Xen project Mailing List

Re: [Xen-devel] [RFC PATCH 1/7] build: add debug menu to Kconfig

To: Wei Liu <wei.liu2@xxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Mon, 2 May 2016 12:02:07 +0100

Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>

Delivery-date: Mon, 02 May 2016 11:02:20 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 02/05/2016 11:42, Wei Liu wrote: > On Sun, May 01, 2016 at 11:10:40PM -0500, Doug Goldstein wrote: >> There are a number of debugging options for Xen so the idea is to have a >> menu to group them all together. Enabling this menu item will also >> disable NDEBUG which will result in more debug prints. This was >> previously wired into the 'debug=y' command line option. >> >> Signed-off-by: Doug Goldstein <cardoe@xxxxxxxxxx> >> --- >> CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> >> CC: George Dunlap <George.Dunlap@xxxxxxxxxxxxx> >> CC: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> >> CC: Jan Beulich <jbeulich@xxxxxxxx> >> CC: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> >> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx> >> CC: Tim Deegan <tim@xxxxxxx> >> CC: Wei Liu <wei.liu2@xxxxxxxxxx> >> --- >> xen/Kconfig | 2 ++ >> xen/Kconfig.debug | 7 +++++++ >> xen/include/xen/config.h | 4 ++++ >> 3 files changed, 13 insertions(+) >> create mode 100644 xen/Kconfig.debug >> >> diff --git a/xen/Kconfig b/xen/Kconfig >> index fa8b27c..0fe7a1a 100644 >> --- a/xen/Kconfig >> +++ b/xen/Kconfig >> @@ -26,3 +26,5 @@ config DEFCONFIG_LIST >> config EXPERT >> string >> option env="XEN_CONFIG_EXPERT" >> + >> +source "Kconfig.debug" >> diff --git a/xen/Kconfig.debug b/xen/Kconfig.debug >> new file mode 100644 >> index 0000000..d14d758 >> --- /dev/null >> +++ b/xen/Kconfig.debug >> @@ -0,0 +1,7 @@ >> + >> +menuconfig DEBUG >> + bool "Debugging Options" >> + ---help--- >> + If you want to debug Xen say Y and select any additional debugging >> + support options. This enables additional debugging through Xen >> + and as a result enabling this option results in no security >> guarantees. > Maybe that's because I'm not a native speaker, this doesn't sound right > to me -- it implies debugging option makes xen insecure. > > I think you mean "results in no security support"? Instead of mentioning security, I would simply say "Enabling this option is intended for development purposes only, and not for production use". There is already a statement saying that issues which only affect a debug hypervisor are not considered security relevant. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.