lockdown: Lock down module params that specify hardware parameters (eg. ioport)

Provided an annotation for module parameters that specify hardware parameters (such as io ports, iomem addresses, irqs, dma channels, fixed dma buffers and other types). Suggested-by: Alan Cox <gnomes@lxorguk.ukuu.org.uk> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Jessica Yu <jeyu@kernel.org> Signed-off-by: James Morris <jmorris@namei.org>
author: David Howells <dhowells@redhat.com> 2019-08-20 03:17:55 +0300
committer: James Morris <jmorris@namei.org> 2019-08-20 07:54:16 +0300
commit: 20657f66ef52e5005369e4ef539d4cbf01eab10d (patch)
tree: f5f50d1c2f61821f69e41f1237cdafb446af8e5b /include/linux/security.h
parent: 794edf30ee6cd088d5f4079b1d4a4cfe5371203e (diff)
download: linux-20657f66ef52e5005369e4ef539d4cbf01eab10d.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/security.h b/include/linux/security.h
index b4a85badb03a..1a3404f9c060 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -113,6 +113,7 @@ enum lockdown_reason {
 	LOCKDOWN_ACPI_TABLES,
 	LOCKDOWN_PCMCIA_CIS,
 	LOCKDOWN_TIOCSSERIAL,
+	LOCKDOWN_MODULE_PARAMETERS,
 	LOCKDOWN_INTEGRITY_MAX,
 	LOCKDOWN_CONFIDENTIALITY_MAX,
 };
author	David Howells <dhowells@redhat.com>	2019-08-20 03:17:55 +0300
committer	James Morris <jmorris@namei.org>	2019-08-20 07:54:16 +0300
commit	20657f66ef52e5005369e4ef539d4cbf01eab10d (patch)
tree	f5f50d1c2f61821f69e41f1237cdafb446af8e5b /include/linux/security.h
parent	794edf30ee6cd088d5f4079b1d4a4cfe5371203e (diff)
download	linux-20657f66ef52e5005369e4ef539d4cbf01eab10d.tar.xz