11 May, 2017
1 commit
-
Pull hw lockdown support from David Howells:
"Annotation of module parameters that configure hardware resources
including ioports, iomem addresses, irq lines and dma channels.This allows a future patch to prohibit the use of such module
parameters to prevent that hardware from being abused to gain access
to the running kernel image as part of locking the kernel down under
UEFI secure boot conditions.Annotations are made by changing:
module_param(n, t, p)
module_param_named(n, v, t, p)
module_param_array(n, t, m, p)to:
module_param_hw(n, t, hwtype, p)
module_param_hw_named(n, v, t, hwtype, p)
module_param_hw_array(n, t, hwtype, m, p)where the module parameter refers to a hardware setting
hwtype specifies the type of the resource being configured. This can
be one of:ioport Module parameter configures an I/O port
iomem Module parameter configures an I/O mem address
ioport_or_iomem Module parameter could be either (runtime set)
irq Module parameter configures an I/O port
dma Module parameter configures a DMA channel
dma_addr Module parameter configures a DMA buffer address
other Module parameter configures some other valueNote that the hwtype is compile checked, but not currently stored (the
lockdown code probably won't require it). It is, however, there for
future use.A bonus is that the hwtype can also be used for grepping.
The intention is for the kernel to ignore or reject attempts to set
annotated module parameters if lockdown is enabled. This applies to
options passed on the boot command line, passed to insmod/modprobe or
direct twiddling in /sys/module/ parameter files.The module initialisation then needs to handle the parameter not being
set, by (1) giving an error, (2) probing for a value or (3) using a
reasonable default.What I can't do is just reject a module out of hand because it may
take a hardware setting in the module parameters. Some important
modules, some ipmi stuff for instance, both probe for hardware and
allow hardware to be manually specified; if the driver is aborts with
any error, you don't get any ipmi hardware.Further, trying to do this entirely in the module initialisation code
doesn't protect against sysfs twiddling.[!] Note that in and of itself, this series of patches should have no
effect on the the size of the kernel or code execution - that is
left to a patch in the next series to effect. It does mark
annotated kernel parameters with a KERNEL_PARAM_FL_HWPARAM flag in
an already existing field"* tag 'hwparam-20170420' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: (38 commits)
Annotate hardware config module parameters in sound/pci/
Annotate hardware config module parameters in sound/oss/
Annotate hardware config module parameters in sound/isa/
Annotate hardware config module parameters in sound/drivers/
Annotate hardware config module parameters in fs/pstore/
Annotate hardware config module parameters in drivers/watchdog/
Annotate hardware config module parameters in drivers/video/
Annotate hardware config module parameters in drivers/tty/
Annotate hardware config module parameters in drivers/staging/vme/
Annotate hardware config module parameters in drivers/staging/speakup/
Annotate hardware config module parameters in drivers/staging/media/
Annotate hardware config module parameters in drivers/scsi/
Annotate hardware config module parameters in drivers/pcmcia/
Annotate hardware config module parameters in drivers/pci/hotplug/
Annotate hardware config module parameters in drivers/parport/
Annotate hardware config module parameters in drivers/net/wireless/
Annotate hardware config module parameters in drivers/net/wan/
Annotate hardware config module parameters in drivers/net/irda/
Annotate hardware config module parameters in drivers/net/hamradio/
Annotate hardware config module parameters in drivers/net/ethernet/
...
20 Apr, 2017
1 commit
-
When the kernel is running in secure boot mode, we lock down the kernel to
prevent userspace from modifying the running kernel image. Whilst this
includes prohibiting access to things like /dev/mem, it must also prevent
access by means of configuring driver modules in such a way as to cause a
device to access or modify the kernel image.To this end, annotate module_param* statements that refer to hardware
configuration and indicate for future reference what type of parameter they
specify. The parameter parser in the core sees this information and can
skip such parameters with an error message if the kernel is locked down.
The module initialisation then runs as normal, but just sees whatever the
default values for those parameters is.Note that we do still need to do the module initialisation because some
drivers have viable defaults set in case parameters aren't specified and
some drivers support automatic configuration (e.g. PNP or PCI) in addition
to manually coded parameters.This patch annotates drivers in drivers/gpio/.
Suggested-by: Alan Cox
Signed-off-by: David Howells
Acked-by: William Breathitt Gray
Acked-by: Linus Walleij
cc: Alexandre Courbot
cc: linux-gpio@vger.kernel.org
28 Mar, 2017
1 commit
-
The 104-idi-48 gpio driver currently implements an irq_chip for handling
interrupts; due to how irq_chip handling is done, it's necessary for the
irq_chip methods to be invoked from hardirq context, even on a a
real-time kernel. Because the spinlock_t type becomes a "sleeping"
spinlock w/ RT kernels, it is not suitable to be used with irq_chips.A quick audit of the operations under the lock reveal that they do only
minimal, bounded work, and are therefore safe to do under a raw spinlock.Signed-off-by: Julia Cartwright
Acked-by: William Breathitt Gray
Signed-off-by: Linus Walleij
01 Feb, 2017
2 commits
-
This patch sets the gpio_chip names option with an array of GPIO line
names that match the manual documentation for the ACCES 104-IDI-48.
This should make it easier for users to identify which GPIO line
corresponds to a respective GPIO pin on the device.Signed-off-by: William Breathitt Gray
Signed-off-by: Linus Walleij -
Setting driver_data was necessary to access private data in the
idi_48_remove function. Now that the idi_48_remove function is gone,
driver_data is no longer used. This patch removes the relevant code.Signed-off-by: William Breathitt Gray
Signed-off-by: Linus Walleij
26 Jan, 2017
1 commit
-
The devm_ resource manager functions allow memory to be automatically
released when a device is unbound. This patch takes advantage of the
resource manager functions and replaces the gpiochip_add_data call and
request_irq call with the devm_gpiochip_add_data call and
devm_request_irq call respectively. In addition, the idi_48_remove
function has been removed as no longer necessary due to the use of the
relevant devm_ resource manager functions.Signed-off-by: William Breathitt Gray
Signed-off-by: Linus Walleij
13 Jun, 2016
1 commit
-
Fixes: 9ae482104cb9 ("gpio: 104-idi-48: Clear pending interrupt once in IRQ handler")
Signed-off-by: Axel Lin
Acked-by: William Breathitt Gray
Signed-off-by: Linus Walleij
03 May, 2016
1 commit
-
The ACCES 104-IDI-48 series communicates via the ISA bus. As such, it
is more appropriate to use the ISA bus driver over the platform driver
to control the ACCES 104-IDI-48 GPIO driver.This patch also adds support for multiple devices via the base and irq
module array parameters. Each element of the base array corresponds to a
discrete device; each element of the irq array corresponds to the
respective device addressed in the respective base array element.Acked-by: Linus Walleij
Cc: Alexandre Courbot
Signed-off-by: William Breathitt Gray
Signed-off-by: Greg Kroah-Hartman
16 Feb, 2016
2 commits
-
By the time request_region is called in the ACCES 104-IDI-48 GPIO
driver, a corresponding device structure has already been allocated. The
devm_request_region function should be used to help simplify the cleanup
code and reduce the possible points of failure.Signed-off-by: William Breathitt Gray
Reviewed-by: Alexandre Courbot
Signed-off-by: Linus Walleij -
The GPIO driver copyright boilerplate lacks the "or
later" verbiage regarding GPL compliant distribution. The MODULE_LICENSE
string should reflect the actual copyright license terms used.Signed-off-by: William Breathitt Gray
Signed-off-by: Linus Walleij
28 Jan, 2016
1 commit
-
The ACCES 104-IDI-48 can differentiate between its own and other
devices' interrupt requests. Therefore, IRQ sharing is possible and
should be permitted.Signed-off-by: William Breathitt Gray
Signed-off-by: Linus Walleij
05 Jan, 2016
1 commit
-
This makes the driver use the data pointer added to the gpio_chip
to store a pointer to the state container instead of relying on
container_of().Acked-by: William Breathitt Gray
Signed-off-by: Linus Walleij
22 Dec, 2015
1 commit
-
Performing a read operation on the IRQ Status register will clear the
IRQ latch. Since a read operation on the IRQ Status register must be
performed in the IRQ handler in order to determine if the IRQ was in
fact generated by the device, the IRQ latch is consequently cleared by
the IRQ handler. A spinlock is used to guarantee that each IRQ is
serviced in the order it was received.Signed-off-by: William Breathitt Gray
01 Dec, 2015
1 commit
-
The ACCES 104-IDI-48 family of PC/104 utility boards feature 48
individually optically isolated digital inputs. Enabled inputs feature
change-of-state detection capability; if change-of-state detection is
enabled, an interrupt is fired off if a change of input level
(low-to-high or high-to-low) is detected. Change-of-state IRQs are
enabled/disabled on 8-bit boundaries, for a total of six boundaries.This driver provides GPIO and IRQ support for these 48 channels of
digital input. The base port address for the device may be configured
via the idi_48_base module parameter. The interrupt line number for the
device may be configured via the idi_48_irq module parameter.Signed-off-by: William Breathitt Gray
Signed-off-by: Linus Walleij