[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxx>
Date: Tue, 12 Jun 2018 23:19:22 +0100
Authentication-results: spf=none (sender IP is ) smtp.mailfrom=Julien.Grall@xxxxxxx;
Cc: Artem Mygaiev <artem_mygaiev@xxxxxxxx>, Lars Kurth <lars.kurth@xxxxxxxxxx>, "andrii_anisov@xxxxxxxx" <andrii_anisov@xxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxx, Dario Faggioli <dfaggioli@xxxxxxxx>, nd@xxxxxxx
Delivery-date: Tue, 12 Jun 2018 22:19:44 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Nodisclaimer: True
Spamdiagnosticmetadata: NSPM
Spamdiagnosticoutput: 1:99

Hi Stefano,

On 12/06/2018 20:53, Stefano Stabellini wrote:

On Tue, 12 Jun 2018, Jan Beulich wrote:

As a consequence of these changes, some options will become user-visible
and not dependent on CONFIG_EXPERT. It does not mean that Xen Project
will security support all possible combinations of kconfig options.
Instead, there will be a small set of pre-canned configurations that
will be supported.  See: https://marc.info/?l=xen-devel&m=152424389512432


George, Ian, Jan, shall SUPPORT.MD be updated to reflect the Kconfig
changes?

I am mostly thinking about the board support and the fact that more
options on Arm are selectable by the users.


I think that would be very desirable, yes.


Do you want me to add a patch for that to this series, or should I do it
separately?


I think such a doc change should be right in a particular patch making
things user selectable.


I have added the following to patch #5, the one introducing all the UART
Kconfigs on ARM. I think it is the one introducing more new options. I
removed Julien's ACK because of this change. Let me know if you think we
need more details in SUPPORT.md.

diff --git a/SUPPORT.md b/SUPPORT.md
index 264b23f..e70f35c 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -16,6 +16,18 @@ for the definitions of the support status levels etc.

# Feature Support+## Kconfig

+
+On x86, Kconfig options that depend on CONFIG_EXPERT are not security
+supported. Other Kconfig options that do not depend on CONFIG_EXPERT are
+supported, if the related features marked as supported in this document.
+
+On ARM, a wider range of Kconfig configurations is available to enable
+very small lines of code counts in the hypervisor. Not all possible
+combinations of kconfig options are security supported. Instead, a small
+set of pre-canned configurations is supported, see xen/arch/arm/configs.

I think we need to be more specific about CONFIG_EXPERT=y. This is stillsomething we don't want to security support on Arm.

Furthermore, tiny.config by default will select the platform "ALL" butmost of the user will tailor to a specific platform. That platform willselect drivers. By reading your statement, this new config will not besecurity supported. Not sure if it is wanted.

This also made me realize that in your tiny config you select NULLscheduler which is still marked as experimental in the Kconfig. It feelsstrange that you security support it in the tiny.config but not by default.


Cheers,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Stefano Stabellini

References:
- [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Julien Grall
- Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
  - From: Stefano Stabellini

Prev by Date: Re: [Xen-devel] [PATCH v5 3/3] Input: xen-kbdfront - allow better run-time configuration
Next by Date: [Xen-devel] [qemu-mainline test] 124093: tolerable FAIL - PUSHED
Previous by thread: Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
Next by thread: Re: [Xen-devel] [PATCH v5 0/10] arm: more kconfig configurability and small default configs
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.