Filter I/O access to /dev/mem

configname: CONFIG_IO_STRICT_DEVMEM

Linux Kernel Configuration
└─>Kernel hacking
└─>Filter I/O access to /dev/mem
In linux kernel since version 4.1 (release Date: 2015-06-21)  
If this option is disabled, you allow userspace (root) access to all
io-memory regardless of whether a driver is actively using that
range. Accidental access to this is obviously disastrous, but
specific access can be used by people debugging kernel drivers.

If this option is switched on, the /dev/mem file only allows
userspace access to *idle* io-memory ranges (see /proc/iomem) This
may break traditional users of /dev/mem (dosemu, legacy X, etc...)
if the driver using a given range cannot be disabled.

If in doubt, say Y.