dgit.raspbian.org Git - linux.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 30 Aug 2019 14:54:24 +0000 (15:54 +0100)
committer	Salvatore Bonaccorso <carnil@debian.org>
	Sat, 5 Sep 2020 14:52:44 +0000 (15:52 +0100)
commit	0cef3d0d15618ce2f53dce326eaeb9496986efe7
tree	0f6d9080666db62dc2bd54ac2312f38f5eddf577	tree \| snapshot
parent	262e1680078dba29af7122543f53fa601567dec6	commit \| diff

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

drivers/mtd/devices/phram.c		diff \| blob \| history
drivers/mtd/devices/slram.c		diff \| blob \| history