From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Mon, 28 Feb 2022 19:31:00 +0000 (+0000)
Subject: x86/cet: Remove XEN_SHSTK's dependency on EXPERT
X-Git-Tag: archive/raspbian/4.16.1-1+rpi1^2~38^2~34
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=c7a861b2d065e7c26f9d499df32eb99f546e1671;p=xen.git

x86/cet: Remove XEN_SHSTK's dependency on EXPERT

CET-SS hardware is now available from multiple vendors, the feature has
downstream users, and was declared security supported in XSA-398.

Enable it by default.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
(cherry picked from commit fc90d75c2b71ae15b75128e7d0d4dbe718164ecb)
---

diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index be343218de..ef72e7821b 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -116,8 +116,8 @@ config HVM
 	  If unsure, say Y.
 
 config XEN_SHSTK
-	bool "Supervisor Shadow Stacks (EXPERT)"
-	depends on HAS_AS_CET_SS && EXPERT
+	bool "Supervisor Shadow Stacks"
+	depends on HAS_AS_CET_SS
 	default y
 	---help---
 	  Control-flow Enforcement Technology (CET) is a set of features in