From 37744763b610fc5a1d8331d15025d546d634837a Mon Sep 17 00:00:00 2001
From: Michael Olbrich <m.olbrich@pengutronix.de>
Date: Tue, 13 Feb 2018 16:01:49 +0100
Subject: kernelconfig: reason: filter access to /dev/mem

Access to normal system memory is usually not needed and it makes
compromising the kernel more difficult. IO addresses are still accessible
as long as CONFIG_IO_STRICT_DEVMEM is disabled.

Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
---
 configs/platform-v7a/kernelconfig | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/configs/platform-v7a/kernelconfig b/configs/platform-v7a/kernelconfig
index 9149a94..4e0bff5 100644
--- a/configs/platform-v7a/kernelconfig
+++ b/configs/platform-v7a/kernelconfig
@@ -3099,7 +3099,8 @@ CONFIG_HAVE_ARCH_KGDB=y
 # CONFIG_ARCH_WANTS_UBSAN_NO_NULL is not set
 # CONFIG_UBSAN is not set
 CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y
-# CONFIG_STRICT_DEVMEM is not set
+CONFIG_STRICT_DEVMEM=y
+# CONFIG_IO_STRICT_DEVMEM is not set
 # CONFIG_ARM_PTDUMP is not set
 CONFIG_ARM_UNWIND=y
 CONFIG_OLD_MCOUNT=y
-- 
cgit v1.2.3