* [PATCH] Let CONFIG_STRICT_DEVMEM depends on CONFIG_DEVMEM
@ 2016-10-06 5:12 Dave Young
2016-10-06 21:39 ` Kees Cook
0 siblings, 1 reply; 3+ messages in thread
From: Dave Young @ 2016-10-06 5:12 UTC (permalink / raw)
To: Andrew Morton, linux-kernel
Cc: Kees Cook, Ingo Molnar, Dan Williams, paulmck, Josh Poimboeuf,
Tejun Heo, Andrey Ryabinin, Nikolay Aleksandrov, Dmitry Vyukov
With CONFIG_DEVMEM not set, CONFIG_STRICT_DEVMEM will be useless
even if it is set =y, thus let's update the dependency in Kconfig.
Signed-off-by: Dave Young <dyoung@redhat.com>
---
lib/Kconfig.debug | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- linux-x86.orig/lib/Kconfig.debug
+++ linux-x86/lib/Kconfig.debug
@@ -1980,7 +1980,7 @@ config ARCH_HAS_DEVMEM_IS_ALLOWED
config STRICT_DEVMEM
bool "Filter access to /dev/mem"
- depends on MMU
+ depends on MMU && DEVMEM
depends on ARCH_HAS_DEVMEM_IS_ALLOWED
default y if TILE || PPC
---help---
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Let CONFIG_STRICT_DEVMEM depends on CONFIG_DEVMEM
2016-10-06 5:12 [PATCH] Let CONFIG_STRICT_DEVMEM depends on CONFIG_DEVMEM Dave Young
@ 2016-10-06 21:39 ` Kees Cook
2016-10-07 1:59 ` Dave Young
0 siblings, 1 reply; 3+ messages in thread
From: Kees Cook @ 2016-10-06 21:39 UTC (permalink / raw)
To: Dave Young
Cc: Andrew Morton, LKML, Ingo Molnar, Dan Williams, Paul McKenney,
Josh Poimboeuf, Tejun Heo, Andrey Ryabinin, Nikolay Aleksandrov,
Dmitry Vyukov
On Wed, Oct 5, 2016 at 10:12 PM, Dave Young <dyoung@redhat.com> wrote:
> With CONFIG_DEVMEM not set, CONFIG_STRICT_DEVMEM will be useless
> even if it is set =y, thus let's update the dependency in Kconfig.
>
> Signed-off-by: Dave Young <dyoung@redhat.com>
Acked-by: Kees Cook <keescook@chromium.org>
> ---
> lib/Kconfig.debug | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- linux-x86.orig/lib/Kconfig.debug
> +++ linux-x86/lib/Kconfig.debug
> @@ -1980,7 +1980,7 @@ config ARCH_HAS_DEVMEM_IS_ALLOWED
>
> config STRICT_DEVMEM
> bool "Filter access to /dev/mem"
> - depends on MMU
> + depends on MMU && DEVMEM
> depends on ARCH_HAS_DEVMEM_IS_ALLOWED
> default y if TILE || PPC
> ---help---
While we're at it, can we make DEVKMEM default=n? The help text even
suggests making it "n".
-Kees
--
Kees Cook
Nexus Security
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] Let CONFIG_STRICT_DEVMEM depends on CONFIG_DEVMEM
2016-10-06 21:39 ` Kees Cook
@ 2016-10-07 1:59 ` Dave Young
0 siblings, 0 replies; 3+ messages in thread
From: Dave Young @ 2016-10-07 1:59 UTC (permalink / raw)
To: Kees Cook
Cc: Andrew Morton, LKML, Ingo Molnar, Dan Williams, Paul McKenney,
Josh Poimboeuf, Tejun Heo, Andrey Ryabinin, Nikolay Aleksandrov,
Dmitry Vyukov
On 10/06/16 at 02:39pm, Kees Cook wrote:
> On Wed, Oct 5, 2016 at 10:12 PM, Dave Young <dyoung@redhat.com> wrote:
> > With CONFIG_DEVMEM not set, CONFIG_STRICT_DEVMEM will be useless
> > even if it is set =y, thus let's update the dependency in Kconfig.
> >
> > Signed-off-by: Dave Young <dyoung@redhat.com>
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> > ---
> > lib/Kconfig.debug | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > --- linux-x86.orig/lib/Kconfig.debug
> > +++ linux-x86/lib/Kconfig.debug
> > @@ -1980,7 +1980,7 @@ config ARCH_HAS_DEVMEM_IS_ALLOWED
> >
> > config STRICT_DEVMEM
> > bool "Filter access to /dev/mem"
> > - depends on MMU
> > + depends on MMU && DEVMEM
> > depends on ARCH_HAS_DEVMEM_IS_ALLOWED
> > default y if TILE || PPC
> > ---help---
>
> While we're at it, can we make DEVKMEM default=n? The help text even
> suggests making it "n".
It's fine to me, will send another patch for that.
Thanks
Dave
>
> -Kees
>
> --
> Kees Cook
> Nexus Security
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-10-07 2:00 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-10-06 5:12 [PATCH] Let CONFIG_STRICT_DEVMEM depends on CONFIG_DEVMEM Dave Young
2016-10-06 21:39 ` Kees Cook
2016-10-07 1:59 ` Dave Young
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.