dgit.raspbian.org Git - linux.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 30 Aug 2019 14:54:24 +0000 (15:54 +0100)
committer	Salvatore Bonaccorso <carnil@debian.org>
	Thu, 2 Jan 2025 13:31:22 +0000 (14:31 +0100)
commit	ff65103147d9a1ae646228a963f646b747ddbace
tree	04d5ff144ef9ca1ba17e424667551f9dfcd52b6d	tree \| snapshot
parent	f8c29fda2c0fb4fb73ce63c5c20fdbb932125dde	commit \| diff

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

drivers/mtd/devices/phram.c		diff \| blob \| history
drivers/mtd/devices/slram.c		diff \| blob \| history