On 24.06.2021 19:18, Daniel P. Smith wrote:
>
>
> On 6/21/21 2:53 AM, Jan Beulich wrote:
>> On 18.06.2021 18:35, Daniel P. Smith wrote:
>>> On 6/18/21 7:53 AM, Andrew Cooper wrote:
>>>> On 18/06/2021 00:39, Daniel P. Smith wrote:
>>>>> @@ -250,9 +261,8 @@ config XSM_FLASK_POLICY
>>>>> If unsure, say Y.
>>>>>
>>>>> config XSM_SILO
>>>>> - def_bool y
>>>>> + def_bool n
>>>>
>>>> I'm not sure we want to alter the FLASK/SILO defaults. SILO in
>>>> particular is mandatory on ARM, and without it, you're in a security
>>>> unsupported configuration.
>>> The intent here is the default is the classic dom0 configuration. What
>>> if I did,
>>>
>>> def bool n
>>> def bool y if ARM
>>
>> Besides it needing to be with the order of the two lines flipped, if
>> Arm requires XSM_SILO, then I think it would better "select" it.
>
>
> Ack, I realized that as I fixed it for the upcoming v2.
>
> Correct me if I am wrong but if you do a "select" that means you are
> forcing the user to always have SILO built in, i.e. that makes it so the
> option cannot be disabled. There may be users who would prefer to only
> have Flask enabled on ARM and those users would not be able to turn SILO
> off.
Yes, you're right. Problem is the (imo) malformed entry, which makes
it that I couldn't see the presence of a prompt anymore in the context
above. Well-formed (imo; I might also say "consistently formatted")
entries with a prompt ought to look like (taking your change into
account already, leaving aside whether that's really what we want)
config XSM_SILO
bool "SILO support"
default y if ARM
default n
Whether "depends" precedes or follows "default" is a less clear cut.
def_bool imo would better be used only for prompt-less entries.
Jan
