OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64 

Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
is probably time to flip this default for x86 and arm64.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Laura Abbott <labbott@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will.deacon@arm.com>
Cc: kernel-hardening@lists.openwall.com
Link: http://lkml.kernel.org/r/20171201201000.GA44539@beast
Signed-off-by: Ingo Molnar <mingo@kernel.org>
This commit is contained in:
Kees Cook 2017-12-01 12:10:00 -08:00 committed by Ingo Molnar
parent 50c4c4e268
commit 0f7cda2b82
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Kconfig.debug
View File

@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
bool "Filter access to /dev/mem" bool "Filter access to /dev/mem"
depends on MMU && DEVMEM depends on MMU && DEVMEM
depends on ARCH_HAS_DEVMEM_IS_ALLOWED depends on ARCH_HAS_DEVMEM_IS_ALLOWED
default y if TILE || PPC default y if TILE || PPC || X86 || ARM64
---help--- ---help---
If this option is disabled, you allow userspace (root) access to all If this option is disabled, you allow userspace (root) access to all
of memory, including kernel and userspace memory. Accidental of memory, including kernel and userspace memory. Accidental