + + +diff --git a/sound/isa/opl3sa2.c b/sound/isa/opl3sa2.c +index ae133633a420..4098e3e0353d 100644 +--- a/sound/isa/opl3sa2.c ++++ b/sound/isa/opl3sa2.c +@@ -69,21 +69,21 @@ MODULE_PARM_DESC(enable, "Enable OPL3-SA soundcard."); + module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); + #endif +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for OPL3-SA driver."); +-module_param_array(sb_port, long, NULL, 0444); ++module_param_hw_array(sb_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(sb_port, "SB port # for OPL3-SA driver."); +-module_param_array(wss_port, long, NULL, 0444); ++module_param_hw_array(wss_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(wss_port, "WSS port # for OPL3-SA driver."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for OPL3-SA driver."); +-module_param_array(midi_port, long, NULL, 0444); ++module_param_hw_array(midi_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(midi_port, "MIDI port # for OPL3-SA driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for OPL3-SA driver."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for OPL3-SA driver."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for OPL3-SA driver."); + module_param_array(opl3sa3_ymode, int, NULL, 0444); + MODULE_PARM_DESC(opl3sa3_ymode, "Speaker size selection for 3D Enhancement mode: Desktop/Large Notebook/Small Notebook/HiFi."); +diff --git a/sound/isa/opti9xx/miro.c b/sound/isa/opti9xx/miro.c +index 3a9067db1a84..bcbff56f060d 100644 +--- a/sound/isa/opti9xx/miro.c ++++ b/sound/isa/opti9xx/miro.c +@@ -69,19 +69,19 @@ module_param(index, int, 0444); + MODULE_PARM_DESC(index, "Index value for miro soundcard."); + module_param(id, charp, 0444); + MODULE_PARM_DESC(id, "ID string for miro soundcard."); +-module_param(port, long, 0444); ++module_param_hw(port, long, ioport, 0444); + MODULE_PARM_DESC(port, "WSS port # for miro driver."); +-module_param(mpu_port, long, 0444); ++module_param_hw(mpu_port, long, ioport, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for miro driver."); +-module_param(fm_port, long, 0444); ++module_param_hw(fm_port, long, ioport, 0444); + MODULE_PARM_DESC(fm_port, "FM Port # for miro driver."); +-module_param(irq, int, 0444); ++module_param_hw(irq, int, irq, 0444); + MODULE_PARM_DESC(irq, "WSS irq # for miro driver."); +-module_param(mpu_irq, int, 0444); ++module_param_hw(mpu_irq, int, irq, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 irq # for miro driver."); +-module_param(dma1, int, 0444); ++module_param_hw(dma1, int, dma, 0444); + MODULE_PARM_DESC(dma1, "1st dma # for miro driver."); +-module_param(dma2, int, 0444); ++module_param_hw(dma2, int, dma, 0444); + MODULE_PARM_DESC(dma2, "2nd dma # for miro driver."); + module_param(wss, int, 0444); + MODULE_PARM_DESC(wss, "wss mode"); +diff --git a/sound/isa/opti9xx/opti92x-ad1848.c b/sound/isa/opti9xx/opti92x-ad1848.c +index 0a5266003786..ceddb392b1e3 100644 +--- a/sound/isa/opti9xx/opti92x-ad1848.c ++++ b/sound/isa/opti9xx/opti92x-ad1848.c +@@ -88,20 +88,20 @@ MODULE_PARM_DESC(id, "ID string for opti9xx based soundcard."); + module_param(isapnp, bool, 0444); + MODULE_PARM_DESC(isapnp, "Enable ISA PnP detection for specified soundcard."); + #endif +-module_param(port, long, 0444); ++module_param_hw(port, long, ioport, 0444); + MODULE_PARM_DESC(port, "WSS port # for opti9xx driver."); +-module_param(mpu_port, long, 0444); ++module_param_hw(mpu_port, long, ioport, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for opti9xx driver."); +-module_param(fm_port, long, 0444); ++module_param_hw(fm_port, long, ioport, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for opti9xx driver."); +-module_param(irq, int, 0444); ++module_param_hw(irq, int, irq, 0444); + MODULE_PARM_DESC(irq, "WSS irq # for opti9xx driver."); +-module_param(mpu_irq, int, 0444); ++module_param_hw(mpu_irq, int, irq, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 irq # for opti9xx driver."); +-module_param(dma1, int, 0444); ++module_param_hw(dma1, int, dma, 0444); + MODULE_PARM_DESC(dma1, "1st dma # for opti9xx driver."); + #if defined(CS4231) || defined(OPTi93X) +-module_param(dma2, int, 0444); ++module_param_hw(dma2, int, dma, 0444); + MODULE_PARM_DESC(dma2, "2nd dma # for opti9xx driver."); + #endif /* CS4231 || OPTi93X */ + +diff --git a/sound/isa/sb/jazz16.c b/sound/isa/sb/jazz16.c +index 4d909971eedb..bfa0055e1fd6 100644 +--- a/sound/isa/sb/jazz16.c ++++ b/sound/isa/sb/jazz16.c +@@ -50,17 +50,17 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for Media Vision Jazz16 based soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable Media Vision Jazz16 based soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for jazz16 driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for jazz16 driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for jazz16 driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for jazz16 driver."); +-module_param_array(dma8, int, NULL, 0444); ++module_param_hw_array(dma8, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma8, "DMA8 # for jazz16 driver."); +-module_param_array(dma16, int, NULL, 0444); ++module_param_hw_array(dma16, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma16, "DMA16 # for jazz16 driver."); + + #define SB_JAZZ16_WAKEUP 0xaf +diff --git a/sound/isa/sb/sb16.c b/sound/isa/sb/sb16.c +index 4a7d7c89808f..3b2e4f405ff2 100644 +--- a/sound/isa/sb/sb16.c ++++ b/sound/isa/sb/sb16.c +@@ -99,21 +99,21 @@ MODULE_PARM_DESC(enable, "Enable SoundBlaster 16 soundcard."); + module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "PnP detection for specified soundcard."); + #endif +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for SB16 driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for SB16 driver."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port # for SB16 PnP driver."); + #ifdef SNDRV_SBAWE_EMU8000 +-module_param_array(awe_port, long, NULL, 0444); ++module_param_hw_array(awe_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(awe_port, "AWE port # for SB16 PnP driver."); + #endif +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for SB16 driver."); +-module_param_array(dma8, int, NULL, 0444); ++module_param_hw_array(dma8, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma8, "8-bit DMA # for SB16 driver."); +-module_param_array(dma16, int, NULL, 0444); ++module_param_hw_array(dma16, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma16, "16-bit DMA # for SB16 driver."); + module_param_array(mic_agc, int, NULL, 0444); + MODULE_PARM_DESC(mic_agc, "Mic Auto-Gain-Control switch."); +diff --git a/sound/isa/sb/sb8.c b/sound/isa/sb/sb8.c +index ad42d2364199..d77dcba276b5 100644 +--- a/sound/isa/sb/sb8.c ++++ b/sound/isa/sb/sb8.c +@@ -47,11 +47,11 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for Sound Blaster soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable Sound Blaster soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for SB8 driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for SB8 driver."); +-module_param_array(dma8, int, NULL, 0444); ++module_param_hw_array(dma8, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma8, "8-bit DMA # for SB8 driver."); + + struct snd_sb8 { +diff --git a/sound/isa/sc6000.c b/sound/isa/sc6000.c +index b61a6633d8f2..c09d9b914efe 100644 +--- a/sound/isa/sc6000.c ++++ b/sound/isa/sc6000.c +@@ -64,17 +64,17 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for sc-6000 based soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable sc-6000 based soundcard."); +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for sc-6000 driver."); +-module_param_array(mss_port, long, NULL, 0444); ++module_param_hw_array(mss_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mss_port, "MSS Port # for sc-6000 driver."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port # for sc-6000 driver."); +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for sc-6000 driver."); +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ # for sc-6000 driver."); +-module_param_array(dma, int, NULL, 0444); ++module_param_hw_array(dma, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma, "DMA # for sc-6000 driver."); + module_param_array(joystick, bool, NULL, 0444); + MODULE_PARM_DESC(joystick, "Enable gameport."); +diff --git a/sound/isa/sscape.c b/sound/isa/sscape.c +index fdcfa29e2205..54f5758a1bb3 100644 +--- a/sound/isa/sscape.c ++++ b/sound/isa/sscape.c +@@ -63,22 +63,22 @@ MODULE_PARM_DESC(index, "Index number for SoundScape soundcard"); + module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "Description for SoundScape card"); + +-module_param_array(port, long, NULL, 0444); ++module_param_hw_array(port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(port, "Port # for SoundScape driver."); + +-module_param_array(wss_port, long, NULL, 0444); ++module_param_hw_array(wss_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(wss_port, "WSS Port # for SoundScape driver."); + +-module_param_array(irq, int, NULL, 0444); ++module_param_hw_array(irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(irq, "IRQ # for SoundScape driver."); + +-module_param_array(mpu_irq, int, NULL, 0444); ++module_param_hw_array(mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(mpu_irq, "MPU401 IRQ # for SoundScape driver."); + +-module_param_array(dma, int, NULL, 0444); ++module_param_hw_array(dma, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma, "DMA # for SoundScape driver."); + +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for SoundScape driver."); + + module_param_array(joystick, bool, NULL, 0444); +diff --git a/sound/isa/wavefront/wavefront.c b/sound/isa/wavefront/wavefront.c +index a0987a57c8a9..da4e9a85f0af 100644 +--- a/sound/isa/wavefront/wavefront.c ++++ b/sound/isa/wavefront/wavefront.c +@@ -63,23 +63,23 @@ MODULE_PARM_DESC(enable, "Enable WaveFront soundcard."); + module_param_array(isapnp, bool, NULL, 0444); + MODULE_PARM_DESC(isapnp, "ISA PnP detection for WaveFront soundcards."); + #endif +-module_param_array(cs4232_pcm_port, long, NULL, 0444); ++module_param_hw_array(cs4232_pcm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(cs4232_pcm_port, "Port # for CS4232 PCM interface."); +-module_param_array(cs4232_pcm_irq, int, NULL, 0444); ++module_param_hw_array(cs4232_pcm_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(cs4232_pcm_irq, "IRQ # for CS4232 PCM interface."); +-module_param_array(dma1, int, NULL, 0444); ++module_param_hw_array(dma1, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma1, "DMA1 # for CS4232 PCM interface."); +-module_param_array(dma2, int, NULL, 0444); ++module_param_hw_array(dma2, int, dma, NULL, 0444); + MODULE_PARM_DESC(dma2, "DMA2 # for CS4232 PCM interface."); +-module_param_array(cs4232_mpu_port, long, NULL, 0444); ++module_param_hw_array(cs4232_mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(cs4232_mpu_port, "port # for CS4232 MPU-401 interface."); +-module_param_array(cs4232_mpu_irq, int, NULL, 0444); ++module_param_hw_array(cs4232_mpu_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(cs4232_mpu_irq, "IRQ # for CS4232 MPU-401 interface."); +-module_param_array(ics2115_irq, int, NULL, 0444); ++module_param_hw_array(ics2115_irq, int, irq, NULL, 0444); + MODULE_PARM_DESC(ics2115_irq, "IRQ # for ICS2115."); +-module_param_array(ics2115_port, long, NULL, 0444); ++module_param_hw_array(ics2115_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(ics2115_port, "Port # for ICS2115."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port #."); + module_param_array(use_cs4232_midi, bool, NULL, 0444); + MODULE_PARM_DESC(use_cs4232_midi, "Use CS4232 MPU-401 interface (inaccessibly located inside your computer)"); diff --git a/debian/patches/features/all/lockdown/0037-Annotate-hardware-config-module-parameters-in-sound-.patch b/debian/patches/features/all/lockdown/0037-Annotate-hardware-config-module-parameters-in-sound-.patch new file mode 100644 index 000000000..5ca0751d3 --- /dev/null +++ b/debian/patches/features/all/lockdown/0037-Annotate-hardware-config-module-parameters-in-sound-.patch @@ -0,0 +1,320 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:30 +0100 +Subject: [37/62] Annotate hardware config module parameters in sound/oss/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=aa247badbbe86b0d25ccd7050b375938632fc407 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in sound/oss/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Jaroslav Kysela +cc: Takashi Iwai +cc: Riccardo Facchetti +cc: Andrew Veliath +cc: alsa-devel@alsa-project.org +--- + sound/oss/ad1848.c | 8 ++++---- + sound/oss/aedsp16.c | 12 ++++++------ + sound/oss/mpu401.c | 4 ++-- + sound/oss/msnd_pinnacle.c | 20 ++++++++++---------- + sound/oss/opl3.c | 2 +- + sound/oss/pas2_card.c | 18 +++++++++--------- + sound/oss/pss.c | 14 +++++++------- + sound/oss/sb_card.c | 10 +++++----- + sound/oss/trix.c | 18 +++++++++--------- + sound/oss/uart401.c | 4 ++-- + sound/oss/uart6850.c | 4 ++-- + sound/oss/waveartist.c | 8 ++++---- + 12 files changed, 61 insertions(+), 61 deletions(-) + +diff --git a/sound/oss/ad1848.c b/sound/oss/ad1848.c +index f6156d8169d0..2421f59cf279 100644 +--- a/sound/oss/ad1848.c ++++ b/sound/oss/ad1848.c +@@ -2805,10 +2805,10 @@ static int __initdata dma = -1; + static int __initdata dma2 = -1; + static int __initdata type = 0; + +-module_param(io, int, 0); /* I/O for a raw AD1848 card */ +-module_param(irq, int, 0); /* IRQ to use */ +-module_param(dma, int, 0); /* First DMA channel */ +-module_param(dma2, int, 0); /* Second DMA channel */ ++module_param_hw(io, int, ioport, 0); /* I/O for a raw AD1848 card */ ++module_param_hw(irq, int, irq, 0); /* IRQ to use */ ++module_param_hw(dma, int, dma, 0); /* First DMA channel */ ++module_param_hw(dma2, int, dma, 0); /* Second DMA channel */ + module_param(type, int, 0); /* Card type */ + module_param(deskpro_xl, bool, 0); /* Special magic for Deskpro XL boxen */ + module_param(deskpro_m, bool, 0); /* Special magic for Deskpro M box */ +diff --git a/sound/oss/aedsp16.c b/sound/oss/aedsp16.c +index bb477d5c8528..f058ed6bdb69 100644 +--- a/sound/oss/aedsp16.c ++++ b/sound/oss/aedsp16.c +@@ -1303,17 +1303,17 @@ static int __initdata mpu_irq = -1; + static int __initdata mss_base = -1; + static int __initdata mpu_base = -1; + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + MODULE_PARM_DESC(io, "I/O base address (0x220 0x240)"); +-module_param(irq, int, 0); ++module_param_hw(irq, int, irq, 0); + MODULE_PARM_DESC(irq, "IRQ line (5 7 9 10 11)"); +-module_param(dma, int, 0); ++module_param_hw(dma, int, dma, 0); + MODULE_PARM_DESC(dma, "dma line (0 1 3)"); +-module_param(mpu_irq, int, 0); ++module_param_hw(mpu_irq, int, irq, 0); + MODULE_PARM_DESC(mpu_irq, "MPU-401 IRQ line (5 7 9 10 0)"); +-module_param(mss_base, int, 0); ++module_param_hw(mss_base, int, ioport, 0); + MODULE_PARM_DESC(mss_base, "MSS emulation I/O base address (0x530 0xE80)"); +-module_param(mpu_base, int, 0); ++module_param_hw(mpu_base, int, ioport, 0); + MODULE_PARM_DESC(mpu_base,"MPU-401 I/O base address (0x300 0x310 0x320 0x330)"); + MODULE_AUTHOR("Riccardo Facchetti "); + MODULE_DESCRIPTION("Audio Excel DSP 16 Driver Version " VERSION); +diff --git a/sound/oss/mpu401.c b/sound/oss/mpu401.c +index 862735005b43..20e8fa46f647 100644 +--- a/sound/oss/mpu401.c ++++ b/sound/oss/mpu401.c +@@ -1748,8 +1748,8 @@ static struct address_info cfg; + static int io = -1; + static int irq = -1; + +-module_param(irq, int, 0); +-module_param(io, int, 0); ++module_param_hw(irq, int, irq, 0); ++module_param_hw(io, int, ioport, 0); + + static int __init init_mpu401(void) + { +diff --git a/sound/oss/msnd_pinnacle.c b/sound/oss/msnd_pinnacle.c +index f34ec01d2239..d2abc2cf3213 100644 +--- a/sound/oss/msnd_pinnacle.c ++++ b/sound/oss/msnd_pinnacle.c +@@ -1727,22 +1727,22 @@ static int + calibrate_signal __initdata = CONFIG_MSND_CALSIGNAL; + #endif /* MODULE */ + +-module_param (io, int, 0); +-module_param (irq, int, 0); +-module_param (mem, int, 0); ++module_param_hw (io, int, ioport, 0); ++module_param_hw (irq, int, irq, 0); ++module_param_hw (mem, int, iomem, 0); + module_param (write_ndelay, int, 0); + module_param (fifosize, int, 0); + module_param (calibrate_signal, int, 0); + #ifndef MSND_CLASSIC + module_param (digital, bool, 0); +-module_param (cfg, int, 0); ++module_param_hw (cfg, int, ioport, 0); + module_param (reset, int, 0); +-module_param (mpu_io, int, 0); +-module_param (mpu_irq, int, 0); +-module_param (ide_io0, int, 0); +-module_param (ide_io1, int, 0); +-module_param (ide_irq, int, 0); +-module_param (joystick_io, int, 0); ++module_param_hw (mpu_io, int, ioport, 0); ++module_param_hw (mpu_irq, int, irq, 0); ++module_param_hw (ide_io0, int, ioport, 0); ++module_param_hw (ide_io1, int, ioport, 0); ++module_param_hw (ide_irq, int, irq, 0); ++module_param_hw (joystick_io, int, ioport, 0); + #endif + + static int __init msnd_init(void) +diff --git a/sound/oss/opl3.c b/sound/oss/opl3.c +index b6d19adf8f41..f0f5b5be6314 100644 +--- a/sound/oss/opl3.c ++++ b/sound/oss/opl3.c +@@ -1200,7 +1200,7 @@ static int me; + + static int io = -1; + +-module_param(io, int, 0); ++module_param_hw(io, int, ioport, 0); + + static int __init init_opl3 (void) + { +diff --git a/sound/oss/pas2_card.c b/sound/oss/pas2_card.c +index b07954a79536..769fca692d2a 100644 +--- a/sound/oss/pas2_card.c ++++ b/sound/oss/pas2_card.c +@@ -383,15 +383,15 @@ static int __initdata sb_irq = -1; + static int __initdata sb_dma = -1; + static int __initdata sb_dma16 = -1; + +-module_param(io, int, 0); +-module_param(irq, int, 0); +-module_param(dma, int, 0); +-module_param(dma16, int, 0); +- +-module_param(sb_io, int, 0); +-module_param(sb_irq, int, 0); +-module_param(sb_dma, int, 0); +-module_param(sb_dma16, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); ++module_param_hw(dma, int, dma, 0); ++module_param_hw(dma16, int, dma, 0); ++ ++module_param_hw(sb_io, int, ioport, 0); ++module_param_hw(sb_irq, int, irq, 0); ++module_param_hw(sb_dma, int, dma, 0); ++module_param_hw(sb_dma16, int, dma, 0); + + module_param(joystick, bool, 0); + module_param(symphony, bool, 0); +diff --git a/sound/oss/pss.c b/sound/oss/pss.c +index 81314f9e2ccb..33c3a442e162 100644 +--- a/sound/oss/pss.c ++++ b/sound/oss/pss.c +@@ -1139,19 +1139,19 @@ static bool pss_no_sound = 0; /* Just configure non-sound components */ + static bool pss_keep_settings = 1; /* Keep hardware settings at module exit */ + static char *pss_firmware = "/etc/sound/pss_synth"; + +-module_param(pss_io, int, 0); ++module_param_hw(pss_io, int, ioport, 0); + MODULE_PARM_DESC(pss_io, "Set i/o base of PSS card (probably 0x220 or 0x240)"); +-module_param(mss_io, int, 0); ++module_param_hw(mss_io, int, ioport, 0); + MODULE_PARM_DESC(mss_io, "Set WSS (audio) i/o base (0x530, 0x604, 0xE80, 0xF40, or other. Address must end in 0 or 4 and must be from 0x100 to 0xFF4)"); +-module_param(mss_irq, int, 0); ++module_param_hw(mss_irq, int, irq, 0); + MODULE_PARM_DESC(mss_irq, "Set WSS (audio) IRQ (3, 5, 7, 9, 10, 11, 12)"); +-module_param(mss_dma, int, 0); ++module_param_hw(mss_dma, int, dma, 0); + MODULE_PARM_DESC(mss_dma, "Set WSS (audio) DMA (0, 1, 3)"); +-module_param(mpu_io, int, 0); ++module_param_hw(mpu_io, int, ioport, 0); + MODULE_PARM_DESC(mpu_io, "Set MIDI i/o base (0x330 or other. Address must be on 4 location boundaries and must be from 0x100 to 0xFFC)"); +-module_param(mpu_irq, int, 0); ++module_param_hw(mpu_irq, int, irq, 0); + MODULE_PARM_DESC(mpu_irq, "Set MIDI IRQ (3, 5, 7, 9, 10, 11, 12)"); +-module_param(pss_cdrom_port, int, 0); ++module_param_hw(pss_cdrom_port, int, ioport, 0); + MODULE_PARM_DESC(pss_cdrom_port, "Set the PSS CDROM port i/o base (0x340 or other)"); + module_param(pss_enable_joystick, bool, 0); + MODULE_PARM_DESC(pss_enable_joystick, "Enables the PSS joystick port (1 to enable, 0 to disable)"); +diff --git a/sound/oss/sb_card.c b/sound/oss/sb_card.c +index fb5d7250de38..2a92cfe6cfe9 100644 +--- a/sound/oss/sb_card.c ++++ b/sound/oss/sb_card.c +@@ -61,15 +61,15 @@ static int __initdata uart401 = 0; + static int __initdata pnp = 0; + #endif + +-module_param(io, int, 000); ++module_param_hw(io, int, ioport, 000); + MODULE_PARM_DESC(io, "Soundblaster i/o base address (0x220,0x240,0x260,0x280)"); +-module_param(irq, int, 000); ++module_param_hw(irq, int, irq, 000); + MODULE_PARM_DESC(irq, "IRQ (5,7,9,10)"); +-module_param(dma, int, 000); ++module_param_hw(dma, int, dma, 000); + MODULE_PARM_DESC(dma, "8-bit DMA channel (0,1,3)"); +-module_param(dma16, int, 000); ++module_param_hw(dma16, int, dma, 000); + MODULE_PARM_DESC(dma16, "16-bit DMA channel (5,6,7)"); +-module_param(mpu_io, int, 000); ++module_param_hw(mpu_io, int, ioport, 000); + MODULE_PARM_DESC(mpu_io, "MPU base address"); + module_param(type, int, 000); + MODULE_PARM_DESC(type, "You can set this to specific card type (doesn't " \ +diff --git a/sound/oss/trix.c b/sound/oss/trix.c +index 3c494dc93b93..a57bc635d758 100644 +--- a/sound/oss/trix.c ++++ b/sound/oss/trix.c +@@ -413,15 +413,15 @@ static int __initdata sb_irq = -1; + static int __initdata mpu_io = -1; + static int __initdata mpu_irq = -1; + +-module_param(io, int, 0); +-module_param(irq, int, 0); +-module_param(dma, int, 0); +-module_param(dma2, int, 0); +-module_param(sb_io, int, 0); +-module_param(sb_dma, int, 0); +-module_param(sb_irq, int, 0); +-module_param(mpu_io, int, 0); +-module_param(mpu_irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); ++module_param_hw(dma, int, dma, 0); ++module_param_hw(dma2, int, dma, 0); ++module_param_hw(sb_io, int, ioport, 0); ++module_param_hw(sb_dma, int, dma, 0); ++module_param_hw(sb_irq, int, irq, 0); ++module_param_hw(mpu_io, int, ioport, 0); ++module_param_hw(mpu_irq, int, irq, 0); + module_param(joystick, bool, 0); + + static int __init init_trix(void) +diff --git a/sound/oss/uart401.c b/sound/oss/uart401.c +index dae4d4344407..83dcc85b8688 100644 +--- a/sound/oss/uart401.c ++++ b/sound/oss/uart401.c +@@ -429,8 +429,8 @@ static struct address_info cfg_mpu; + static int io = -1; + static int irq = -1; + +-module_param(io, int, 0444); +-module_param(irq, int, 0444); ++module_param_hw(io, int, ioport, 0444); ++module_param_hw(irq, int, irq, 0444); + + + static int __init init_uart401(void) +diff --git a/sound/oss/uart6850.c b/sound/oss/uart6850.c +index 1079133dd6ab..eda32d7eddbd 100644 +--- a/sound/oss/uart6850.c ++++ b/sound/oss/uart6850.c +@@ -315,8 +315,8 @@ static struct address_info cfg_mpu; + static int __initdata io = -1; + static int __initdata irq = -1; + +-module_param(io, int, 0); +-module_param(irq, int, 0); ++module_param_hw(io, int, ioport, 0); ++module_param_hw(irq, int, irq, 0); + + static int __init init_uart6850(void) + { +diff --git a/sound/oss/waveartist.c b/sound/oss/waveartist.c +index 0b8d0de87273..4f0c3a232e41 100644 +--- a/sound/oss/waveartist.c ++++ b/sound/oss/waveartist.c +@@ -2036,8 +2036,8 @@ __setup("waveartist=", setup_waveartist); + #endif + + MODULE_DESCRIPTION("Rockwell WaveArtist RWA-010 sound driver"); +-module_param(io, int, 0); /* IO base */ +-module_param(irq, int, 0); /* IRQ */ +-module_param(dma, int, 0); /* DMA */ +-module_param(dma2, int, 0); /* DMA2 */ ++module_param_hw(io, int, ioport, 0); /* IO base */ ++module_param_hw(irq, int, irq, 0); /* IRQ */ ++module_param_hw(dma, int, dma, 0); /* DMA */ ++module_param_hw(dma2, int, dma, 0); /* DMA2 */ + MODULE_LICENSE("GPL"); diff --git a/debian/patches/features/all/lockdown/0038-Annotate-hardware-config-module-parameters-in-sound-.patch b/debian/patches/features/all/lockdown/0038-Annotate-hardware-config-module-parameters-in-sound-.patch new file mode 100644 index 000000000..9cdf36967 --- /dev/null +++ b/debian/patches/features/all/lockdown/0038-Annotate-hardware-config-module-parameters-in-sound-.patch @@ -0,0 +1,154 @@ +From: David Howells +Date: Tue, 4 Apr 2017 16:54:30 +0100 +Subject: [38/62] Annotate hardware config module parameters in sound/pci/ +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=625c33b384a0f2e3ac63d6d513e389d4e290b667 + +When the kernel is running in secure boot mode, we lock down the kernel to +prevent userspace from modifying the running kernel image. Whilst this +includes prohibiting access to things like /dev/mem, it must also prevent +access by means of configuring driver modules in such a way as to cause a +device to access or modify the kernel image. + +To this end, annotate module_param* statements that refer to hardware +configuration and indicate for future reference what type of parameter they +specify. The parameter parser in the core sees this information and can +skip such parameters with an error message if the kernel is locked down. +The module initialisation then runs as normal, but just sees whatever the +default values for those parameters is. + +Note that we do still need to do the module initialisation because some +drivers have viable defaults set in case parameters aren't specified and +some drivers support automatic configuration (e.g. PNP or PCI) in addition +to manually coded parameters. + +This patch annotates drivers in sound/pci/. + +Suggested-by: Alan Cox +Signed-off-by: David Howells +cc: Jaroslav Kysela +cc: Takashi Iwai +cc: alsa-devel@alsa-project.org +--- + sound/pci/als4000.c | 2 +- + sound/pci/cmipci.c | 6 +++--- + sound/pci/ens1370.c | 2 +- + sound/pci/riptide/riptide.c | 6 +++--- + sound/pci/sonicvibes.c | 2 +- + sound/pci/via82xx.c | 2 +- + sound/pci/ymfpci/ymfpci.c | 6 +++--- + 7 files changed, 13 insertions(+), 13 deletions(-) + +diff --git a/sound/pci/als4000.c b/sound/pci/als4000.c +index 92bc06d01288..7844a75d8ed9 100644 +--- a/sound/pci/als4000.c ++++ b/sound/pci/als4000.c +@@ -102,7 +102,7 @@ MODULE_PARM_DESC(id, "ID string for ALS4000 soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable ALS4000 soundcard."); + #ifdef SUPPORT_JOYSTICK +-module_param_array(joystick_port, int, NULL, 0444); ++module_param_hw_array(joystick_port, int, ioport, NULL, 0444); + MODULE_PARM_DESC(joystick_port, "Joystick port address for ALS4000 soundcard. (0 = disabled)"); + #endif + +diff --git a/sound/pci/cmipci.c b/sound/pci/cmipci.c +index aeedc270ed9b..430f064c64da 100644 +--- a/sound/pci/cmipci.c ++++ b/sound/pci/cmipci.c +@@ -68,14 +68,14 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for C-Media PCI soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable C-Media PCI soundcard."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM port."); + module_param_array(soft_ac3, bool, NULL, 0444); + MODULE_PARM_DESC(soft_ac3, "Software-conversion of raw SPDIF packets (model 033 only)."); + #ifdef SUPPORT_JOYSTICK +-module_param_array(joystick_port, int, NULL, 0444); ++module_param_hw_array(joystick_port, int, ioport, NULL, 0444); + MODULE_PARM_DESC(joystick_port, "Joystick port address."); + #endif + +diff --git a/sound/pci/ens1370.c b/sound/pci/ens1370.c +index 164adad91650..90376739c5e1 100644 +--- a/sound/pci/ens1370.c ++++ b/sound/pci/ens1370.c +@@ -106,7 +106,7 @@ module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable Ensoniq AudioPCI soundcard."); + #ifdef SUPPORT_JOYSTICK + #ifdef CHIP1371 +-module_param_array(joystick_port, int, NULL, 0444); ++module_param_hw_array(joystick_port, int, ioport, NULL, 0444); + MODULE_PARM_DESC(joystick_port, "Joystick port address."); + #else + module_param_array(joystick, bool, NULL, 0444); +diff --git a/sound/pci/riptide/riptide.c b/sound/pci/riptide/riptide.c +index 19c9df6b0f3d..f067c76d77f8 100644 +--- a/sound/pci/riptide/riptide.c ++++ b/sound/pci/riptide/riptide.c +@@ -137,12 +137,12 @@ MODULE_PARM_DESC(id, "ID string for Riptide soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable Riptide soundcard."); + #ifdef SUPPORT_JOYSTICK +-module_param_array(joystick_port, int, NULL, 0444); ++module_param_hw_array(joystick_port, int, ioport, NULL, 0444); + MODULE_PARM_DESC(joystick_port, "Joystick port # for Riptide soundcard."); + #endif +-module_param_array(mpu_port, int, NULL, 0444); ++module_param_hw_array(mpu_port, int, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU401 port # for Riptide driver."); +-module_param_array(opl3_port, int, NULL, 0444); ++module_param_hw_array(opl3_port, int, ioport, NULL, 0444); + MODULE_PARM_DESC(opl3_port, "OPL3 port # for Riptide driver."); + + /* +diff --git a/sound/pci/sonicvibes.c b/sound/pci/sonicvibes.c +index a6aa48c5b969..8e3d4ec39c35 100644 +--- a/sound/pci/sonicvibes.c ++++ b/sound/pci/sonicvibes.c +@@ -66,7 +66,7 @@ module_param_array(reverb, bool, NULL, 0444); + MODULE_PARM_DESC(reverb, "Enable reverb (SRAM is present) for S3 SonicVibes soundcard."); + module_param_array(mge, bool, NULL, 0444); + MODULE_PARM_DESC(mge, "MIC Gain Enable for S3 SonicVibes soundcard."); +-module_param(dmaio, uint, 0444); ++module_param_hw(dmaio, uint, ioport, 0444); + MODULE_PARM_DESC(dmaio, "DDMA i/o base address for S3 SonicVibes soundcard."); + + /* +diff --git a/sound/pci/via82xx.c b/sound/pci/via82xx.c +index 2d8c14e3f8d2..127834021175 100644 +--- a/sound/pci/via82xx.c ++++ b/sound/pci/via82xx.c +@@ -92,7 +92,7 @@ module_param(index, int, 0444); + MODULE_PARM_DESC(index, "Index value for VIA 82xx bridge."); + module_param(id, charp, 0444); + MODULE_PARM_DESC(id, "ID string for VIA 82xx bridge."); +-module_param(mpu_port, long, 0444); ++module_param_hw(mpu_port, long, ioport, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 port. (VT82C686x only)"); + #ifdef SUPPORT_JOYSTICK + module_param(joystick, bool, 0444); +diff --git a/sound/pci/ymfpci/ymfpci.c b/sound/pci/ymfpci/ymfpci.c +index 812e27a1bcbc..4faf3e1ed06a 100644 +--- a/sound/pci/ymfpci/ymfpci.c ++++ b/sound/pci/ymfpci/ymfpci.c +@@ -55,12 +55,12 @@ module_param_array(id, charp, NULL, 0444); + MODULE_PARM_DESC(id, "ID string for the Yamaha DS-1 PCI soundcard."); + module_param_array(enable, bool, NULL, 0444); + MODULE_PARM_DESC(enable, "Enable Yamaha DS-1 soundcard."); +-module_param_array(mpu_port, long, NULL, 0444); ++module_param_hw_array(mpu_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(mpu_port, "MPU-401 Port."); +-module_param_array(fm_port, long, NULL, 0444); ++module_param_hw_array(fm_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(fm_port, "FM OPL-3 Port."); + #ifdef SUPPORT_JOYSTICK +-module_param_array(joystick_port, long, NULL, 0444); ++module_param_hw_array(joystick_port, long, ioport, NULL, 0444); + MODULE_PARM_DESC(joystick_port, "Joystick port address"); + #endif + module_param_array(rear_switch, bool, NULL, 0444); diff --git a/debian/patches/features/all/lockdown/0039-efi-Add-EFI_SECURE_BOOT-bit.patch b/debian/patches/features/all/lockdown/0039-efi-Add-EFI_SECURE_BOOT-bit.patch new file mode 100644 index 000000000..06ed97317 --- /dev/null +++ b/debian/patches/features/all/lockdown/0039-efi-Add-EFI_SECURE_BOOT-bit.patch @@ -0,0 +1,43 @@ +From: Josh Boyer +Date: Wed, 5 Apr 2017 17:40:29 +0100 +Subject: [39/62] efi: Add EFI_SECURE_BOOT bit +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=7c121e1d97d6af4d25fb49bffb10571964f37ab1 + +UEFI machines can be booted in Secure Boot mode. Add a EFI_SECURE_BOOT bit +that can be passed to efi_enabled() to find out whether secure boot is +enabled. + +This will be used by the SysRq+x handler, registered by the x86 arch, to find +out whether secure boot mode is enabled so that it can be disabled. + +Signed-off-by: Josh Boyer +Signed-off-by: David Howells +--- + arch/x86/kernel/setup.c | 1 + + include/linux/efi.h | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c +index 4bf0c8926a1c..396285bddb93 100644 +--- a/arch/x86/kernel/setup.c ++++ b/arch/x86/kernel/setup.c +@@ -1184,6 +1184,7 @@ void __init setup_arch(char **cmdline_p) + pr_info("Secure boot disabled\n"); + break; + case efi_secureboot_mode_enabled: ++ set_bit(EFI_SECURE_BOOT, &efi.flags); + pr_info("Secure boot enabled\n"); + break; + default: +diff --git a/include/linux/efi.h b/include/linux/efi.h +index 94d34e0be24f..6049600e5475 100644 +--- a/include/linux/efi.h ++++ b/include/linux/efi.h +@@ -1069,6 +1069,7 @@ extern int __init efi_setup_pcdp_console(char *); + #define EFI_DBG 8 /* Print additional debug info at runtime */ + #define EFI_NX_PE_DATA 9 /* Can runtime data regions be mapped non-executable? */ + #define EFI_MEM_ATTR 10 /* Did firmware publish an EFI_MEMORY_ATTRIBUTES table? */ ++#define EFI_SECURE_BOOT 11 /* Are we in Secure Boot mode? */ + + #ifdef CONFIG_EFI + /* diff --git a/debian/patches/features/all/lockdown/0040-Add-the-ability-to-lock-down-access-to-the-running-k.patch b/debian/patches/features/all/lockdown/0040-Add-the-ability-to-lock-down-access-to-the-running-k.patch new file mode 100644 index 000000000..1718610f5 --- /dev/null +++ b/debian/patches/features/all/lockdown/0040-Add-the-ability-to-lock-down-access-to-the-running-k.patch @@ -0,0 +1,146 @@ +From: David Howells +Date: Wed, 5 Apr 2017 17:40:29 +0100 +Subject: [40/62] Add the ability to lock down access to the running kernel + image +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=4e038dfc742f11bcd02e5a3fba5718cefbf06d70 + +Provide a single call to allow kernel code to determine whether the system +should be locked down, thereby disallowing various accesses that might +allow the running kernel image to be changed including the loading of +modules that aren't validly signed with a key we recognise, fiddling with +MSR registers and disallowing hibernation, + +Signed-off-by: David Howells +--- + include/linux/kernel.h | 9 +++++++++ + include/linux/security.h | 11 +++++++++++ + security/Kconfig | 15 +++++++++++++++ + security/Makefile | 3 +++ + security/lock_down.c | 40 ++++++++++++++++++++++++++++++++++++++++ + 5 files changed, 78 insertions(+) + create mode 100644 security/lock_down.c + +diff --git a/include/linux/kernel.h b/include/linux/kernel.h +index 4c26dc3a8295..b820a80dc949 100644 +--- a/include/linux/kernel.h ++++ b/include/linux/kernel.h +@@ -275,6 +275,15 @@ extern int oops_may_print(void); + void do_exit(long error_code) __noreturn; + void complete_and_exit(struct completion *, long) __noreturn; + ++#ifdef CONFIG_LOCK_DOWN_KERNEL ++extern bool kernel_is_locked_down(void); ++#else ++static inline bool kernel_is_locked_down(void) ++{ ++ return false; ++} ++#endif ++ + /* Internal, do not use. */ + int __must_check _kstrtoul(const char *s, unsigned int base, unsigned long *res); + int __must_check _kstrtol(const char *s, unsigned int base, long *res); +diff --git a/include/linux/security.h b/include/linux/security.h +index af675b576645..68bab18ddd57 100644 +--- a/include/linux/security.h ++++ b/include/linux/security.h +@@ -1698,5 +1698,16 @@ static inline void free_secdata(void *secdata) + { } + #endif /* CONFIG_SECURITY */ + ++#ifdef CONFIG_LOCK_DOWN_KERNEL ++extern void lock_kernel_down(void); ++#ifdef CONFIG_ALLOW_LOCKDOWN_LIFT ++extern void lift_kernel_lockdown(void); ++#endif ++#else ++static inline void lock_kernel_down(void) ++{ ++} ++#endif ++ + #endif /* ! __LINUX_SECURITY_H */ + +diff --git a/security/Kconfig b/security/Kconfig +index 3ff1bf91080e..e3830171bdcb 100644 +--- a/security/Kconfig ++++ b/security/Kconfig +@@ -198,6 +198,21 @@ config STATIC_USERMODEHELPER_PATH + If you wish for all usermode helper programs to be disabled, + specify an empty string here (i.e. ""). + ++config LOCK_DOWN_KERNEL ++ bool "Allow the kernel to be 'locked down'" ++ help ++ Allow the kernel to be locked down under certain circumstances, for ++ instance if UEFI secure boot is enabled. Locking down the kernel ++ turns off various features that might otherwise allow access to the ++ kernel image (eg. setting MSR registers). ++ ++config ALLOW_LOCKDOWN_LIFT ++ bool ++ help ++ Allow the lockdown on a kernel to be lifted, thereby restoring the ++ ability of userspace to access the kernel image (eg. by SysRq+x under ++ x86). ++ + source security/selinux/Kconfig + source security/smack/Kconfig + source security/tomoyo/Kconfig +diff --git a/security/Makefile b/security/Makefile +index f2d71cdb8e19..8c4a43e3d4e0 100644 +--- a/security/Makefile ++++ b/security/Makefile +@@ -29,3 +29,6 @@ obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o + # Object integrity file lists + subdir-$(CONFIG_INTEGRITY) += integrity + obj-$(CONFIG_INTEGRITY) += integrity/ ++ ++# Allow the kernel to be locked down ++obj-$(CONFIG_LOCK_DOWN_KERNEL) += lock_down.o +diff --git a/security/lock_down.c b/security/lock_down.c +new file mode 100644 +index 000000000000..5788c60ff4e1 +--- /dev/null ++++ b/security/lock_down.c +@@ -0,0 +1,40 @@ ++/* Lock down the kernel ++ * ++ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved. ++ * Written by David Howells (dhowells@redhat.com) ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public Licence ++ * as published by the Free Software Foundation; either version ++ * 2 of the Licence, or (at your option) any later version. ++ */ ++ ++#include ++#include ++ ++static __read_mostly bool kernel_locked_down; ++ ++/* ++ * Put the kernel into lock-down mode. ++ */ ++void lock_kernel_down(void) ++{ ++ kernel_locked_down = true; ++} ++ ++/* ++ * Take the kernel out of lockdown mode. ++ */ ++void lift_kernel_lockdown(void) ++{ ++ kernel_locked_down = false; ++} ++ ++/** ++ * kernel_is_locked_down - Find out if the kernel is locked down ++ */ ++bool kernel_is_locked_down(void) ++{ ++ return kernel_locked_down; ++} ++EXPORT_SYMBOL(kernel_is_locked_down); diff --git a/debian/patches/features/all/lockdown/0041-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch b/debian/patches/features/all/lockdown/0041-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch new file mode 100644 index 000000000..94c33c4d9 --- /dev/null +++ b/debian/patches/features/all/lockdown/0041-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mo.patch @@ -0,0 +1,66 @@ +From: David Howells +Date: Wed, 5 Apr 2017 17:40:29 +0100 +Subject: [41/62] efi: Lock down the kernel if booted in secure boot mode +Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=48f943a855fa850977db9071250db2b9e12287ce + +UEFI Secure Boot provides a mechanism for ensuring that the firmware will +only load signed bootloaders and kernels. Certain use cases may also +require that all kernel modules also be signed. Add a configuration option +that to lock down the kernel - which includes requiring validly signed +modules - if the kernel is secure-booted. + +Signed-off-by: David Howells +--- + arch/x86/Kconfig | 12 ++++++++++++ + arch/x86/kernel/setup.c | 8 +++++++- + 2 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig +index cc98d5a294ee..21f39855661d 100644 +--- a/arch/x86/Kconfig ++++ b/arch/x86/Kconfig +@@ -1817,6 +1817,18 @@ config EFI_MIXED + + If unsure, say N. + ++config EFI_SECURE_BOOT_LOCK_DOWN ++ def_bool n ++ depends on EFI ++ prompt "Lock down the kernel when UEFI Secure Boot is enabled" ++ ---help--- ++ UEFI Secure Boot provides a mechanism for ensuring that the firmware ++ will only load signed bootloaders and kernels. Certain use cases may ++ also require that all kernel modules also be signed and that ++ userspace is prevented from directly changing the running kernel ++ image. Say Y here to automatically lock down the kernel when a ++ system boots with UEFI Secure Boot enabled. ++ + config SECCOMP + def_bool y + prompt "Enable seccomp to safely compute untrusted bytecode" +diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c +index 396285bddb93..85dfa745c442 100644 +--- a/arch/x86/kernel/setup.c ++++ b/arch/x86/kernel/setup.c +@@ -69,6 +69,7 @@ + #include + #include + #include ++#include + + #include