[PATCH 0/2] xen: Allow EXPERT mode to be selected from the menuconfig directly

[PATCH 0/2] xen: Allow EXPERT mode to be selected from the menuconfig directly

[Julien Grall]

From: Julien Grall <jgrall@amazon.com>

Hi all,

This small series is meant to make easier to experiment when using Xen.
See patch #2 for more details.

Cheers,

Julien Grall (2):
  xen/Kconfig: define EXPERT a bool rather than a string
  xen: Allow EXPERT mode to be selected from the menuconfig directly

 xen/Kconfig                     | 11 +++++++++--
 xen/Kconfig.debug               |  2 +-
 xen/Makefile                    |  1 -
 xen/arch/arm/Kconfig            | 10 +++++-----
 xen/arch/x86/Kconfig            |  6 +++---
 xen/common/Kconfig              | 14 +++++++-------
 xen/common/sched/Kconfig        |  2 +-
 xen/drivers/passthrough/Kconfig |  2 +-
 8 files changed, 27 insertions(+), 21 deletions(-)

-- 
2.17.1

[PATCH 1/2] xen/Kconfig: define EXPERT a bool rather than a string

[Julien Grall]

From: Julien Grall <jgrall@amazon.com>

Since commit f80fe2b34f08 "xen: Update Kconfig to Linux v5.4" EXPERT
can only have two values (enabled or disabled). So switch from a string
to a bool.

Take the opportunity to replace all "EXPERT = y" to "EXPERT".

Signed-off-by: Julien Grall <jgrall@amazon.com>
---
 xen/Kconfig                     |  3 +--
 xen/Kconfig.debug               |  2 +-
 xen/arch/arm/Kconfig            | 10 +++++-----
 xen/arch/x86/Kconfig            |  6 +++---
 xen/common/Kconfig              | 14 +++++++-------
 xen/common/sched/Kconfig        |  2 +-
 xen/drivers/passthrough/Kconfig |  2 +-
 7 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/xen/Kconfig b/xen/Kconfig
index 073042f46730..120b5f412993 100644
--- a/xen/Kconfig
+++ b/xen/Kconfig
@@ -35,8 +35,7 @@ config DEFCONFIG_LIST
 	default ARCH_DEFCONFIG
 
 config EXPERT
-	string
-	default y if "$(XEN_CONFIG_EXPERT)" = "y"
+	def_bool y if "$(XEN_CONFIG_EXPERT)" = "y"
 
 config LTO
 	bool "Link Time Optimisation"
diff --git a/xen/Kconfig.debug b/xen/Kconfig.debug
index ee6ee33b69be..fad3050d4f7b 100644
--- a/xen/Kconfig.debug
+++ b/xen/Kconfig.debug
@@ -11,7 +11,7 @@ config DEBUG
 
 	  You probably want to say 'N' here.
 
-if DEBUG || EXPERT = "y"
+if DEBUG || EXPERT
 
 config CRASH_DEBUG
 	bool "Crash Debugging Support"
diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig
index d51f66072e2e..6a43576dac5e 100644
--- a/xen/arch/arm/Kconfig
+++ b/xen/arch/arm/Kconfig
@@ -33,7 +33,7 @@ source "arch/Kconfig"
 
 config ACPI
 	bool
-	prompt "ACPI (Advanced Configuration and Power Interface) Support" if EXPERT = "y"
+	prompt "ACPI (Advanced Configuration and Power Interface) Support" if EXPERT
 	depends on ARM_64
 	---help---
 
@@ -51,7 +51,7 @@ config GICV3
 
 config HAS_ITS
         bool
-        prompt "GICv3 ITS MSI controller support" if EXPERT = "y"
+        prompt "GICv3 ITS MSI controller support" if EXPERT
         depends on GICV3 && !NEW_VGIC
 
 config HVM
@@ -81,7 +81,7 @@ config SBSA_VUART_CONSOLE
 	  SBSA Generic UART implements a subset of ARM PL011 UART.
 
 config ARM_SSBD
-	bool "Speculative Store Bypass Disable" if EXPERT = "y"
+	bool "Speculative Store Bypass Disable" if EXPERT
 	depends on HAS_ALTERNATIVE
 	default y
 	help
@@ -91,7 +91,7 @@ config ARM_SSBD
 	  If unsure, say Y.
 
 config HARDEN_BRANCH_PREDICTOR
-	bool "Harden the branch predictor against aliasing attacks" if EXPERT = "y"
+	bool "Harden the branch predictor against aliasing attacks" if EXPERT
 	default y
 	help
 	  Speculation attacks against some high-performance processors rely on
@@ -108,7 +108,7 @@ config HARDEN_BRANCH_PREDICTOR
 	  If unsure, say Y.
 
 config TEE
-	bool "Enable TEE mediators support" if EXPERT = "y"
+	bool "Enable TEE mediators support" if EXPERT
 	default n
 	help
 	  This option enables generic TEE mediators support. It allows guests
diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index a69be983d6f3..3237cb2f31f4 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -112,7 +112,7 @@ config BIGMEM
 	  If unsure, say N.
 
 config HVM_FEP
-	bool "HVM Forced Emulation Prefix support" if EXPERT = "y"
+	bool "HVM Forced Emulation Prefix support" if EXPERT
 	default DEBUG
 	depends on HVM
 	---help---
@@ -132,7 +132,7 @@ config HVM_FEP
 
 config TBOOT
 	def_bool y
-	prompt "Xen tboot support" if EXPERT = "y"
+	prompt "Xen tboot support" if EXPERT
 	select CRYPTO
 	---help---
 	  Allows support for Trusted Boot using the Intel(R) Trusted Execution
@@ -217,7 +217,7 @@ config HYPERV_GUEST
 endif
 
 config MEM_SHARING
-	bool "Xen memory sharing support" if EXPERT = "y"
+	bool "Xen memory sharing support" if EXPERT
 	depends on HVM
 
 endmenu
diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index a6914fcae98b..fe9b41f72128 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -12,7 +12,7 @@ config CORE_PARKING
 	bool
 
 config GRANT_TABLE
-	bool "Grant table support" if EXPERT = "y"
+	bool "Grant table support" if EXPERT
 	default y
 	---help---
 	  Grant table provides a generic mechanism to memory sharing
@@ -128,7 +128,7 @@ config KEXEC
 	  If unsure, say Y.
 
 config EFI_SET_VIRTUAL_ADDRESS_MAP
-    bool "EFI: call SetVirtualAddressMap()" if EXPERT = "y"
+    bool "EFI: call SetVirtualAddressMap()" if EXPERT
     ---help---
       Call EFI SetVirtualAddressMap() runtime service to setup memory map for
       further runtime services. According to UEFI spec, it isn't strictly
@@ -139,7 +139,7 @@ config EFI_SET_VIRTUAL_ADDRESS_MAP
 
 config XENOPROF
 	def_bool y
-	prompt "Xen Oprofile Support" if EXPERT = "y"
+	prompt "Xen Oprofile Support" if EXPERT
 	depends on X86
 	---help---
 	  Xen OProfile (Xenoprof) is a system-wide profiler for Xen virtual
@@ -176,7 +176,7 @@ config XSM_FLASK
 
 config XSM_FLASK_AVC_STATS
 	def_bool y
-	prompt "Maintain statistics on the FLASK access vector cache" if EXPERT = "y"
+	prompt "Maintain statistics on the FLASK access vector cache" if EXPERT
 	depends on XSM_FLASK
 	---help---
 	  Maintain counters on the access vector cache that can be viewed using
@@ -249,7 +249,7 @@ config LATE_HWDOM
 	  If unsure, say N.
 
 config ARGO
-	bool "Argo: hypervisor-mediated interdomain communication" if EXPERT = "y"
+	bool "Argo: hypervisor-mediated interdomain communication" if EXPERT
 	---help---
 	  Enables a hypercall for domains to ask the hypervisor to perform
 	  data transfer of messages between domains.
@@ -321,7 +321,7 @@ config SUPPRESS_DUPLICATE_SYMBOL_WARNINGS
 	  build becoming overly verbose.
 
 config CMDLINE
-	string "Built-in hypervisor command string" if EXPERT = "y"
+	string "Built-in hypervisor command string" if EXPERT
 	default ""
 	---help---
 	  Enter arguments here that should be compiled into the hypervisor
@@ -354,7 +354,7 @@ config DOM0_MEM
 	  Leave empty if you are not sure what to specify.
 
 config TRACEBUFFER
-	bool "Enable tracing infrastructure" if EXPERT = "y"
+	bool "Enable tracing infrastructure" if EXPERT
 	default y
 	---help---
 	  Enable tracing infrastructure and pre-defined tracepoints within Xen.
diff --git a/xen/common/sched/Kconfig b/xen/common/sched/Kconfig
index 883ac87cab65..61231aacaa1c 100644
--- a/xen/common/sched/Kconfig
+++ b/xen/common/sched/Kconfig
@@ -1,5 +1,5 @@
 menu "Schedulers"
-	visible if EXPERT = "y"
+	visible if EXPERT
 
 config SCHED_CREDIT
 	bool "Credit scheduler support"
diff --git a/xen/drivers/passthrough/Kconfig b/xen/drivers/passthrough/Kconfig
index e7e62ccd63c3..73f4ad89ecbc 100644
--- a/xen/drivers/passthrough/Kconfig
+++ b/xen/drivers/passthrough/Kconfig
@@ -14,7 +14,7 @@ config ARM_SMMU
 	  ARM SMMU architecture.
 
 config IPMMU_VMSA
-	bool "Renesas IPMMU-VMSA found in R-Car Gen3 SoCs" if EXPERT = "y"
+	bool "Renesas IPMMU-VMSA found in R-Car Gen3 SoCs" if EXPERT
 	depends on ARM_64
 	---help---
 	  Support for implementations of the Renesas IPMMU-VMSA found
-- 
2.17.1

[PATCH 2/2] xen: Allow EXPERT mode to be selected from the menuconfig directly

[Julien Grall]

From: Julien Grall <jgrall@amazon.com>

EXPERT mode is currently used to gate any options that are in technical
preview or not security supported At the moment, the only way to select
it is to use XEN_CONFIG_EXPERT=y on the make command line.

However, if the user forget to add the option of one of the make
command (even a clean), then .config will get rewritten. This may lead
to a rather frustrating experience as it is difficult to diagnostic the
issue.

A lot of the options behind EXPERT would benefit to get more tested in
order to be mark as fully supported in the future.

In order to make easier to experiment, the option EXPERT can now be
selected from the menuconfig rather than make command line. This does
not change the fact a kernel with EXPERT mode selected will not be
security supported.

Signed-off-by: Julien Grall <jgrall@amazon.com>

---

This may require some changes in OSSTest as we select the EXPERT mode
when building (This is necessary for booting Xen on Thunder-X box).
---
 xen/Kconfig  | 10 +++++++++-
 xen/Makefile |  1 -
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/xen/Kconfig b/xen/Kconfig
index 120b5f412993..34c318bfa2c7 100644
--- a/xen/Kconfig
+++ b/xen/Kconfig
@@ -35,7 +35,15 @@ config DEFCONFIG_LIST
 	default ARCH_DEFCONFIG
 
 config EXPERT
-	def_bool y if "$(XEN_CONFIG_EXPERT)" = "y"
+	bool "Configure standard Xen features (expert users)"
+	help
+	  This option allows certain base Xen options and settings
+	  to be disabled or tweaked. This is for specialized environments
+	  which can tolerate a "non-standard" Xen.
+	  Only use this if you really know what you are doing.
+	  Xen binaries built with this option enabled are not security
+	  supported.
+	default n
 
 config LTO
 	bool "Link Time Optimisation"
diff --git a/xen/Makefile b/xen/Makefile
index 2b1dacb49754..286f374b549f 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -11,7 +11,6 @@ export XEN_DOMAIN	?= $(shell ([ -x /bin/dnsdomainname ] && /bin/dnsdomainname) |
 export XEN_BUILD_DATE	?= $(shell LC_ALL=C date)
 export XEN_BUILD_TIME	?= $(shell LC_ALL=C date +%T)
 export XEN_BUILD_HOST	?= $(shell hostname)
-export XEN_CONFIG_EXPERT ?= n
 
 # Best effort attempt to find a python interpreter, defaulting to Python 3 if
 # available.  Fall back to just `python` if `which` is nowhere to be found.
-- 
2.17.1

Re: [PATCH 0/2] xen: Allow EXPERT mode to be selected from the menuconfig directly

[Julien Grall]

Hmmm I have just realized I forgot to CC the REST.

I will resend it.

On 30/04/2020 13:43, Julien Grall wrote:
> From: Julien Grall <jgrall@amazon.com>
> 
> Hi all,
> 
> This small series is meant to make easier to experiment when using Xen.
> See patch #2 for more details.
> 
> Cheers,
> 
> Julien Grall (2):
>    xen/Kconfig: define EXPERT a bool rather than a string
>    xen: Allow EXPERT mode to be selected from the menuconfig directly
> 
>   xen/Kconfig                     | 11 +++++++++--
>   xen/Kconfig.debug               |  2 +-
>   xen/Makefile                    |  1 -
>   xen/arch/arm/Kconfig            | 10 +++++-----
>   xen/arch/x86/Kconfig            |  6 +++---
>   xen/common/Kconfig              | 14 +++++++-------
>   xen/common/sched/Kconfig        |  2 +-
>   xen/drivers/passthrough/Kconfig |  2 +-
>   8 files changed, 27 insertions(+), 21 deletions(-)
> 

-- 
Julien Grall

Re: [PATCH 1/2] xen/Kconfig: define EXPERT a bool rather than a string

[Jan Beulich]

On 30.04.2020 14:43, Julien Grall wrote:
> From: Julien Grall <jgrall@amazon.com>
> 
> Since commit f80fe2b34f08 "xen: Update Kconfig to Linux v5.4" EXPERT
> can only have two values (enabled or disabled). So switch from a string
> to a bool.
> 
> Take the opportunity to replace all "EXPERT = y" to "EXPERT".
> 
> Signed-off-by: Julien Grall <jgrall@amazon.com>

Acked-by: Jan Beulich <jbeulich@suse.com>
with a remark:

> --- a/xen/arch/arm/Kconfig
> +++ b/xen/arch/arm/Kconfig
> @@ -33,7 +33,7 @@ source "arch/Kconfig"
>  
>  config ACPI
>  	bool
> -	prompt "ACPI (Advanced Configuration and Power Interface) Support" if EXPERT = "y"
> +	prompt "ACPI (Advanced Configuration and Power Interface) Support" if EXPERT
>  	depends on ARM_64
>  	---help---
>  
> @@ -51,7 +51,7 @@ config GICV3
>  
>  config HAS_ITS
>          bool
> -        prompt "GICv3 ITS MSI controller support" if EXPERT = "y"
> +        prompt "GICv3 ITS MSI controller support" if EXPERT
>          depends on GICV3 && !NEW_VGIC

Could I talk you info switching ones like the above (looks like
there aren't further ones) to ...

> @@ -81,7 +81,7 @@ config SBSA_VUART_CONSOLE
>  	  SBSA Generic UART implements a subset of ARM PL011 UART.
>  
>  config ARM_SSBD
> -	bool "Speculative Store Bypass Disable" if EXPERT = "y"
> +	bool "Speculative Store Bypass Disable" if EXPERT

... this more compact form on this occasion?

Jan

Re: [PATCH 1/2] xen/Kconfig: define EXPERT a bool rather than a string

[Julien Grall]

Hi Jan,

On 30/04/2020 15:32, Jan Beulich wrote:
> On 30.04.2020 14:43, Julien Grall wrote:
>> From: Julien Grall <jgrall@amazon.com>
>>
>> Since commit f80fe2b34f08 "xen: Update Kconfig to Linux v5.4" EXPERT
>> can only have two values (enabled or disabled). So switch from a string
>> to a bool.
>>
>> Take the opportunity to replace all "EXPERT = y" to "EXPERT".
>>
>> Signed-off-by: Julien Grall <jgrall@amazon.com>
> 
> Acked-by: Jan Beulich <jbeulich@suse.com>
> with a remark:
> 
>> --- a/xen/arch/arm/Kconfig
>> +++ b/xen/arch/arm/Kconfig
>> @@ -33,7 +33,7 @@ source "arch/Kconfig"
>>   
>>   config ACPI
>>   	bool
>> -	prompt "ACPI (Advanced Configuration and Power Interface) Support" if EXPERT = "y"
>> +	prompt "ACPI (Advanced Configuration and Power Interface) Support" if EXPERT
>>   	depends on ARM_64
>>   	---help---
>>   
>> @@ -51,7 +51,7 @@ config GICV3
>>   
>>   config HAS_ITS
>>           bool
>> -        prompt "GICv3 ITS MSI controller support" if EXPERT = "y"
>> +        prompt "GICv3 ITS MSI controller support" if EXPERT
>>           depends on GICV3 && !NEW_VGIC
> 
> Could I talk you info switching ones like the above (looks like
> there aren't further ones) to ...
> 
>> @@ -81,7 +81,7 @@ config SBSA_VUART_CONSOLE
>>   	  SBSA Generic UART implements a subset of ARM PL011 UART.
>>   
>>   config ARM_SSBD
>> -	bool "Speculative Store Bypass Disable" if EXPERT = "y"
>> +	bool "Speculative Store Bypass Disable" if EXPERT
> 
> ... this more compact form on this occasion?

I will do the switch on commit if there are no more comment.

Cheers,

-- 
Julien Grall