tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Annotate hardware config module parameters in drivers/net/ethernet/

When the kernel is running in secure boot mode, we lock down the kernel to
prevent userspace from modifying the running kernel image. Whilst this
includes prohibiting access to things like /dev/mem, it must also prevent
access by means of configuring driver modules in such a way as to cause a
device to access or modify the kernel image.

To this end, annotate module_param* statements that refer to hardware
configuration and indicate for future reference what type of parameter they
specify. The parameter parser in the core sees this information and can
skip such parameters with an error message if the kernel is locked down.
The module initialisation then runs as normal, but just sees whatever the
default values for those parameters is.

Note that we do still need to do the module initialisation because some
drivers have viable defaults set in case parameters aren't specified and
some drivers support automatic configuration (e.g. PNP or PCI) in addition
to manually coded parameters.

This patch annotates drivers in drivers/net/ethernet/.

Suggested-by: Alan Cox <gnomes@lxorguk.ukuu.org.uk>
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Steffen Klassert <steffen.klassert@secunet.com>
cc: Jaroslav Kysela <perex@perex.cz>
cc: netdev@vger.kernel.org
cc: linux-parisc@vger.kernel.org

David Howells df298408 e43f2c52

+26 -26
+1 -1
drivers/net/ethernet/3com/3c509.c
··· 1371 1371 #endif /* CONFIG_PM */ 1372 1372 1373 1373 module_param(debug,int, 0); 1374 - module_param_array(irq, int, NULL, 0); 1374 + module_param_hw_array(irq, int, irq, NULL, 0); 1375 1375 module_param(max_interrupt_work, int, 0); 1376 1376 MODULE_PARM_DESC(debug, "debug level (0-6)"); 1377 1377 MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)");
+2 -2
drivers/net/ethernet/3com/3c59x.c
··· 813 813 module_param_array(enable_wol, int, NULL, 0); 814 814 module_param(rx_copybreak, int, 0); 815 815 module_param(max_interrupt_work, int, 0); 816 - module_param(compaq_ioaddr, int, 0); 817 - module_param(compaq_irq, int, 0); 816 + module_param_hw(compaq_ioaddr, int, ioport, 0); 817 + module_param_hw(compaq_irq, int, irq, 0); 818 818 module_param(compaq_device_id, int, 0); 819 819 module_param(watchdog, int, 0); 820 820 module_param(global_use_mmio, int, 0);
+2 -2
drivers/net/ethernet/8390/ne.c
··· 74 74 static u32 ne_msg_enable; 75 75 76 76 #ifdef MODULE 77 - module_param_array(io, int, NULL, 0); 78 - module_param_array(irq, int, NULL, 0); 77 + module_param_hw_array(io, int, ioport, NULL, 0); 78 + module_param_hw_array(irq, int, irq, NULL, 0); 79 79 module_param_array(bad, int, NULL, 0); 80 80 module_param_named(msg_enable, ne_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); 81 81 MODULE_PARM_DESC(io, "I/O base address(es),required");
+2 -2
drivers/net/ethernet/8390/smc-ultra.c
··· 561 561 static int io[MAX_ULTRA_CARDS]; 562 562 static int irq[MAX_ULTRA_CARDS]; 563 563 564 - module_param_array(io, int, NULL, 0); 565 - module_param_array(irq, int, NULL, 0); 564 + module_param_hw_array(io, int, ioport, NULL, 0); 565 + module_param_hw_array(irq, int, irq, NULL, 0); 566 566 module_param_named(msg_enable, ultra_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); 567 567 MODULE_PARM_DESC(io, "I/O base address(es)"); 568 568 MODULE_PARM_DESC(irq, "IRQ number(s) (assigned)");
+4 -4
drivers/net/ethernet/8390/wd.c
··· 503 503 static int mem[MAX_WD_CARDS]; 504 504 static int mem_end[MAX_WD_CARDS]; /* for non std. mem size */ 505 505 506 - module_param_array(io, int, NULL, 0); 507 - module_param_array(irq, int, NULL, 0); 508 - module_param_array(mem, int, NULL, 0); 509 - module_param_array(mem_end, int, NULL, 0); 506 + module_param_hw_array(io, int, ioport, NULL, 0); 507 + module_param_hw_array(irq, int, irq, NULL, 0); 508 + module_param_hw_array(mem, int, iomem, NULL, 0); 509 + module_param_hw_array(mem_end, int, iomem, NULL, 0); 510 510 module_param_named(msg_enable, wd_msg_enable, uint, (S_IRUSR|S_IRGRP|S_IROTH)); 511 511 MODULE_PARM_DESC(io, "I/O base address(es)"); 512 512 MODULE_PARM_DESC(irq, "IRQ number(s) (ignored for PureData boards)");
+3 -3
drivers/net/ethernet/amd/lance.c
··· 318 318 static int dma[MAX_CARDS]; 319 319 static int irq[MAX_CARDS]; 320 320 321 - module_param_array(io, int, NULL, 0); 322 - module_param_array(dma, int, NULL, 0); 323 - module_param_array(irq, int, NULL, 0); 321 + module_param_hw_array(io, int, ioport, NULL, 0); 322 + module_param_hw_array(dma, int, dma, NULL, 0); 323 + module_param_hw_array(irq, int, irq, NULL, 0); 324 324 module_param(lance_debug, int, 0); 325 325 MODULE_PARM_DESC(io, "LANCE/PCnet I/O base address(es),required"); 326 326 MODULE_PARM_DESC(dma, "LANCE/PCnet ISA DMA channel (ignored for some devices)");
+3 -3
drivers/net/ethernet/amd/ni65.c
··· 1227 1227 #ifdef MODULE 1228 1228 static struct net_device *dev_ni65; 1229 1229 1230 - module_param(irq, int, 0); 1231 - module_param(io, int, 0); 1232 - module_param(dma, int, 0); 1230 + module_param_hw(irq, int, irq, 0); 1231 + module_param_hw(io, int, ioport, 0); 1232 + module_param_hw(dma, int, dma, 0); 1233 1233 MODULE_PARM_DESC(irq, "ni6510 IRQ number (ignored for some cards)"); 1234 1234 MODULE_PARM_DESC(io, "ni6510 I/O base address"); 1235 1235 MODULE_PARM_DESC(dma, "ni6510 ISA DMA channel (ignored for some cards)");
+3 -3
drivers/net/ethernet/cirrus/cs89x0.c
··· 1704 1704 static int dma; 1705 1705 static int dmasize = 16; /* or 64 */ 1706 1706 1707 - module_param(io, int, 0); 1708 - module_param(irq, int, 0); 1707 + module_param_hw(io, int, ioport, 0); 1708 + module_param_hw(irq, int, irq, 0); 1709 1709 module_param(debug, int, 0); 1710 1710 module_param_string(media, media, sizeof(media), 0); 1711 1711 module_param(duplex, int, 0); 1712 - module_param(dma , int, 0); 1712 + module_param_hw(dma , int, dma, 0); 1713 1713 module_param(dmasize , int, 0); 1714 1714 module_param(use_dma , int, 0); 1715 1715 MODULE_PARM_DESC(io, "cs89x0 I/O base address");
+1 -1
drivers/net/ethernet/dec/tulip/de4x5.c
··· 1015 1015 1016 1016 static int io=0x0;/* EDIT THIS LINE FOR YOUR CONFIGURATION IF NEEDED */ 1017 1017 1018 - module_param(io, int, 0); 1018 + module_param_hw(io, int, ioport, 0); 1019 1019 module_param(de4x5_debug, int, 0); 1020 1020 module_param(dec_only, int, 0); 1021 1021 module_param(args, charp, 0);
+1 -1
drivers/net/ethernet/hp/hp100.c
··· 2966 2966 #define HP100_DEVICES 5 2967 2967 /* Parameters set by insmod */ 2968 2968 static int hp100_port[HP100_DEVICES] = { 0, [1 ... (HP100_DEVICES-1)] = -1 }; 2969 - module_param_array(hp100_port, int, NULL, 0); 2969 + module_param_hw_array(hp100_port, int, ioport, NULL, 0); 2970 2970 2971 2971 /* List of devices */ 2972 2972 static struct net_device *hp100_devlist[HP100_DEVICES];
+2 -2
drivers/net/ethernet/realtek/atp.c
··· 151 151 152 152 module_param(max_interrupt_work, int, 0); 153 153 module_param(debug, int, 0); 154 - module_param_array(io, int, NULL, 0); 155 - module_param_array(irq, int, NULL, 0); 154 + module_param_hw_array(io, int, ioport, NULL, 0); 155 + module_param_hw_array(irq, int, irq, NULL, 0); 156 156 module_param_array(xcvr, int, NULL, 0); 157 157 MODULE_PARM_DESC(max_interrupt_work, "ATP maximum events handled per interrupt"); 158 158 MODULE_PARM_DESC(debug, "ATP debug level (0-7)");
+2 -2
drivers/net/ethernet/smsc/smc9194.c
··· 1501 1501 static struct net_device *devSMC9194; 1502 1502 MODULE_LICENSE("GPL"); 1503 1503 1504 - module_param(io, int, 0); 1505 - module_param(irq, int, 0); 1504 + module_param_hw(io, int, ioport, 0); 1505 + module_param_hw(irq, int, irq, 0); 1506 1506 module_param(ifport, int, 0); 1507 1507 MODULE_PARM_DESC(io, "SMC 99194 I/O base address"); 1508 1508 MODULE_PARM_DESC(irq, "SMC 99194 IRQ number");