|
@@ -1869,9 +1869,26 @@ config STRICT_DEVMEM
|
|
|
enabled, even in this case there are restrictions on /dev/mem
|
|
|
use due to the cache aliasing requirements.
|
|
|
|
|
|
+ If this option is switched on, and IO_STRICT_DEVMEM=n, the /dev/mem
|
|
|
+ file only allows userspace access to PCI space and the BIOS code and
|
|
|
+ data regions. This is sufficient for dosemu and X and all common
|
|
|
+ users of /dev/mem.
|
|
|
+
|
|
|
+ If in doubt, say Y.
|
|
|
+
|
|
|
+config IO_STRICT_DEVMEM
|
|
|
+ bool "Filter I/O access to /dev/mem"
|
|
|
+ depends on STRICT_DEVMEM
|
|
|
+ default STRICT_DEVMEM
|
|
|
+ ---help---
|
|
|
+ If this option is disabled, you allow userspace (root) access to all
|
|
|
+ io-memory regardless of whether a driver is actively using that
|
|
|
+ range. Accidental access to this is obviously disastrous, but
|
|
|
+ specific access can be used by people debugging kernel drivers.
|
|
|
+
|
|
|
If this option is switched on, the /dev/mem file only allows
|
|
|
- userspace access to PCI space and the BIOS code and data regions.
|
|
|
- This is sufficient for dosemu and X and all common users of
|
|
|
- /dev/mem.
|
|
|
+ userspace access to *idle* io-memory ranges (see /proc/iomem) This
|
|
|
+ may break traditional users of /dev/mem (dosemu, legacy X, etc...)
|
|
|
+ if the driver using a given range cannot be disabled.
|
|
|
|
|
|
If in doubt, say Y.
|