From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <vt@altlinux.org>
Date: Sat, 9 May 2026 02:43:27 +0300
From: Vitaly Chikunov <vt@altlinux.org>
To: ALT Linux kernel packages development <devel-kernel@lists.altlinux.org>
Message-ID: <af5rRkWhkTklt9Ro@altlinux.org>
References: <20260506173722.1012394-1-egori@altlinux.org>
 <20260506173722.1012394-2-egori@altlinux.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20260506173722.1012394-2-egori@altlinux.org>
Subject: Re: [d-kernel] [PATCH 1/6] mtd: phram,
 slram: Disable when the kernel is locked down
X-BeenThere: devel-kernel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux kernel packages development
 <devel-kernel@lists.altlinux.org>
List-Id: ALT Linux kernel packages development
 <devel-kernel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel-kernel>,
 <mailto:devel-kernel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel-kernel>
List-Post: <mailto:devel-kernel@lists.altlinux.org>
List-Help: <mailto:devel-kernel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel-kernel>,
 <mailto:devel-kernel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Fri, 08 May 2026 23:43:28 -0000
Archived-At: <http://lore.altlinux.org/devel-kernel/af5rRkWhkTklt9Ro@altlinux.org/>
List-Archive: <http://lore.altlinux.org/devel-kernel/>
List-Post: <mailto:devel-kernel@altlinux.org>

On Wed, May 06, 2026 at 08:37:17PM +0300, Egor Ignatov wrote:
> From: Ben Hutchings <ben@decadent.org.uk>
> 
> These drivers allow mapping arbitrary memory ranges as MTD devices.
> This should be disabled to preserve the kernel's integrity when it is
> locked down.
> 
> * Add the HWPARAM flag to the module parameters
> * When slram is built-in, it uses __setup() to read kernel parameters,
>   so add an explicit check security_locked_down() check
> 
> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
> Cc: Matthew Garrett <mjg59@google.com>
> Cc: David Howells <dhowells@redhat.com>
> Cc: Joern Engel <joern@lazybastard.org>
> Cc: linux-mtd@lists.infradead.org
> [egori: imported from Debian linux package, patch
> lockdown/mtd-disable-slram-and-phram-when-locked-down.patch]
> Signed-off-by: Egor Ignatov <egori@altlinux.org>

Этот патч отсылался в апстрим ревьювился, ACKался но в итоге его так и не приняли
по неуказанной причине.

  https://lore.kernel.org/all/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/


> ---
>  drivers/mtd/devices/phram.c | 6 +++++-
>  drivers/mtd/devices/slram.c | 9 ++++++++-
>  2 files changed, 13 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/mtd/devices/phram.c b/drivers/mtd/devices/phram.c
> index b42cadcd76..42ccabf24d 100644
> --- a/drivers/mtd/devices/phram.c
> +++ b/drivers/mtd/devices/phram.c
> @@ -365,7 +365,11 @@ static int phram_param_call(const char *val, const struct kernel_param *kp)
>  #endif
>  }
>  
> -module_param_call(phram, phram_param_call, NULL, NULL, 0200);
> +static const struct kernel_param_ops phram_param_ops = {
> +	.set = phram_param_call
> +};
> +__module_param_call(MODULE_PARAM_PREFIX, phram, &phram_param_ops, NULL,
> +		    0200, -1, KERNEL_PARAM_FL_HWPARAM | hwparam_iomem);

1. Тут ошибка, должно быть `| hwparam_iomem & 0`, так как этот атрибут
только документирующий, а без `& 0` он начинает ошибочно устанавливать
лишний флаг (KERNEL_PARAM_FL_UNSAFE).

2. В Fedora этого патча нет.
3. В SUSE этого патча нет.
4. В апстриме есть коммит b3c782868eceb ("mtd: phram: Add the kernel
lock down check"), делающий изменения в phram.c не нужными. Но он не
затрагивает slram.c, но может быть это и не нужно.

Таким образом этот патч - наполовину хлам.

5. В Fedora эти модули не собираются

  redhat/kernel-ark | redhat/configs/common/generic/CONFIG_MTD_PHRAM:# CONFIG_MTD_PHRAM is not set
  redhat/kernel-ark | redhat/configs/common/generic/CONFIG_MTD_SLRAM:# CONFIG_MTD_SLRAM is not set

Возможно, поэтому этого патча и нет в Fedora.

От патча нужна только част относящаяся к slram.c:init_slram

>  MODULE_PARM_DESC(phram, "Memory region to map. \"phram=<name>,<start>,<length>[,<erasesize>]\"");
>  
>  #ifdef CONFIG_OF
> diff --git a/drivers/mtd/devices/slram.c b/drivers/mtd/devices/slram.c
> index 69cb63d99f..1330b47af0 100644
> --- a/drivers/mtd/devices/slram.c
> +++ b/drivers/mtd/devices/slram.c
> @@ -43,6 +43,7 @@
>  #include <linux/ioctl.h>
>  #include <linux/init.h>
>  #include <linux/io.h>
> +#include <linux/security.h>
>  
>  #include <linux/mtd/mtd.h>
>  
> @@ -65,7 +66,7 @@ typedef struct slram_mtd_list {
>  #ifdef MODULE
>  static char *map[SLRAM_MAX_DEVICES_PARAMS];
>  
> -module_param_array(map, charp, NULL, 0);
> +module_param_hw_array(map, charp, iomem, NULL, 0);
>  MODULE_PARM_DESC(map, "List of memory regions to map. \"map=<name>, <start>, <length / end>\"");
>  #else
>  static char *map;
> @@ -281,11 +282,17 @@ static int __init init_slram(void)
>  #ifndef MODULE
>  	char *devstart;
>  	char *devlength;
> +	int ret;
>  
>  	if (!map) {
>  		E("slram: not enough parameters.\n");
>  		return(-EINVAL);
>  	}
> +
> +	ret = security_locked_down(LOCKDOWN_MODULE_PARAMETERS);

Должно быть LOCKDOWN_DEV_MEM, по аналогии с b3c782868eceb.


> +	if (ret)
> +		return ret;
> +
>  	while (map) {
>  		devname = devstart = devlength = NULL;
>  
> -- 
> 2.50.1
> 
> _______________________________________________
> devel-kernel mailing list
> devel-kernel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel-kernel