From 087aaffcdf9c91667c93923fbc05fa8fb6bc7d3a Mon Sep 17 00:00:00 2001 From: Nicolas Pitre Date: Wed, 22 Sep 2010 18:34:36 -0400 Subject: ARM: implement CONFIG_STRICT_DEVMEM by disabling access to RAM via /dev/mem There are very few legitimate use cases, if any, for directly accessing system RAM through /dev/mem. So let's mimic what they do on x86 and forbid it when CONFIG_STRICT_DEVMEM is turned on. Signed-off-by: Nicolas Pitre --- arch/arm/Kconfig.debug | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'arch/arm/Kconfig.debug') diff --git a/arch/arm/Kconfig.debug b/arch/arm/Kconfig.debug index 91344af75f39..c29fb382aeee 100644 --- a/arch/arm/Kconfig.debug +++ b/arch/arm/Kconfig.debug @@ -2,6 +2,20 @@ menu "Kernel hacking" source "lib/Kconfig.debug" +config STRICT_DEVMEM + bool "Filter access to /dev/mem" + depends on MMU + ---help--- + If this option is disabled, you allow userspace (root) access to all + of memory, including kernel and userspace memory. Accidental + access to this is obviously disastrous, but specific access can + be used by people debugging the kernel. + + If this option is switched on, the /dev/mem file only allows + userspace access to memory mapped peripherals. + + If in doubt, say Y. + # RMK wants arm kernels compiled with frame pointers or stack unwinding. # If you know what you are doing and are willing to live without stack # traces, you can get a slightly smaller kernel by setting this option to -- cgit v1.2.3