powerpc/configs: Disable SCOM_DEBUGFS in powernv_defconfig
SCOM_DEBUGFS is really not needed for anything other than low-level hardware debugging. mpe: It also introduces a large and poorly documented/understood attack surface. Although the interface is only available to root, the kernel still aspires to restrict root to accessing hardware through well defined interfaces, which this is not. opal-prd uses its own interface (/dev/prd) for SCOM access, so it doesn't need SCOM_DEBUGFS. At some point in the future we'll introduce a debug config fragment where this can go instead. Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20190509051119.7694-5-ajd@linux.ibm.com
This commit is contained in:
parent
8c98db8d58
commit
8b856a0942
|
@ -38,7 +38,7 @@ CONFIG_MODULE_UNLOAD=y
|
|||
CONFIG_MODVERSIONS=y
|
||||
CONFIG_MODULE_SRCVERSION_ALL=y
|
||||
CONFIG_PARTITION_ADVANCED=y
|
||||
CONFIG_SCOM_DEBUGFS=y
|
||||
# CONFIG_SCOM_DEBUGFS is not set
|
||||
CONFIG_OPAL_PRD=y
|
||||
CONFIG_PPC_MEMTRACE=y
|
||||
# CONFIG_PPC_PSERIES is not set
|
||||
|
|
Loading…
Reference in New Issue