Re: [PATCH RESEND] entry: Use different define for selector variable in SUD

[Thomas Gleixner]

Gabriel,

On Thu, Feb 04 2021 at 13:40, Gabriel Krisman Bertazi wrote:
> Michael Kerrisk suggested that, from an API perspective, it is a bad
> idea to share the PR_SYS_DISPATCH_ defines between the prctl operation
> and the selector variable.  Therefore, define two new constants to be
> used by SUD's selector variable, and the corresponding documentation.
>
> While this changes the API, it is backward compatible, as the values
> remained the same and the old defines are still in place.  In addition,
> SUD has never been part of a Linux release, it will show up for the
> first time in 5.11.

> --- a/include/uapi/linux/prctl.h
> +++ b/include/uapi/linux/prctl.h
> @@ -251,5 +251,7 @@ struct prctl_mm_map {
>  #define PR_SET_SYSCALL_USER_DISPATCH	59
>  # define PR_SYS_DISPATCH_OFF		0
>  # define PR_SYS_DISPATCH_ON		1
> +# define PR_SYS_DISPATCH_FILTER_ALLOW	0
> +# define PR_SYS_DISPATCH_FILTER_BLOCK	1

This is still confusing because the defines are kinda associated to the
prctl(). But ALLOW/BLOCK are the values which for the user space
selector which allows to runtime filter the dispatching without the
overhead of prctl().

So they want to be visualy seperated and not part of the PR_
namespace. Something like the below.

#define PR_SET_SYSCALL_USER_DISPATCH	59
# define PR_SYS_DISPATCH_OFF		0
# define PR_SYS_DISPATCH_ON		1

/* Control values for the syscall dispatch runtime selector (filter) */
# define SYSCALL_DISPATCH_FILTER_ALLOW	0
# define SYSCALL_DISPATCH_FILTER_BLOCK	1

Hmm?

Thanks,

        tglx