From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: From: Egor Ignatov To: devel-kernel@lists.altlinux.org Date: Wed, 27 May 2026 11:25:34 +0300 Message-ID: <20260527082539.2000966-2-egori@altlinux.org> X-Mailer: git-send-email 2.50.1 In-Reply-To: <20260527082539.2000966-1-egori@altlinux.org> References: <20260527082539.2000966-1-egori@altlinux.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [d-kernel] [PATCH v2 1/6] mtd: slram: Add the kernel lock down check X-BeenThere: devel-kernel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux kernel packages development List-Id: ALT Linux kernel packages development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 May 2026 08:25:41 -0000 Archived-At: List-Archive: List-Post: The slram MTD driver may map any memory pages no matter whether it's reserved or whatever used for systems, which basically allows user bypassing the lock down. Add the check and abort the probe if the kernel is locked down for LOCKDOWN_DEV_MEM. Based on commit b3c782868ece ("mtd: phram: Add the kernel lock down check") Suggested-by: Vitaly Chikunov Signed-off-by: Egor Ignatov --- drivers/mtd/devices/slram.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/mtd/devices/slram.c b/drivers/mtd/devices/slram.c index 69cb63d99f..2928d12343 100644 --- a/drivers/mtd/devices/slram.c +++ b/drivers/mtd/devices/slram.c @@ -43,6 +43,7 @@ #include #include #include +#include #include @@ -277,6 +278,11 @@ __setup("slram=", mtd_slram_setup); static int __init init_slram(void) { char *devname; + int ret; + + ret = security_locked_down(LOCKDOWN_DEV_MEM); + if (ret) + return ret; #ifndef MODULE char *devstart; -- 2.50.1