CONFIG DEVMEM PROTECT
From Exploitee.rs
Overview
Although we have not found a specific implementation for this kernel configuration item, it is most likely similar in nature to CONFIG_NONPROMISC_DEVMEM or CONFIG_STRICT_DEVMEM options in other kernel distributions. The purpose of this parameter would be to restrict user space applications from accessing kernel space (i.e. ring 0) memory via the /dev/mem character device. Preliminary testing reveals that requests to read from where the kernel is loaded (i.e. above 1MB) fail with EACCES even while root and with properly set permissions on the device.