[linux] 01/01: mtd: Disable slram and phram when securelevel is enabled
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Fri Jun 3 00:16:38 UTC 2016
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch sid
in repository linux.
commit a8fb2b9fbe52628604cfeb5e89ffd12cff5bb1d2
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Fri Jun 3 01:15:37 2016 +0100
mtd: Disable slram and phram when securelevel is enabled
---
debian/changelog | 6 +++
...ram-and-phram-when-securelevel-is-enabled.patch | 52 ++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 59 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 44e6629..7143da2 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+linux (4.5.5-2) UNRELEASED; urgency=medium
+
+ * mtd: Disable slram and phram when securelevel is enabled
+
+ -- Ben Hutchings <ben at decadent.org.uk> Fri, 03 Jun 2016 00:53:44 +0100
+
linux (4.5.5-1) unstable; urgency=medium
* New upstream stable update:
diff --git a/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch b/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
new file mode 100644
index 0000000..b8b2e33
--- /dev/null
+++ b/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
@@ -0,0 +1,52 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Date: Fri, 03 Jun 2016 00:48:39 +0100
+Subject: mtd: Disable slram and phram when securelevel is enabled
+
+The slram and phram drivers both allow mapping regions of physical
+address space such that they can then be read and written by userland
+through the MTD interface. This is probably usable to manipulate
+hardware into overwriting kernel code on many systems. Prevent that
+if securelevel is set.
+
+Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+---
+--- a/drivers/mtd/devices/phram.c
++++ b/drivers/mtd/devices/phram.c
+@@ -25,6 +25,7 @@
+ #include <linux/moduleparam.h>
+ #include <linux/slab.h>
+ #include <linux/mtd/mtd.h>
++#include <linux/security.h>
+
+ struct phram_mtd_list {
+ struct mtd_info mtd;
+@@ -226,6 +227,9 @@ static int phram_setup(const char *val)
+ uint64_t len;
+ int i, ret;
+
++ if (get_securelevel() > 0)
++ return -EPERM;
++
+ if (strnlen(val, sizeof(buf)) >= sizeof(buf))
+ parse_err("parameter too long\n");
+
+--- a/drivers/mtd/devices/slram.c
++++ b/drivers/mtd/devices/slram.c
+@@ -42,6 +42,7 @@
+ #include <linux/ioctl.h>
+ #include <linux/init.h>
+ #include <linux/io.h>
++#include <linux/security.h>
+
+ #include <linux/mtd/mtd.h>
+
+@@ -230,6 +231,9 @@ static int parse_cmdline(char *devname,
+ unsigned long devstart;
+ unsigned long devlength;
+
++ if (get_securelevel() > 0)
++ return -EPERM;
++
+ if ((!devname) || (!szstart) || (!szlength)) {
+ unregister_devices();
+ return(-EINVAL);
diff --git a/debian/patches/series b/debian/patches/series
index 56c4f9e..16e48e3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -117,6 +117,7 @@ features/all/securelevel/kexec-uefi-copy-secure_boot-flag-in-boot-params-acro.pa
features/all/securelevel/acpi-disable-acpi-table-override-if-securelevel-is-s.patch
features/all/securelevel/acpi-disable-apei-error-injection-if-securelevel-is-.patch
features/all/securelevel/enable-cold-boot-attack-mitigation.patch
+features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
# Security fixes
bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list