Received: by 10.223.185.116 with SMTP id b49csp2395720wrg; Mon, 12 Feb 2018 08:54:17 -0800 (PST) X-Google-Smtp-Source: AH8x225C+GFxaUWa/rrb0htokhA+QhPCMqm1pjL0C2H0g7+mMaazJ14pnMgZt60hCYh1NzTKLBa1 X-Received: by 10.101.80.69 with SMTP id k5mr9817201pgo.435.1518454457779; Mon, 12 Feb 2018 08:54:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518454457; cv=none; d=google.com; s=arc-20160816; b=i/DhsQvj+CIV+sgPqf0G5NOT1Bmh7qukShDBnek2N1cf0G2jA/uOr2ahCxa28BvXcy lnddVF/SEifdcb5y2ZPxBx6nKsgF4EDbBcY80+jvX2kImNwkN0FyWXjzgG/jLTk7O8w1 ja4QDVdBZofW0i+39aQaLj7XpO0h1H1GvWAxHKAXNNQU8xH0tHhDjv2+Kfd15qO2SslC MXmaCP2lKda7eQvgagVkIZB3pZbJlUfOIJYSBqTUa+eiG02RAjgds9LA+WAyqflnBr57 5NweAAwUWwESLGyHLVcLzraDMRd3IaCAM2g6yBJpMcyX9z/VQ1hMBgMTv5f346hILuAF thrg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=8ZDefpkFpzCh5FpkHwdyXxFIYxFDqwAY+0Aok1OJEaQ=; b=rYboGG/+Npqbh4JGbpADWYhELjwDYOBClL1frjT5inmORSgaKpTO8/yuCSi3/TNb3V 8E7GsD9bLEETOPO4BxyWE0IaxNxT8W7SWzli1LZOHUbleHmkRD1J1qSiqSoG6R35UNgK tQa9vlMUTYLhNYn6RG0czHoF4DwRdbef7rcqV8XlTdnPsdYsvsUQKhDpYSs5gBlcKmMg zboN8w4dFLCLSr4GPOL6KqJ4YO6DM+bOv6z1SfQCIyEIJoJIdtR3RV1zh397hjmAUR4s AI8PHioIY61ki8L0f3cdfE+Vur98Eyo8beJ64INvWzFgpRO440T0XTbjoVcdNCHA0mRT vA5Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=T/pc/EDl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w9-v6si3952101plp.58.2018.02.12.08.54.03; Mon, 12 Feb 2018 08:54:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=T/pc/EDl; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935803AbeBLON4 (ORCPT + 99 others); Mon, 12 Feb 2018 09:13:56 -0500 Received: from mail-vk0-f66.google.com ([209.85.213.66]:41754 "EHLO mail-vk0-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933314AbeBLONx (ORCPT ); Mon, 12 Feb 2018 09:13:53 -0500 Received: by mail-vk0-f66.google.com with SMTP id g186so8840946vkd.8; Mon, 12 Feb 2018 06:13:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8ZDefpkFpzCh5FpkHwdyXxFIYxFDqwAY+0Aok1OJEaQ=; b=T/pc/EDlkkxhWPEpKbowCGBJMpfCglWEXCPzG+G52hnr0h8lJYIyezYkqK8dWer0sD 5p0H/1TFzNVjXOEi1AC6DXvtXZyBXAz6HWDXC2vjZJ7Hqx+dfsCtCznt/kqPdbaxZAYj IFCCSfVj8BQeXgEWF5GJnn22YbU3K/EYdwGy0lPASSgxvV1eroQv4MoqYsNha/3hLZBW hozhf2WDq2RwSVFxDTJPsD+UWtmgDVduWfF8gvnuGcBshcYmSwPBVhtOiqD0UayDkzg8 +vxjDPrSnoh9qDBAbPc0Gp3e55vK61EuYNxNMcG3Zowv6iHWeU5v3DY6ayS+6imuSsDi jUbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8ZDefpkFpzCh5FpkHwdyXxFIYxFDqwAY+0Aok1OJEaQ=; b=rof3s/gRr8R11R77OxGF8x27e6Z8PzkXZb+09b/UP6rWLi4GEGUF06YejFxKeCkt9P SS/kXGJq/VwJeuLUvFtehvV4OHnCsLkYois9tx8Acu+hpCvpLNtCjdfyONXtYeKCH8lb f/u/MVPocss4RLuYQF0pL1VmOMyP1eCfWMPaCM192RfPUDuF1O35uvyAllpfDc9h6h+e yEY8A0AgLsMuHc+gH6kEccgRbW7L/42xVPukgLVqY80MoZT7yjD/taGZ3Vb+x4jhmgK/ aRKB71vcm8/hzhp2Vq2EpK1uMQFBiFWSgAGSUWXbsxoO5ZDvlzV6y85ZRrB7T2s+G8ov skPA== X-Gm-Message-State: APf1xPBKFSLLUYunpTkpF0/638vUXx2qYD2/8gdaNAXPVK4ALSFmG7cf 8n/A0FONNWzCR8adNcMIledkFAgOoQ08Iw9DnGs= X-Received: by 10.31.233.135 with SMTP id g129mr6195309vkh.177.1518444832577; Mon, 12 Feb 2018 06:13:52 -0800 (PST) MIME-Version: 1.0 Received: by 10.103.70.21 with HTTP; Mon, 12 Feb 2018 06:13:52 -0800 (PST) In-Reply-To: References: <20180210054843.z3g7wvcmlccvww3h@huvuddator> <20180210074924.3nhxsza5zdbaahxx@huvuddator> <20180210080556.mycqsjhxbaguwhay@huvuddator> <20180210085519.737ckf4bcl57h4g2@huvuddator> <20180211103432.pf2ot6nd7nbhdhsy@huvuddator> From: Ulf Magnusson Date: Mon, 12 Feb 2018 15:13:52 +0100 Message-ID: Subject: Re: [RFC PATCH 4/7] kconfig: support new special property shell= To: Masahiro Yamada Cc: Linus Torvalds , Kees Cook , Linux Kbuild mailing list , Greg Kroah-Hartman , Andrew Morton , Nicolas Pitre , "Luis R . Rodriguez" , Randy Dunlap , Sam Ravnborg , Michal Marek , Martin Schwidefsky , Pavel Machek , linux-s390 , Jiri Kosina , Linux Kernel Mailing List , Tejun Heo , Ingo Molnar , "Van De Ven, Arjan" Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Feb 12, 2018 at 2:53 PM, Masahiro Yamada wrote: > 2018-02-12 20:44 GMT+09:00 Ulf Magnusson : > >>> >>> I think Linus's comment was dismissed here. >>> >>> >>> Linus said: >>> >>>> But yes, I also reacted to your earlier " It can't silently rewrite it >>>> to _REGULAR because the compiler support for _STRONG regressed." >>>> Because it damn well can. If the compiler doesn't support >>>> -fstack-protector-strong, we can just fall back on -fstack-protector. >>>> Silently. No extra crazy complex logic for that either. >>> >>> >>> If I understood his comment correctly, >>> we do not need either WANT_* or _AUTO. >>> >>> >>> >>> >>> Kees' comment: >>> >>>> In the stack-protector case, this becomes quite important, since the >>>> goal is to record the user's selection regardless of compiler >>>> capability. For example, if someone selects _REGULAR, it shouldn't >>>> "upgrade" to _STRONG. (Similarly for _NONE.) >>> >>> No. Kconfig will not do this silently. >> >> (Playing devil's advocate...) >> >> If the user selected _STRONG and it becomes unavailable later, it >> seems to silently fall back on other options, even for oldnoconfig >> (which just checks if there are any new symbols in the choice). >> >> It would be possible to also check if the old user selection still >> applies btw. I do that in Kconfiglib. It's arguable whether that >> matches the intent of oldnoconfig. >> >>> >>> >>> "make oldconfig" (or "make silentoldconfig" as well) >>> always ask users about new symbols. >>> >>> >>> For example, let's say your compiler supports -fstack-protector >>> but not -fstack-protector-strong. >>> CC_STACKPROTECTOR_REGULAR is the best you can choose. >>> >>> Then, let's say you upgrade your compiler and the new compiler supports >>> -fstack-protector-strong as well. >>> >>> In this case, CC_STACKPROTECTOR_STRONG is a newly visible symbol, >>> so Kconfig will ask you >>> "Hey, you were previously using _REGULAR, but your new compiler >>> also supports _STRONG. Do you want to use it?" >>> >>> >>> The "make oldconfig" will look like follows: >>> >>> >>> masahiro@grover:~/workspace/linux-kbuild$ make oldconfig >>> HOSTCC scripts/kconfig/conf.o >>> HOSTLD scripts/kconfig/conf >>> scripts/kconfig/conf --oldconfig Kconfig >>> * >>> * Restart config... >>> * >>> * >>> * Linux Kernel Configuration >>> * >>> Stack Protector buffer overflow detection >>> 1. Strong (CC_STACKPROTECTOR_STRONG) (NEW) >>>> 2. Regular (CC_STACKPROTECTOR_REGULAR) >>> 3. None (CC_STACKPROTECTOR_NONE) >>> choice[1-3?]: >>> >>> >>> >>> Please notice the Strong is marked as "(NEW)". >>> >>> Kconfig handles this really nicely with Linus' suggestion. >>> >>> [1] Users can select only features supported by your compiler >>> - this makes sense. >>> >>> [2] If you upgrade your compiler and it provides more capability, >>> "make (silent)oldconfig" will ask you about new choices. >>> - this also makes sense. >> >> If you switch to a compiler that provides less capability, it'll >> silently forget the old user preference though. > > > Yes, forget. > > So, "make oldconfig" will ask user preference again > when you switch back to a compiler that provides more capability. > This is not rude, right? Nopes, makes perfect sense to me. > To remember user preference (for both upgrade/downgrade capability), > we need 3 symbols for each feature. > > [1] WANT_FOO > A user can enable this option regardless of compiler capability. > This will remember your preference forever. > > [2] CC_HAS_FOO > Compiler capability. > > [3] FOO > logical 'and' of WANT_FOO and CC_HAS_FOO. > > If we do this way, what's the point of > moving compiler capability tests to Kconfig? I think this would only be done for the stack protector stuff, if it's really warranted to have an exception there. For other symbols, you'd just silently turn them off if a feature they depend on isn't there, which is the way Kconfig usually works anyway. > > > [1] is the same as what we do now. > > Then, it will be disabled later > if it turns out unsupported by your compiler. > > The only difference is, > whether we calculate [2], [3] in Makefile or Kconfig. > > Kconfig is, in the end, inter-symbol dependency/visibility solver. > The WANT_ is not using the benefit of Kconfig. > We can calculate the logical 'and' by other means. Yeah, once you go with the WANT_* stuff, it's probably only about whether it's easiest to do it Kconfig or the Makefiles. If it's in Kconfig you might have more of the logic in one place at least. > The problem I see in this approach is 'savedefconfig'. > > 'make defconfig && make savedefconfig' > will produce the subset of user preference and compiler capability. > > To make arbitrary set of CONFIG options, > we need a full-featured compiler > in order to enable all CC_HAS_... options. > > > Maybe, we can add a new environment to ease this. > > KCONFIG_SHELL_ALWAYS_TRUE > If this environment is specified, all 'option shell=...' > will be evaluated as true. So, all symbols that depend on > CC_HAS_ will be visible. This is useful to make > arbitrary set of CONFIG options regardless of > your compiler capability. > > > $ KCONFIG_SHELL_ALWAYS_TRUE=1 make menuconfig > -> build up your favorite config setting > > $ KCONFIG_SHELL_ALWAYS_TRUE=1 make savedefconfig > -> write out the minimum set of config > > > Thought? I wonder if this could cause problems if people start using 'option shell=...' for other things besides feature tests. It assumes that 'y' always corresponds to "available" too. If the cc_opt Kconfig helper is added, then maybe it could just turn all those 'y'. Perhaps it wouldn't be so horrible to require people to generate defconfigs on systems that have all the features they want in the defconfig either. Cheers, Ulf