On Tue, Aug 10, 2021 at 12:19:22PM -0700, Dave Hansen wrote: > On 8/10/21 12:08 PM, Kirill A. Shutemov wrote: > >>> +config UNACCEPTED_MEMORY > >>> + bool > >>> + depends on EFI_STUB > >>> + help > >>> + Some Virtual Machine platforms, such as Intel TDX, introduce > >>> + the concept of memory acceptance, requiring memory to be accepted > >>> + before it can be used by the guest. This protects against a class of > >>> + attacks by the virtual machine platform. > >>> + > >>> + This option adds support for unaccepted memory and makes such memory > >>> + usable by kernel. > >> Do we really need a full-blown user-visible option here? If we, for > >> instance, just did: > >> > >> config UNACCEPTED_MEMORY > >> bool > >> depends on EFI_STUB > >> > >> it could be 'select'ed from the TDX Kconfig and no users would ever be > >> bothered with it. Would a user *ever* turn this on if they don't have > >> TDX (or equivalent)? > > But it's already not user selectable. Note that there's no prompt next to > > the "bool". The "help" section is just for documentation. I think it can > > be useful. > > Ahh, gotcha. I misread it. Seems like an odd thing to do, but it's > also fairly widespread in the tree. > > Can you even reach that help text from any of the configuration tools? > If you're doing an 'oldconfig', you won't get a prompt to do the "?". > Even in the 'meunconfig' search results, it doesn't display "help" text, > only the "prompt". I don't know how get a tool show the text, but my vim sees just fine :P > BTW, should this text call out that this is for parsing an actual UEFI > feature along with the spec version? It's not obvious from the text > that "unaccepted memory" really is a UEFI thing as opposed to being some > kernel-only concept. Okay. -- Kirill A. Shutemov
