On 02/05/2016 11:42, Wei Liu wrote: > On Sun, May 01, 2016 at 11:10:40PM -0500, Doug Goldstein wrote: >> There are a number of debugging options for Xen so the idea is to have a >> menu to group them all together. Enabling this menu item will also >> disable NDEBUG which will result in more debug prints. This was >> previously wired into the 'debug=y' command line option. >> >> Signed-off-by: Doug Goldstein <car...@cardoe.com> >> --- >> CC: Andrew Cooper <andrew.coop...@citrix.com> >> CC: George Dunlap <george.dun...@eu.citrix.com> >> CC: Ian Jackson <ian.jack...@eu.citrix.com> >> CC: Jan Beulich <jbeul...@suse.com> >> CC: Konrad Rzeszutek Wilk <konrad.w...@oracle.com> >> CC: Stefano Stabellini <sstabell...@kernel.org> >> CC: Tim Deegan <t...@xen.org> >> CC: Wei Liu <wei.l...@citrix.com> >> --- >> xen/Kconfig | 2 ++ >> xen/Kconfig.debug | 7 +++++++ >> xen/include/xen/config.h | 4 ++++ >> 3 files changed, 13 insertions(+) >> create mode 100644 xen/Kconfig.debug >> >> diff --git a/xen/Kconfig b/xen/Kconfig >> index fa8b27c..0fe7a1a 100644 >> --- a/xen/Kconfig >> +++ b/xen/Kconfig >> @@ -26,3 +26,5 @@ config DEFCONFIG_LIST >> config EXPERT >> string >> option env="XEN_CONFIG_EXPERT" >> + >> +source "Kconfig.debug" >> diff --git a/xen/Kconfig.debug b/xen/Kconfig.debug >> new file mode 100644 >> index 0000000..d14d758 >> --- /dev/null >> +++ b/xen/Kconfig.debug >> @@ -0,0 +1,7 @@ >> + >> +menuconfig DEBUG >> + bool "Debugging Options" >> + ---help--- >> + If you want to debug Xen say Y and select any additional debugging >> + support options. This enables additional debugging through Xen >> + and as a result enabling this option results in no security >> guarantees. > Maybe that's because I'm not a native speaker, this doesn't sound right > to me -- it implies debugging option makes xen insecure. > > I think you mean "results in no security support"?
Instead of mentioning security, I would simply say "Enabling this option is intended for development purposes only, and not for production use". There is already a statement saying that issues which only affect a debug hypervisor are not considered security relevant. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
