dgit.raspbian.org Git - linux.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 30 Aug 2019 14:54:24 +0000 (15:54 +0100)
committer	Salvatore Bonaccorso <carnil@debian.org>
	Mon, 18 Apr 2022 12:36:36 +0000 (13:36 +0100)
commit	73cd176856b845ad8019615e169cb18ce8522c46
tree	7eff8145b1ad99978330999e46e850f47502690a	tree \| snapshot
parent	29ae3d432a1dd857c686a56cad9855852548a1e6	commit \| diff

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

drivers/mtd/devices/phram.c		diff \| blob \| history
drivers/mtd/devices/slram.c		diff \| blob \| history