[PATCH] mtd: phram: Add the kernel lock down check
Takashi Iwai
tiwai at suse.de
Thu Nov 14 07:44:41 PST 2024
The phram MTD driver may map any memory pages no matter whether it's
reserved or whatever used for systems, which basically allows user
bypassing the lock down.
Add the check and abort the probe if the kernel is locked down for
LOCKDOWN_DEV_MEM.
Reported-by: Fabian Vogt <fvogt at suse.com>
Suggested-by: Fabian Vogt <fvogt at suse.com>
Signed-off-by: Takashi Iwai <tiwai at suse.de>
---
drivers/mtd/devices/phram.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/drivers/mtd/devices/phram.c b/drivers/mtd/devices/phram.c
index 1bf192f229d7..48abfb81ef66 100644
--- a/drivers/mtd/devices/phram.c
+++ b/drivers/mtd/devices/phram.c
@@ -30,6 +30,7 @@
#include <linux/platform_device.h>
#include <linux/of_address.h>
#include <linux/of.h>
+#include <linux/security.h>
struct phram_mtd_list {
struct mtd_info mtd;
@@ -410,6 +411,10 @@ static int __init init_phram(void)
{
int ret;
+ ret = security_locked_down(LOCKDOWN_DEV_MEM);
+ if (ret)
+ return ret;
+
ret = platform_driver_register(&phram_driver);
if (ret)
return ret;
--
2.43.0
More information about the linux-mtd
mailing list