From 8b856a0942a1b4d832966985fcdf1a455eb6ab8c Mon Sep 17 00:00:00 2001 From: Andrew Donnellan Date: Thu, 9 May 2019 15:11:19 +1000 Subject: [PATCH] powerpc/configs: Disable SCOM_DEBUGFS in powernv_defconfig SCOM_DEBUGFS is really not needed for anything other than low-level hardware debugging. mpe: It also introduces a large and poorly documented/understood attack surface. Although the interface is only available to root, the kernel still aspires to restrict root to accessing hardware through well defined interfaces, which this is not. opal-prd uses its own interface (/dev/prd) for SCOM access, so it doesn't need SCOM_DEBUGFS. At some point in the future we'll introduce a debug config fragment where this can go instead. Signed-off-by: Andrew Donnellan Signed-off-by: Michael Ellerman Link: https://lore.kernel.org/r/20190509051119.7694-5-ajd@linux.ibm.com --- arch/powerpc/configs/powernv_defconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/powerpc/configs/powernv_defconfig b/arch/powerpc/configs/powernv_defconfig index 34219d555e8a..6658cceb928c 100644 --- a/arch/powerpc/configs/powernv_defconfig +++ b/arch/powerpc/configs/powernv_defconfig @@ -38,7 +38,7 @@ CONFIG_MODULE_UNLOAD=y CONFIG_MODVERSIONS=y CONFIG_MODULE_SRCVERSION_ALL=y CONFIG_PARTITION_ADVANCED=y -CONFIG_SCOM_DEBUGFS=y +# CONFIG_SCOM_DEBUGFS is not set CONFIG_OPAL_PRD=y CONFIG_PPC_MEMTRACE=y # CONFIG_PPC_PSERIES is not set -- 2.30.2