tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Input: i8042 - add unmask_kbd_data option
A big problem with the current i8042 debugging option is that it outputs
data going to and from the keyboard by default. As a result, many dmesg
logs uploaded by users will unintentionally contain sensitive information
such as their password, as such it's probably a good idea not to output
data coming from the keyboard unless specifically enabled by the user.
Signed-off-by: Stephen Chandler Paul <cpaul@redhat.com>
Reviewed-by: Andreas Mohr <andim2@users.sf.net>
Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
authored by
Stephen Chandler Paul
and committed by
Dmitry Torokhov
e1443d28
339d6b88
+60
-7
+4
Documentation/kernel-parameters.txt
+4
Documentation/kernel-parameters.txt
···
1274
1274
<bus_id>,<clkrate>
1275
1275
1276
1276
i8042.debug [HW] Toggle i8042 debug mode
1277
+
i8042.unmask_kbd_data
1278
+
[HW] Enable printing of interrupt data from the KBD port
1279
+
(disabled by default, and as a pre-condition
1280
+
requires that i8042.debug=1 be enabled)
1277
1281
i8042.direct [HW] Put keyboard port into non-translated mode
1278
1282
i8042.dumbkbd [HW] Pretend that controller can only read data from
1279
1283
keyboard and cannot control its state
+39
-4
drivers/input/serio/i8042.c
+39
-4
drivers/input/serio/i8042.c
···
88
88
static bool i8042_debug;
89
89
module_param_named(debug, i8042_debug, bool, 0600);
90
90
MODULE_PARM_DESC(debug, "Turn i8042 debugging mode on and off");
91
+
92
+
static bool i8042_unmask_kbd_data;
93
+
module_param_named(unmask_kbd_data, i8042_unmask_kbd_data, bool, 0600);
94
+
MODULE_PARM_DESC(unmask_kbd_data, "Unconditional enable (may reveal sensitive data) of normally sanitize-filtered kbd data traffic debug log [pre-condition: i8042.debug=1 enabled]");
91
95
#endif
92
96
93
97
static bool i8042_bypass_aux_irq_test;
···
120
116
struct serio *serio;
121
117
int irq;
122
118
bool exists;
119
+
bool driver_bound;
123
120
signed char mux;
124
121
};
125
122
···
138
133
static bool i8042_aux_irq_registered;
139
134
static unsigned char i8042_suppress_kbd_ack;
140
135
static struct platform_device *i8042_platform_device;
136
+
static struct notifier_block i8042_kbd_bind_notifier_block;
141
137
142
138
static irqreturn_t i8042_interrupt(int irq, void *dev_id);
143
139
static bool (*i8042_platform_filter)(unsigned char data, unsigned char str,
···
534
528
port = &i8042_ports[port_no];
535
529
serio = port->exists ? port->serio : NULL;
536
530
537
-
dbg("%02x <- i8042 (interrupt, %d, %d%s%s)\n",
538
-
data, port_no, irq,
539
-
dfl & SERIO_PARITY ? ", bad parity" : "",
540
-
dfl & SERIO_TIMEOUT ? ", timeout" : "");
531
+
filter_dbg(port->driver_bound, data, "<- i8042 (interrupt, %d, %d%s%s)\n",
532
+
port_no, irq,
533
+
dfl & SERIO_PARITY ? ", bad parity" : "",
534
+
dfl & SERIO_TIMEOUT ? ", timeout" : "");
541
535
542
536
filtered = i8042_filter(data, str, serio);
543
537
···
1444
1438
return error;
1445
1439
}
1446
1440
1441
+
static int i8042_kbd_bind_notifier(struct notifier_block *nb,
1442
+
unsigned long action, void *data)
1443
+
{
1444
+
struct device *dev = data;
1445
+
struct serio *serio = to_serio_port(dev);
1446
+
struct i8042_port *port = serio->port_data;
1447
+
1448
+
if (serio != i8042_ports[I8042_KBD_PORT_NO].serio)
1449
+
return 0;
1450
+
1451
+
switch (action) {
1452
+
case BUS_NOTIFY_BOUND_DRIVER:
1453
+
port->driver_bound = true;
1454
+
break;
1455
+
1456
+
case BUS_NOTIFY_UNBIND_DRIVER:
1457
+
port->driver_bound = false;
1458
+
break;
1459
+
}
1460
+
1461
+
return 0;
1462
+
}
1463
+
1447
1464
static int __init i8042_probe(struct platform_device *dev)
1448
1465
{
1449
1466
int error;
···
1536
1507
.shutdown = i8042_shutdown,
1537
1508
};
1538
1509
1510
+
static struct notifier_block i8042_kbd_bind_notifier_block = {
1511
+
.notifier_call = i8042_kbd_bind_notifier,
1512
+
};
1513
+
1539
1514
static int __init i8042_init(void)
1540
1515
{
1541
1516
struct platform_device *pdev;
···
1561
1528
goto err_platform_exit;
1562
1529
}
1563
1530
1531
+
bus_register_notifier(&serio_bus, &i8042_kbd_bind_notifier_block);
1564
1532
panic_blink = i8042_panic_blink;
1565
1533
1566
1534
return 0;
···
1577
1543
platform_driver_unregister(&i8042_driver);
1578
1544
i8042_platform_exit();
1579
1545
1546
+
bus_unregister_notifier(&serio_bus, &i8042_kbd_bind_notifier_block);
1580
1547
panic_blink = NULL;
1581
1548
}
1582
1549
+13
drivers/input/serio/i8042.h
+13
drivers/input/serio/i8042.h
···
73
73
printk(KERN_DEBUG KBUILD_MODNAME ": [%d] " format, \
74
74
(int) (jiffies - i8042_start_time), ##arg); \
75
75
} while (0)
76
+
77
+
#define filter_dbg(filter, data, format, args...) \
78
+
do { \
79
+
if (!i8042_debug) \
80
+
break; \
81
+
\
82
+
if (!filter || i8042_unmask_kbd_data) \
83
+
dbg("%02x " format, data, ##args); \
84
+
else \
85
+
dbg("** " format, ##args); \
86
+
} while (0)
76
87
#else
77
88
#define dbg_init() do { } while (0)
78
89
#define dbg(format, arg...) \
···
91
80
if (0) \
92
81
printk(KERN_DEBUG pr_fmt(format), ##arg); \
93
82
} while (0)
83
+
84
+
#define filter_dbg(filter, data, format, args...) do { } while (0)
94
85
#endif
95
86
96
87
#endif /* _I8042_H */
+2
-3
drivers/input/serio/serio.c
+2
-3
drivers/input/serio/serio.c
···
49
49
50
50
static LIST_HEAD(serio_list);
51
51
52
-
static struct bus_type serio_bus;
53
-
54
52
static void serio_add_port(struct serio *serio);
55
53
static int serio_reconnect_port(struct serio *serio);
56
54
static void serio_disconnect_port(struct serio *serio);
···
1015
1017
}
1016
1018
EXPORT_SYMBOL(serio_interrupt);
1017
1019
1018
-
static struct bus_type serio_bus = {
1020
+
struct bus_type serio_bus = {
1019
1021
.name = "serio",
1020
1022
.drv_groups = serio_driver_groups,
1021
1023
.match = serio_bus_match,
···
1027
1029
.pm = &serio_pm_ops,
1028
1030
#endif
1029
1031
};
1032
+
EXPORT_SYMBOL(serio_bus);
1030
1033
1031
1034
static int __init serio_init(void)
1032
1035
{