I have specifically tested this on 5.15 on Kirkstone which is what we use at work. However, I would expect the same behavior on almost any kernel AFAICT the meaning of CONFIG_DEVMEM and CONFIG_STRICT_DEVMEM has been consistent since Linux 4.5 and is the same through current upstream.
-Andy On Tue, Oct 31, 2023, at 6:51 PM, Bruce Ashfield wrote: > This looks fine to me. > > Which kernel versions were you seeing / testing this change on ? > > Bruce > > In message: [linux-yocto] [yocto-kernel-cache][PATCH] security.cfg: > restore strict-only /dev/mem access > on 27/10/2023 C. Andy Martin wrote: > >> CONFIG_DEVMEM was mistakenly not enabled, which defeats >> CONFIG_STRICT_DEVMEM and friends, as it completely removes all >> /dev/mem support. >> >> Signed-off-by: C. Andy Martin <[email protected]> >> --- >> features/security/security.cfg | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/features/security/security.cfg b/features/security/security.cfg >> index 54b4789c..6c096739 100644 >> --- a/features/security/security.cfg >> +++ b/features/security/security.cfg >> @@ -31,7 +31,7 @@ CONFIG_INET_DIAG=n >> # Do not allow direct physical memory access (enable only STRICT mode...) >> # Note that drivers like uvesafb/v86d depending on direct physical memory >> # access would be affected. >> -CONFIG_DEVMEM=n >> +CONFIG_DEVMEM=y >> CONFIG_STRICT_DEVMEM=y >> CONFIG_IO_STRICT_DEVMEM=y >> >> -- >> 2.25.1 >> > >> >> >> -- C. Andy Martin [email protected]
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#13253): https://lists.yoctoproject.org/g/linux-yocto/message/13253 Mute This Topic: https://lists.yoctoproject.org/mt/102223509/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
