config NONPROMISC_DEVMEM: help text and logic are confusing

config NONPROMISC_DEVMEM: help text and logic are confusing

[Stefan Richter]

The subject option, prompt "Disable promiscuous /dev/mem" in the menu 
called "Kernel hacking", does the following as far as I understand the 
patch description in commit ae531c26c5c2a28ca1b35a75b39b3b256850f2c8:

y = tighter security of /dev/mem,
n = unfiltered access through /dev/mem.

Yet the Kconfig help text contains the sentence

	With this config option, you allow userspace access to all of
	memory, [...]

Shouldn't this read

	Say N to allow userspace access to all of memory, [...]

	Say Y if you want improved security.

Also see commit 1f56cf1c58c81f7ecf16f5e99ac4a333d9dc9aea:  This changed 
the default of the option from y to n.  But the help text still says:

	The /dev/mem file by default only allows userspace access to PCI
	space and the BIOS code and data regions.

This is apparently wrong with "default n".

Furthermore, most of the options in the "Kernel hacking" menu follow the 
logic of "Y = additional debug features", "N = for normal use".  With 
NONPROMISC_DEVMEM it is the other way around.  Besides, an option whose 
prompt says "Disable something" is generally bad; better is "Enable 
something" because this is what the vast majority of options do and thus 
avoid "yes means no" logic.

So, wouldn't it be better to have

config PROMISCUOUS_DEVMEM
	bool "Promiscuous /dev/mem"
	# default to old semantics for a transition period
	default y
	help
	  This option opens up /dev/mem for access to all memory which
	  is useful for debugging and for [insert other uses here:
	  buggy legacy applications?] ...

	  Say Y if...
	  If ..., say N.

If I misunderstood something, please correct me.  And the Kconfig entry 
and its help text too, because I believe I won't be the only earthling 
who gets it wrong.  Thanks,
-- 
Stefan Richter
-=====-==--- -=-= --=--
http://arcgraph.de/sr/

[PATCH regression fix] x86: fix CONFIG_NONPROMISC_DEVMEM prompt and help text

[Stefan Richter]

Here is an attempt to translate the prompt and help text into something
which is legible and, as a bonus, correct.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
---

Bogosity already reported on May 4.

Besides, AFAICT it is a security option, not a debug option, hence
misplaced in Kconfig.debug.  It would be an actual debug option if the
logic was the inverse:  PROMISC_DEVMEM, bool "Promiscuous /dev/mem".

 arch/x86/Kconfig.debug |   20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

Index: linux/arch/x86/Kconfig.debug
===================================================================
--- linux.orig/arch/x86/Kconfig.debug
+++ linux/arch/x86/Kconfig.debug
@@ -6,15 +6,19 @@ config TRACE_IRQFLAGS_SUPPORT
 source "lib/Kconfig.debug"
 
 config NONPROMISC_DEVMEM
-	bool "Disable promiscuous /dev/mem"
+	bool "Restricted access to /dev/mem"
 	help
-	  The /dev/mem file by default only allows userspace access to PCI
-	  space and the BIOS code and data regions. This is sufficient for
-	  dosemu and X and all common users of /dev/mem. With this config
-	  option, you allow userspace access to all of memory, including
-	  kernel and userspace memory. Accidental access to this is
-	  obviously disasterous, but specific access can be used by people
-	  debugging the kernel.
+	  If this option is left off, you allow userspace access to all
+	  of memory, including kernel and userspace memory. Accidental
+	  access to this is obviously disastrous, but specific access can
+	  be used by people debugging the kernel.
+
+	  If this option is switched on, the /dev/mem file only allows
+	  userspace access to PCI space and the BIOS code and data regions.
+	  This is sufficient for dosemu and X and all common users of
+	  /dev/mem.
+
+	  If in doubt, say Y.
 
 config EARLY_PRINTK
 	bool "Early printk" if EMBEDDED

-- 
Stefan Richter
-=====-==--- -==- --=-=
http://arcgraph.de/sr/

Re: [PATCH regression fix] x86: fix CONFIG_NONPROMISC_DEVMEM prompt and help text

[Stefan Richter]

Stefan Richter wrote:
>  config NONPROMISC_DEVMEM
> -	bool "Disable promiscuous /dev/mem"
> +	bool "Restricted access to /dev/mem"

Hmm, now "N" could be mistaken for "no access at all".


From: Stefan Richter <stefanr@s5r6.in-berlin.de>

Here is an attempt to translate the prompt and help text into something
which is legible and, as a bonus, correct.

Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
---
 arch/x86/Kconfig.debug |   20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

Index: linux/arch/x86/Kconfig.debug
===================================================================
--- linux.orig/arch/x86/Kconfig.debug
+++ linux/arch/x86/Kconfig.debug
@@ -6,15 +6,19 @@ config TRACE_IRQFLAGS_SUPPORT
 source "lib/Kconfig.debug"
 
 config NONPROMISC_DEVMEM
-	bool "Disable promiscuous /dev/mem"
+	bool "Filter access to /dev/mem"
 	help
-	  The /dev/mem file by default only allows userspace access to PCI
-	  space and the BIOS code and data regions. This is sufficient for
-	  dosemu and X and all common users of /dev/mem. With this config
-	  option, you allow userspace access to all of memory, including
-	  kernel and userspace memory. Accidental access to this is
-	  obviously disasterous, but specific access can be used by people
-	  debugging the kernel.
+	  If this option is left off, you allow userspace access to all
+	  of memory, including kernel and userspace memory. Accidental
+	  access to this is obviously disastrous, but specific access can
+	  be used by people debugging the kernel.
+
+	  If this option is switched on, the /dev/mem file only allows
+	  userspace access to PCI space and the BIOS code and data regions.
+	  This is sufficient for dosemu and X and all common users of
+	  /dev/mem.
+
+	  If in doubt, say Y.
 
 config EARLY_PRINTK
 	bool "Early printk" if EMBEDDED

-- 
Stefan Richter
-=====-==--- -==- --=-=
http://arcgraph.de/sr/