dgit.raspbian.org Git - linux.git/commit

author	Ben Hutchings <ben@decadent.org.uk>
	Fri, 30 Aug 2019 14:54:24 +0000 (15:54 +0100)
committer	Salvatore Bonaccorso <carnil@debian.org>
	Tue, 6 May 2025 19:33:52 +0000 (21:33 +0200)
commit	fa11e2be342f8e126895c7a6e4083a508b91bd3c
tree	921b1f9d40ea182946be80d00ed76410daf78b4c	tree \| snapshot
parent	548722d614aebcc8883cd6269a88b76a531de997	commit \| diff

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

drivers/mtd/devices/phram.c		diff \| blob \| history
drivers/mtd/devices/slram.c		diff \| blob \| history