[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH RESEND 2/2] xen: Allow EXPERT mode to be selected from the menuconfig directly

On 30.04.2020 16:25, Julien Grall wrote:
> EXPERT mode is currently used to gate any options that are in technical
> preview or not security supported At the moment, the only way to select
> it is to use XEN_CONFIG_EXPERT=y on the make command line.
> However, if the user forget to add the option of one of the make
> command (even a clean), then .config will get rewritten. This may lead
> to a rather frustrating experience as it is difficult to diagnostic the
> issue.

Is / will this still be true after Anthony's rework of the build
system? Right now we already have

clean-targets := %clean
no-dot-config-targets := $(clean-targets) \

> A lot of the options behind EXPERT would benefit to get more tested in
> order to be mark as fully supported in the future.

Anyone intending to get an EXPERT-only option fully supported will
need to do focused testing; I don't think we can expect to move
items out of this category just because more people happen to test
something every now and then.

> In order to make easier to experiment, the option EXPERT can now be
> selected from the menuconfig rather than make command line. This does
> not change the fact a kernel with EXPERT mode selected will not be
> security supported.

Well, if I'm not mis-remembering it was on purpose to make it more
difficult for people to declare themselves "experts". FAOD I'm not
meaning to imply I don't see and accept the frustration aspect you
mention further up. The two need to be carefully weighed against
one another.

> --- a/xen/Kconfig
> +++ b/xen/Kconfig
> @@ -35,7 +35,15 @@ config DEFCONFIG_LIST
>       default ARCH_DEFCONFIG
>  config EXPERT
> -     def_bool y if "$(XEN_CONFIG_EXPERT)" = "y"
> +     bool "Configure standard Xen features (expert users)"
> +     help
> +       This option allows certain base Xen options and settings
> +       to be disabled or tweaked. This is for specialized environments
> +       which can tolerate a "non-standard" Xen.
> +       Only use this if you really know what you are doing.
> +       Xen binaries built with this option enabled are not security
> +       supported.
> +     default n

I don't think the last line is needed.




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.