[PATCH v10 7/9] proc: move hidepid values to uapi as they are user interface to mount
Alexey Gladkov
gladkov.alexey at gmail.com
Sat Mar 28 23:00:46 UTC 2020
On Sat, Mar 28, 2020 at 02:53:49PM -0700, Kees Cook wrote:
> > > > +/* definitions for hide_pid field */
> > > > +enum {
> > > > + HIDEPID_OFF = 0,
> > > > + HIDEPID_NO_ACCESS = 1,
> > > > + HIDEPID_INVISIBLE = 2,
> > > > + HIDEPID_NOT_PTRACEABLE = 4,
> > > > +};
> > > Should the numeric values still be UAPI if there is string parsing now?
> >
> > I think yes, because these are still valid hidepid= values.
>
> But if we don't expose the values, we can do whatever we like with
> future numbers (e.g. the "is this a value or a bit field?" question).
Alexey Dobriyan suggested to put these parameters into the UAPI and it
makes sense because these are user parameters.
--
Rgrds, legion
More information about the Linux-security-module-archive
mailing list