[PATCH v2] xen: EXPERT clean-up and introduce UNSUPPORTED

From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>

A recent thread [1] has exposed a couple of issues with our current way
of handling EXPERT.

1) It is not obvious that "Configure standard Xen features (expert
users)" is actually the famous EXPERT we keep talking about on xen-devel

2) It is not obvious when we need to enable EXPERT to get a specific

In particular if you want to enable ACPI support so that you can boot
Xen on an ACPI platform, you have to enable EXPERT first. But searching
through the kconfig menu it is really not clear (type '/' and "ACPI"):
nothing in the description tells you that you need to enable EXPERT to
get the option.

So this patch makes things easier by doing two things:

- introduce a new kconfig option UNSUPPORTED which is clearly to enable
  UNSUPPORTED features as defined by SUPPORT.md

- change EXPERT options to UNSUPPORTED where it makes sense: keep
  depending on EXPERT for features made for experts

- tag unsupported features by adding (UNSUPPORTED) to the one-line

- clarify the EXPERT one-line description

[1] https://marc.info/?l=xen-devel&m=160333101228981

Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
CC: andrew.cooper3@xxxxxxxxxx
CC: george.dunlap@xxxxxxxxxx
CC: iwj@xxxxxxxxxxxxxx
CC: jbeulich@xxxxxxxx
CC: julien@xxxxxxx
CC: wl@xxxxxxx

Changes in v2:
- introduce UNSUPPORTED as a separate new option
- don't switch all EXPERT options to UNSUPPORTED
 xen/Kconfig              | 11 ++++++++++-
 xen/arch/arm/Kconfig     | 10 +++++-----
 xen/arch/x86/Kconfig     |  8 ++++----
 xen/common/Kconfig       |  4 ++--
 xen/common/sched/Kconfig |  6 +++---
 5 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/xen/Kconfig b/xen/Kconfig
index 34c318bfa2..59400c4788 100644
--- a/xen/Kconfig
+++ b/xen/Kconfig
@@ -34,8 +34,17 @@ config DEFCONFIG_LIST
        option defconfig_list
        default ARCH_DEFCONFIG
+       bool "Configure UNSUPPORTED features"
+       help
+         This option allows unsupported Xen options to be enabled, which
+         includes non-security-supported, experimental, and tech preview
+         features as defined by SUPPORT.md. Xen binaries built with this
+         option enabled are not security supported.
+       default n
 config EXPERT
-       bool "Configure standard Xen features (expert users)"
+       bool "Configure EXPERT features"
          This option allows certain base Xen options and settings
          to be disabled or tweaked. This is for specialized environments
diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig
index f938dd21bd..5981e7380d 100644
--- a/xen/arch/arm/Kconfig
+++ b/xen/arch/arm/Kconfig
@@ -32,7 +32,7 @@ menu "Architecture Features"
 source "arch/Kconfig"
 config ACPI
-       bool "ACPI (Advanced Configuration and Power Interface) Support" if 
+       bool "ACPI (Advanced Configuration and Power Interface) Support 
        depends on ARM_64
@@ -49,7 +49,7 @@ config GICV3
          If unsure, say Y
 config HAS_ITS
-        bool "GICv3 ITS MSI controller support" if EXPERT
+        bool "GICv3 ITS MSI controller support (UNSUPPORTED)" if UNSUPPORTED
         depends on GICV3 && !NEW_VGIC
 config HVM
@@ -79,7 +79,7 @@ config SBSA_VUART_CONSOLE
          SBSA Generic UART implements a subset of ARM PL011 UART.
 config ARM_SSBD
-       bool "Speculative Store Bypass Disable" if EXPERT
+       bool "Speculative Store Bypass Disable (UNSUPPORTED)" if UNSUPPORTED
        depends on HAS_ALTERNATIVE
        default y
@@ -89,7 +89,7 @@ config ARM_SSBD
          If unsure, say Y.
-       bool "Harden the branch predictor against aliasing attacks" if EXPERT
+       bool "Harden the branch predictor against aliasing attacks 
        default y
          Speculation attacks against some high-performance processors rely on
@@ -106,7 +106,7 @@ config HARDEN_BRANCH_PREDICTOR
          If unsure, say Y.
 config TEE
-       bool "Enable TEE mediators support" if EXPERT
+       bool "Enable TEE mediators support (UNSUPPORTED)" if UNSUPPORTED
        default n
          This option enables generic TEE mediators support. It allows guests
diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index 24868aa6ad..d4e20e9d31 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -102,8 +102,8 @@ config HVM
          If unsure, say Y.
 config XEN_SHSTK
-       bool "Supervisor Shadow Stacks"
-       depends on HAS_AS_CET_SS && EXPERT
+       bool "Supervisor Shadow Stacks (UNSUPPORTED)"
+       depends on HAS_AS_CET_SS && UNSUPPORTED
        default y
          Control-flow Enforcement Technology (CET) is a set of features in
@@ -165,7 +165,7 @@ config HVM_FEP
          If unsure, say N.
 config TBOOT
-       bool "Xen tboot support" if EXPERT
+       bool "Xen tboot support (UNSUPPORTED)" if UNSUPPORTED
        default y if !PV_SHIM_EXCLUSIVE
        select CRYPTO
@@ -251,7 +251,7 @@ config HYPERV_GUEST
-       bool "Xen memory sharing support" if EXPERT
+       bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
        depends on HVM
diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 3e2cf25088..beed507727 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -151,7 +151,7 @@ config KEXEC
          If unsure, say Y.
-    bool "EFI: call SetVirtualAddressMap()" if EXPERT
+    bool "EFI: call SetVirtualAddressMap() (UNSUPPORTED)" if UNSUPPORTED
       Call EFI SetVirtualAddressMap() runtime service to setup memory map for
       further runtime services. According to UEFI spec, it isn't strictly
@@ -272,7 +272,7 @@ config LATE_HWDOM
          If unsure, say N.
 config ARGO
-       bool "Argo: hypervisor-mediated interdomain communication" if EXPERT
+       bool "Argo: hypervisor-mediated interdomain communication 
          Enables a hypercall for domains to ask the hypervisor to perform
          data transfer of messages between domains.
diff --git a/xen/common/sched/Kconfig b/xen/common/sched/Kconfig
index 61231aacaa..94c9e20139 100644
--- a/xen/common/sched/Kconfig
+++ b/xen/common/sched/Kconfig
@@ -15,7 +15,7 @@ config SCHED_CREDIT2
          optimized for lower latency and higher VM density.
 config SCHED_RTDS
-       bool "RTDS scheduler support (EXPERIMENTAL)"
+       bool "RTDS scheduler support (UNSUPPORTED)" if UNSUPPORTED
        default y
          The RTDS scheduler is a soft and firm real-time scheduler for
@@ -23,14 +23,14 @@ config SCHED_RTDS
          in the cloud, and general low-latency workloads.
 config SCHED_ARINC653
-       bool "ARINC653 scheduler support (EXPERIMENTAL)"
+       bool "ARINC653 scheduler support (UNSUPPORTED)" if UNSUPPORTED
        default DEBUG
          The ARINC653 scheduler is a hard real-time scheduler for single
          cores, targeted for avionics, drones, and medical devices.
 config SCHED_NULL
-       bool "Null scheduler support (EXPERIMENTAL)"
+       bool "Null scheduler support (UNSUPPORTED)" if UNSUPPORTED
        default y
          The null scheduler is a static, zero overhead scheduler,



