Re: [PATCH] fix CONFIG_IO_STRICT_DEVMEM, do not enable by default
From: Kees Cook
Date: Wed Jan 20 2016 - 18:53:17 EST
On Wed, Jan 20, 2016 at 3:48 PM, Dan Williams <dan.j.williams@xxxxxxxxx> wrote:
> On Wed, Jan 20, 2016 at 3:12 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>> On Wed, Jan 20, 2016 at 2:37 PM, Dan Williams <dan.j.williams@xxxxxxxxx> wrote:
>>> Larry reports: "My PowerBook G4 Aluminum with a 32-bit PPC processor
>>> fails to boot for the 4.4-git series". This is likely due to X still
>>> needing /dev/mem access on this platform.
>>>
>>> CONFIG_IO_STRICT_DEVMEM is not yet safe to turn on when
>>> CONFIG_STRICT_DEVMEM=y. Remove the default so that old configurations
>>> do not change behavior.
>>>
>>> Fixes: 90a545e98126 ("restrict /dev/mem to idle io memory ranges")
>>> Reported-by: Larry Finger <Larry.Finger@xxxxxxxxxxxx>
>>> Tested-by: Larry Finger <Larry.Finger@xxxxxxxxxxxx>
>>> Link: http://marc.info/?l=linux-kernel&m=145332012023825&w=2
>>> Cc: Arnd Bergmann <arnd@xxxxxxxx>
>>> Cc: Ingo Molnar <mingo@xxxxxxxxxx>
>>> Cc: Kees Cook <keescook@xxxxxxxxxxxx>
>>> Cc: Russell King <linux@xxxxxxxxxxxxxxxx>
>>> Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
>>> Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
>>> Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>
>>
>> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx>
>>
>
> Thanks!
>
>> This should probably be CC: stable, yes?
>
> No, this breakage is new for the current merge window.
Ah! Okay, I misunderstood the "4.4" comment. Should that be 4.5-git?
--
Kees Cook
Chrome OS & Brillo Security