[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/3] x86/pv-shim: don't even allow enabling GRANT_TABLE

  • To: Juergen Gross <jgross@xxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Wed, 7 Dec 2022 10:35:18 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nxae1yATAp6N379dC+tQtCC7DRi5ZvGkIdqojpxhE5A=; b=Ds6dQ903qLANkiBhgJxJNZi8ux0UUGcFU+X/vya1Z5xpC2WtFK0qiVsUP8q9XMpaFR/WOtpTZ7v8PMYyg5Uo7+iRrRopVJie5ScDS9RyXxfpYx7jlN0WbNmVSlqqQud+RWhsv+8lOOl3XGc6aJgcLrh9aW98llGBDp9RVmVMBo5XpQ8Q1bRTS5cRJkXWRuFMLJJcekOcxPJBnckdEa0rsOWuFspOjWlw6yY3Qzijatbk8NjVSdcz+IKQzCvDHVpaBzBr3m5i9W4XuCkkp2Et6Wnx1+X3LJD8LGrlQiRaHLAZ20mEFSG+tP9ZMNeb44FWxLO2dBCXmRSOFVIOAVOZZA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mXcTDaxh8UHHgmJTfbaAcHYa5drXz1Q8iRs+MseC1cMjURDXkAXCAODYrAfBHiFngGit6NZzoRAvi6KfiE44IGOX8BFYIh1SUSUFeh7941/zd8Cylo0kWs/Pwg0l5m09lecZzG3pw0ybR49A8YVNtIRMKIPA51uwuF87BM6TW14v1/6NN0LebXA8FhoixsnMC2To+YEb835L47eE4mwkAINKbN+ZLK5gKvXVKiND/efCrQLaUWOjMTlsYyCPbGhJp4B58xuqGcYDE/ECNaWVkbIvTdsJPXtoYjXsrJdjzgggZ/iuoNJFCNCKbFv4m9JbRG+1iYlKw+mbPdtJdJtIqg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: George Dunlap <George.Dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 07 Dec 2022 09:35:38 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 07.12.2022 10:11, Juergen Gross wrote:
> On 07.12.22 09:55, Jan Beulich wrote:
>> On 07.12.2022 08:21, Jan Beulich wrote:
>>> On 06.12.2022 21:26, Andrew Cooper wrote:
>>>> On 06/12/2022 14:30, Jan Beulich wrote:
>>>>> Grant table code is unused in shim mode, so there's no point in
>>>>> building it in the first place for shim-exclusive mode.
>>>>>
>>>>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
>>>>
>>>> nack.
>>>>
>>>> This is bogus, as is every other "depends on !PV_SHIM_EXCLUSIVE".
>>>
>>> But why? Doing things like this in Kconfig is exactly ...
>>>
>>>> The only reason I haven't reverting the others so `make allyesconfig`
>>>> doesn't disable CONFIG_HVM, is because I haven't had time.  This change
>>>> further breaks allyesconfig by disabling GRANT_TABLE too.
>>>>
>>>> PV_SHIM_EXCLUSIVE is a simple option for a bit of dead code
>>>> elimination.  It is not valid to be used like this.
>>>
>>> ... for the purpose of dead code elimination. By nack-ing a change like
>>> this (and by having voiced opposition to earlier ones) you simply call
>>> for yet more entirely unhelpful #ifdef-ary. See the last paragraph of
>>> the description of patch 1, half of which this change rectifies. The
>>> solution on the evtchn side, unfortunately, looks to be #ifdef-ary,
>>> short of there being a suitable Kconfig option.
>>>
>>> Furthermore Kconfig, in my view, is specifically intended to allow to
>>> prevent the user from selecting entirely bogus option combinations
>>> (and even more so suggest entirely bogus configurations by bogus
>>> default settings). If you disagree, then I'm afraid we have a 2nd
>>> Kconfig usage topic which we need to settle on in a project-wide
>>> manner. If only we ever made any progress on such ...
>>>
>>> As to allyesconfig - I can see your point there, but then arrangements
>>> need to be invented to avoid this kind of unhelpful behavior.
>>
>> Thinking more about it, if allyesconfig is meant to be useful, then
>> any "depends on !..." (other than for base architecture identifiers)
>> would be wrong (see e.g. COVERAGE depending on !LIVEPATCH or
>> ARM_SMMU_V3 depending on !ACPI). And this would extend to Linux as
>> well - how do they deal with that?
> 
> Isn't allyesconfig for new options only? At least in Linux it is
> documented this way.

Is it? I only find

     "make allyesconfig"
                        Create a ./.config file by setting symbol
                        values to 'y' as much as possible.

and a couple of instances of "New config where all options are accepted
with yes". What you refer to ...

> Otherwise options like CONFIG_X86_32 (which depends on !X86_64) would make
> no sense either.
> 
> So the way to go seems to have some default minimal configs (in our case
> e.g. shim and no-shim), which can then be expanded via allyesconfig or
> allnoconfig.

... looks to be optional behavior with KCONFIG_ALLCONFIG (which of
course we could leverage for our CI in order to avoid introducing
restrictions on what may be used in "depends on").

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.