On Tue, 29 Nov 2016 14:03:31 +0000 David Howells <dhowe...@redhat.com> wrote:
> How about the attached? Obviously it need extending to other drivers. > > I thought that if I'm changing the module_param annotations anyway then it's > probably worth bunging in an extra parameter that notes what the parameter > modifies (ioport, iomem, etc.) for future reference, even if we don't store > it. With a security hat on the security best practice and long standing accepted rule is that you whitelist rather than blacklist, so there ought to be a module_param_safe_array() etc to mark parameters that are safe, not the reverse. That debate aside I think the patch is exactly what is needed for this, and is probably useful for more general hardening as well. Alan
