On Mon, Jan 29, 2024 at 07:05:05PM +0100, Ard Biesheuvel wrote: > +/* > + * Set the memory encryption xloadflag based on the mem_encrypt= command line > + * parameter, if provided. If not, the consumer of the flag decides what the > + * default behavior should be. > + */ > +static void set_mem_encrypt_flag(struct setup_header *hdr) parse_mem_encrypt > +{ > + hdr->xloadflags &= ~(XLF_MEM_ENCRYPTION | XLF_MEM_ENCRYPTION_ENABLED); > + > + if (IS_ENABLED(CONFIG_ARCH_HAS_MEM_ENCRYPT)) { That's unconditionally enabled on x86: select ARCH_HAS_MEM_ENCRYPT in x86/Kconfig. Which sounds like you need a single XLF_MEM_ENCRYPT and simplify this more. > + int on = cmdline_find_option_bool("mem_encrypt=on"); > + int off = cmdline_find_option_bool("mem_encrypt=off"); > + > + if (on || off) > + hdr->xloadflags |= XLF_MEM_ENCRYPTION; > + if (on > off) > + hdr->xloadflags |= XLF_MEM_ENCRYPTION_ENABLED; > + } > +} Otherwise, I like the simplification. Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette