)]}'
{
  "commit": "291b38a7565b41676cafd1b4052315a94d9c8977",
  "tree": "876251a73901865110c8d0d048cf379b8a6ff0e4",
  "parents": [
    "b5a53b61a2890ec08f404f524c1c42aa86f09be4",
    "6192c41fc608b0a58d5540b015aa1672c266f3c5"
  ],
  "author": {
    "name": "Linus Torvalds",
    "email": "torvalds@linux-foundation.org",
    "time": "Wed May 10 19:13:03 2017 -0700"
  },
  "committer": {
    "name": "Linus Torvalds",
    "email": "torvalds@linux-foundation.org",
    "time": "Wed May 10 19:13:03 2017 -0700"
  },
  "message": "Merge tag \u0027hwparam-20170420\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs\n\nPull hw lockdown support from David Howells:\n \"Annotation of module parameters that configure hardware resources\n  including ioports, iomem addresses, irq lines and dma channels.\n\n  This allows a future patch to prohibit the use of such module\n  parameters to prevent that hardware from being abused to gain access\n  to the running kernel image as part of locking the kernel down under\n  UEFI secure boot conditions.\n\n  Annotations are made by changing:\n\n        module_param(n, t, p)\n        module_param_named(n, v, t, p)\n        module_param_array(n, t, m, p)\n\n  to:\n\n        module_param_hw(n, t, hwtype, p)\n        module_param_hw_named(n, v, t, hwtype, p)\n        module_param_hw_array(n, t, hwtype, m, p)\n\n  where the module parameter refers to a hardware setting\n\n  hwtype specifies the type of the resource being configured. This can\n  be one of:\n\n        ioport          Module parameter configures an I/O port\n        iomem           Module parameter configures an I/O mem address\n        ioport_or_iomem Module parameter could be either (runtime set)\n        irq             Module parameter configures an I/O port\n        dma             Module parameter configures a DMA channel\n        dma_addr        Module parameter configures a DMA buffer address\n        other           Module parameter configures some other value\n\n  Note that the hwtype is compile checked, but not currently stored (the\n  lockdown code probably won\u0027t require it). It is, however, there for\n  future use.\n\n  A bonus is that the hwtype can also be used for grepping.\n\n  The intention is for the kernel to ignore or reject attempts to set\n  annotated module parameters if lockdown is enabled. This applies to\n  options passed on the boot command line, passed to insmod/modprobe or\n  direct twiddling in /sys/module/ parameter files.\n\n  The module initialisation then needs to handle the parameter not being\n  set, by (1) giving an error, (2) probing for a value or (3) using a\n  reasonable default.\n\n  What I can\u0027t do is just reject a module out of hand because it may\n  take a hardware setting in the module parameters. Some important\n  modules, some ipmi stuff for instance, both probe for hardware and\n  allow hardware to be manually specified; if the driver is aborts with\n  any error, you don\u0027t get any ipmi hardware.\n\n  Further, trying to do this entirely in the module initialisation code\n  doesn\u0027t protect against sysfs twiddling.\n\n  [!] Note that in and of itself, this series of patches should have no\n      effect on the the size of the kernel or code execution - that is\n      left to a patch in the next series to effect. It does mark\n      annotated kernel parameters with a KERNEL_PARAM_FL_HWPARAM flag in\n      an already existing field\"\n\n* tag \u0027hwparam-20170420\u0027 of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: (38 commits)\n  Annotate hardware config module parameters in sound/pci/\n  Annotate hardware config module parameters in sound/oss/\n  Annotate hardware config module parameters in sound/isa/\n  Annotate hardware config module parameters in sound/drivers/\n  Annotate hardware config module parameters in fs/pstore/\n  Annotate hardware config module parameters in drivers/watchdog/\n  Annotate hardware config module parameters in drivers/video/\n  Annotate hardware config module parameters in drivers/tty/\n  Annotate hardware config module parameters in drivers/staging/vme/\n  Annotate hardware config module parameters in drivers/staging/speakup/\n  Annotate hardware config module parameters in drivers/staging/media/\n  Annotate hardware config module parameters in drivers/scsi/\n  Annotate hardware config module parameters in drivers/pcmcia/\n  Annotate hardware config module parameters in drivers/pci/hotplug/\n  Annotate hardware config module parameters in drivers/parport/\n  Annotate hardware config module parameters in drivers/net/wireless/\n  Annotate hardware config module parameters in drivers/net/wan/\n  Annotate hardware config module parameters in drivers/net/irda/\n  Annotate hardware config module parameters in drivers/net/hamradio/\n  Annotate hardware config module parameters in drivers/net/ethernet/\n  ...\n",
  "tree_diff": []
}