On Wed, Jan 20, 2016 at 2:37 PM, Dan Williams <[email protected]> wrote: > Larry reports: "My PowerBook G4 Aluminum with a 32-bit PPC processor > fails to boot for the 4.4-git series". This is likely due to X still > needing /dev/mem access on this platform. > > CONFIG_IO_STRICT_DEVMEM is not yet safe to turn on when > CONFIG_STRICT_DEVMEM=y. Remove the default so that old configurations > do not change behavior. > > Fixes: 90a545e98126 ("restrict /dev/mem to idle io memory ranges") > Reported-by: Larry Finger <[email protected]> > Tested-by: Larry Finger <[email protected]> > Link: http://marc.info/?l=linux-kernel&m=145332012023825&w=2 > Cc: Arnd Bergmann <[email protected]> > Cc: Ingo Molnar <[email protected]> > Cc: Kees Cook <[email protected]> > Cc: Russell King <[email protected]> > Cc: Andrew Morton <[email protected]> > Cc: Greg Kroah-Hartman <[email protected]> > Signed-off-by: Dan Williams <[email protected]>
Acked-by: Kees Cook <[email protected]> This should probably be CC: stable, yes? -Kees > --- > lib/Kconfig.debug | 1 - > 1 file changed, 1 deletion(-) > > diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug > index f75a33f29f6e..7d0b49c536c5 100644 > --- a/lib/Kconfig.debug > +++ b/lib/Kconfig.debug > @@ -1919,7 +1919,6 @@ config STRICT_DEVMEM > config IO_STRICT_DEVMEM > bool "Filter I/O access to /dev/mem" > depends on STRICT_DEVMEM > - default STRICT_DEVMEM > ---help--- > If this option is disabled, you allow userspace (root) access to all > io-memory regardless of whether a driver is actively using that > -- Kees Cook Chrome OS & Brillo Security
