... as a shorthand for setting both suboptions at once. Currently, an admin
needs to pass cet=no-shstk,no-ibt to turn both off, where cet=0 is a better
option.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
the NMI watchdog is also enabled.
### cet
- = List of [ shstk=<bool>, ibt=<bool> ]
+ = List of [ <bool>, shstk=<bool>, ibt=<bool> ]
Applicability: x86
they will override the `pv=32` boolean to `false`. Backwards compatibility
can be maintained with the pv-shim mechanism.
+* An unqualified boolean is a shorthand for setting all suboptions at once.
+
* The `shstk=` boolean controls whether Xen uses Shadow Stacks for its own
protection.
if ( !ss )
ss = strchr(s, '\0');
- if ( (val = parse_boolean("shstk", s, ss)) >= 0 )
+ if ( (val = parse_bool(s, ss)) >= 0 )
+ {
+#if !defined(CONFIG_XEN_SHSTK) && !defined(CONFIG_XEN_IBT)
+ no_config_param("XEN_{SHSTK,IBT}", "cet", s, ss);
+#endif
+#ifdef CONFIG_XEN_SHSTK
+ opt_xen_shstk = val;
+#endif
+#ifdef CONFIG_XEN_IBT
+ opt_xen_ibt = val;
+#endif
+ }
+ else if ( (val = parse_boolean("shstk", s, ss)) >= 0 )
{
#ifdef CONFIG_XEN_SHSTK
opt_xen_shstk = val;
projects / people / andrewcoop / xen.git / commitdiff