Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64

Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It is probably time to flip this default for x86 and arm64. Signed-off-by: N Kees Cook <keescook@chromium.org> Acked-by: N Laura Abbott <labbott@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Cc: kernel-hardening@lists.openwall.com Link: http://lkml.kernel.org/r/20171201201000.GA44539@beastSigned-off-by: N Ingo Molnar <mingo@kernel.org>

Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It is probably time to flip this default for x86 and arm64. Signed-off-by: N Kees Cook <keescook@chromium.org> Acked-by: N Laura Abbott <labbott@redhat.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Will Deacon <will.deacon@arm.com> Cc: kernel-hardening@lists.openwall.com Link: http://lkml.kernel.org/r/20171201201000.GA44539@beastSigned-off-by: N Ingo Molnar <mingo@kernel.org>
0f7cda2b · Kees Cook · Ingo Molnar · 50c4c4e2 · 0f7cda2b
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

lib/Kconfig.debug lib/Kconfig.debug +1 -1

未找到文件。
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
 	bool "Filter access to /dev/mem"
 	depends on MMU && DEVMEM
 	depends on ARCH_HAS_DEVMEM_IS_ALLOWED
-	default y if TILE || PPC
+	default y if TILE || PPC || X86 || ARM64
 	---help---
 	  If this option is disabled, you allow userspace (root) access to all
 	  of memory, including kernel and userspace memory. Accidental