[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/x86: drop dependency of XEN_SHSTK on EXPERT


  • To: Juergen Gross <jgross@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Fri, 18 Mar 2022 14:51:52 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mIjmQgwIX1rtxD4Wey/AD0tUq87oAGlPYqX+MP6HkDI=; b=R3ktmgwyumPeAr7P5i/lECaps/JWc5W1gwBqIZbioNgZUGmNDGWadqTHUh9vMme90FHHn3NtSA4tbEpnjugoJ+GrDIwLxBDtWfjbN2pg9J2klqLjjjZhtZ6DbUYBnQV6nSifvQMxotQE6CRtG5SfqVxLPuMn9uktXaAoJgmexXkP3GHEi6LUdmK6iHwNQwwuKogX1aTVwso2HdwP9hYNOBcip74+m3c9aDhZG3T8fxiY58pcm+yvp/2dKUCflHlZ2ziCjaIlbYgsLJvLP2NippmuHsc2EpDkEXMW8shXGJ2Z1e6xznc2k4zCaGnhFoS+4oYCWueekTjlghtbGUVLOg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RCeEAFDyhc4DHxs3/b/u/AHVJdt82pdaLQCysef4IulmNy0pNFRwEvbP4FyjWdvnhznaNgwpCpcwVRe/tmsN6G0xiKGLMkU90+pkw4e2qfl2vXZ9ruHZ4DfQrUlPz3DH/bAN5jvvih0Vxc2QpJ3TaaZ1r6zZVodViGYtJepVM/RVFFyopo3Fg27hMv+Tueha6XkJwe7DfFGjIlTh1uo2e6efkvpk/C+dmxMubNc+ZlvLIeMpQn5rQ6krL/HLRGVGNlsqqt1TBUi0KGyEoqbviAooniilUggOGlL3V5Q7yDK98M4shgTBuwrM7L/1tXAxTye+ITXjeStDGXy1QFA0Xg==
  • Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Fri, 18 Mar 2022 14:52:22 +0000
  • Ironport-data: A9a23:FkaQBaqeRCJJBh2+hB/Jbmn+AZFeBmI1ZRIvgKrLsJaIsI4StFCzt garIBnSb6zZZDbwftsnbYyx/BwCvMPWndY3QVFqqC02RCoW8JuZCYyVIHmrMnLJJKUvbq7GA +byyDXkBJppJpMJjk71atANlVEliefQAOCU5NfsYkidfyc9IMsaoU8lyrZRbrJA24DjWVvW4 IOq+aUzBXf+s9JKGjNMg068gEsHUMTa4Fv0aXRnOJinFHeH/5UkJMp3yZOZdhMUcaENdgKOf M7RzanRw4/s10xF5uVJMFrMWhZirrb6ZWBig5fNMkSoqkAqSicais7XOBeAAKv+Zvrgc91Zk b1wWZKMpQgBOIPeorReViZjLRokGJxlxI6ZJFi0rpnGp6HGWyOEL/RGCUg3OcsT+/ptAHEI/ vsdQNwPRknd3aTsmuv9E7QywJR4RCXoFNp3VnVI5DfVF/s5B7vERL3H/4Rw1zYsnMFeW/3ZY qL1bBIxM0yZO0ASaj/7Drpvsv26jWHkXAd6l1OHhbFvz3GU/BZuhe2F3N39JYXRGJQ9clyjj mDM8nn9AxoaHMeC0jfD+XWp7sfQmQvrVYRUE6e3ntZoj0eU3Xc7EwANWB2wpvzRol6zXZdTJ lIZ/gIqrLMu7wq7Q9/lRRq6rXWY+BkGVLJt//YSsV/XjPCOukDAWzZCHmUphMEaWNEeQxI47 A/KmuzSOwc1lYy2dUPD85efsmbnUcQKFlMqaSgBRAoDxtDspoAvkx7CJupe/L6JYs7dQm+pn W3TxMQqr/BK1JNQif3nlbzSq2j0zqUlWDLZ8ek+soiNygpiLLCoaIWzgbQwxaYRdd3JJrVtU ZVtpiR/0AzsJczV/MBuaL9UdF1M2xpjGGeE6bKIN8N9nwlBA1b5IehtDMhWfS+FyPosdz7ze 1P0sghM/pJVN3bCRfYpP93sVZ1zlvC9TY2NuhXogjxmOMQZmOivpnwGWKJt9zq1zBhEfV8XZ P93jvpA/V5FUP86nVJats8W0KMxxzBW+I8gbcuT8vhT6pLHPCT9Ye5caDOmN7llhIvZ8FS92 4sObKOilkQAONASlwGKqOb/23hRdiNlbX03wuQKHtO+zv1OQzhwVaWOnet/J+SIXc19z4/1w 510YWcBoHLXjnzbMwSaLHdlbbLkR5FkqnwneycrOD6VN7ILOu5DMI93m0MLQIQa
  • Ironport-hdrordr: A9a23:I+LySq/BBXzdyVOXJmNuk+F4db1zdoMgy1knxilNoENuHPBwxv rAoB1E73PJYW4qKQ0dcdDpAtjlfZtFnaQFr7X5To3SIzUO31HYbb2KjLGSjAEIfheeygcz79 YZT0ETMqyTMbE+t7eG3ODaKadh/DDkytHSuQ629R4EJmsGC9AC0+46MHfgLqQffngdOXNTLu v62iMznUvYRZ1hVLXcOpBqZZmnm/T70LbdJTIWDR8u7weDyRmy7qThLhSe1hACFxtS3LYL6w H+4k/Ez5Tml8v+5g7X1mfV4ZgTssDm0MF/CMuFjdVQAinwizyveJ9qV9S5zXIISaCUmRMXee v30lAd1vdImjXsl6aO0ELQMjzboXITArnZuAelaDXY0JfErXkBerR8bMpiA2rkAgwbzYxBOe twrhGkX9A8N2KxoA3to9fPTB1kjUyyvD4rlvMSlWVWVc8EZKZWtpF3xjIeLH4sJlOz1GkcKp gkMCgc3ocgTXqKK3TC+mV/yt2lWXo+Wh+AX0gZo8SQlzxbhmpwwUcUzNEW2i5ozuNwd7BUo+ Dfdqh4nrBHScEbKap7GecaWMOyTmjAWwjFPm6eKUnuUKsHJ3XOoZjq56hd3pDmRLUYiJ8p3J jRWlJRsmA/P0roFM2VxZVOtgvARW2sNA6dg/22J6IJzIEUaICbRBFrEmpe4fdIi89vdvHmZw ==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYM6mz9BpISaLxN0e/wtmKcLCulazFSBQA
  • Thread-topic: [PATCH] xen/x86: drop dependency of XEN_SHSTK on EXPERT

On 09/03/2022 11:34, Juergen Gross wrote:
> XEN_SHSTK should be on per default now that it is supported officially.
> Only let the prompt depend on EXPERT.
>
> Signed-off-by: Juergen Gross <jgross@xxxxxxxx>
> ---
>  xen/arch/x86/Kconfig | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
> index 83d0f317ec..c166db3499 100644
> --- a/xen/arch/x86/Kconfig
> +++ b/xen/arch/x86/Kconfig
> @@ -117,8 +117,8 @@ config HVM
>         If unsure, say Y.
>  
>  config XEN_SHSTK
> -     bool "Supervisor Shadow Stacks (EXPERT)"
> -     depends on HAS_AS_CET_SS && EXPERT
> +     bool "Supervisor Shadow Stacks" if EXPERT

It has previously been stated that anything hidden behind expert is not
supported.  shstk is sure as hell supported when compiled off, because
that's been the status quo so far.

It's also wrong for shstk to be handled differently to IBT.

Most importantly however, it is simply obstructive to have options like
this hidden because the user can force them off by using an older compiler.

~Andrew

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.