]> www.infradead.org Git - users/jedix/linux-maple.git/commitdiff
projects / users / jedix / linux-maple.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 78a56df)
mtd: phram: Add the kernel lock down check
authorTakashi Iwai <tiwai@suse.de>
Thu, 14 Nov 2024 15:44:41 +0000 (16:44 +0100)
committerMiquel Raynal <miquel.raynal@bootlin.com>
Thu, 5 Dec 2024 10:11:44 +0000 (11:11 +0100)
The phram MTD driver may map any memory pages no matter whether it's
reserved or whatever used for systems, which basically allows user
bypassing the lock down.

Add the check and abort the probe if the kernel is locked down for
LOCKDOWN_DEV_MEM.

Reported-by: Fabian Vogt <fvogt@suse.com>
Suggested-by: Fabian Vogt <fvogt@suse.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Acked-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
drivers/mtd/devices/phram.c patch | blob | history

diff --git a/drivers/mtd/devices/phram.c b/drivers/mtd/devices/phram.c
index b8bbc7ecbe953835e2bef3540f90656a55a0ceff..fd9ec165e61a3488de48f4ce6d5a52c7278b1ae7 100644 (file)
--- a/drivers/mtd/devices/phram.c
+++ b/drivers/mtd/devices/phram.c
@@ -30,6 +30,7 @@
 #include <linux/platform_device.h>
 #include <linux/of_address.h>
 #include <linux/of.h>
+#include <linux/security.h>
 
 struct phram_mtd_list {
        struct mtd_info mtd;
@@ -410,6 +411,10 @@ static int __init init_phram(void)
 {
        int ret;
 
+       ret = security_locked_down(LOCKDOWN_DEV_MEM);
+       if (ret)
+               return ret;
+
        ret = platform_driver_register(&phram_driver);
        if (ret)
                return ret;
Unnamed repository; edit this file 'description' to name the repository.