[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v7 12/12] xen: clarify the security-support status of Kconfig options on ARM

On Wed, 25 Jul 2018, George Dunlap wrote:
> On Wed, Jul 25, 2018 at 10:50 AM, Julien Grall <julien.grall@xxxxxxx> wrote:
> >> Anything you can select in menuconfig without passing
> >> XEN_CONFIG_EXPERT=y is security supported.  Anything hidden behind
> >> XEN_CONFIG_EXPERT is security supported in its default configuration.
> >
> >
> > Could you clarify what you mean by security supported here? For instance,
> > "livepatch" is selectable on Arm with XEN_CONFIG_EXPERT=y but it is marked
> > as "experimental" in SUPPORT.MD.
> I think Andy means something like, "supported when no admin action is
> taken to activate it".  Livepatch doesn't just happen by itself; you
> have to take an action to trigger the behavior, so it's not supported.

I am OK following the same model on ARM too. Do we all agree?

If so, I can just remove this patch from the series, because the
previous patch already clarifies the role of EXPERT.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.