Re: [PATCH 3/6] xsm: enabling xsm to always be included

[Jan Beulich <jbeulich@suse.com>]

On 24.06.2021 19:18, Daniel P. Smith wrote:
> 
> 
> On 6/21/21 2:53 AM, Jan Beulich wrote:
>> On 18.06.2021 18:35, Daniel P. Smith wrote:
>>> On 6/18/21 7:53 AM, Andrew Cooper wrote:
>>>> On 18/06/2021 00:39, Daniel P. Smith wrote:
>>>>> @@ -250,9 +261,8 @@ config XSM_FLASK_POLICY
>>>>>   	  If unsure, say Y.
>>>>>   
>>>>>   config XSM_SILO
>>>>> -	def_bool y
>>>>> +	def_bool n
>>>>
>>>> I'm not sure we want to alter the FLASK/SILO defaults.  SILO in
>>>> particular is mandatory on ARM, and without it, you're in a security
>>>> unsupported configuration.
>>> The intent here is the default is the classic dom0 configuration. What
>>> if I did,
>>>
>>> def bool n
>>> def bool y if ARM
>>
>> Besides it needing to be with the order of the two lines flipped, if
>> Arm requires XSM_SILO, then I think it would better "select" it.
> 
> 
> Ack, I realized that as I fixed it for the upcoming v2.
> 
> Correct me if I am wrong but if you do a "select" that means you are 
> forcing the user to always have SILO built in, i.e. that makes it so the 
> option cannot be disabled. There may be users who would prefer to only 
> have Flask enabled on ARM and those users would not be able to turn SILO 
> off.

Yes, you're right. Problem is the (imo) malformed entry, which makes
it that I couldn't see the presence of a prompt anymore in the context
above. Well-formed (imo; I might also say "consistently formatted")
entries with a prompt ought to look like (taking your change into
account already, leaving aside whether that's really what we want)

config XSM_SILO
	bool "SILO support"
	default y if ARM
	default n

Whether "depends" precedes or follows "default" is a less clear cut.

def_bool imo would better be used only for prompt-less entries.

Jan