Deal with the case where the kernel supports a higher Landlock version than known to go-landlock

[gnoack]

Deal with the case where the kernel supports a higher Landlock version than known to go-landlock.

[gnoack]

First part: https://github.com/landlock-lsm/go-landlock/commit/9b36fb91b64a819939ec1ae4c4fa291b46f25e0a (just assume it's the highest Landlock ABI version known to go-landlock)

[gnoack]

Specific scenario:

• When HandledAccessFS becomes user-configurable (#12), users may pass values that `go-landlock doesn't know about yet
• The library might run on a kernel supporting a higher (unknown) go-landlock ABI version.

Option: Maybe it should just be a strict error to pass in HandledAccessFS flags that go-landlock doesn't know about yet. If the HandledAccessFS flags are always within the known set, it doesn't matter if the kernel supports a newer version, but using the go-landlock-supported ABI versions will suffice. The library will need to be upgraded to support higher ABI versions.

[gnoack]

Addressed in https://github.com/landlock-lsm/go-landlock/commit/4e4877f69930828348e10f975c3c778cca318bf6

Constructing a Config with unknown HandledAccessFS flag values is made impossible in the constructor for the Config struct, and so it's more naturally clear that users need to upgrade go-landlock in order to use Landlock features that belong to higher Landlock ABI versions.

[l0kod]

Note about MustConfig: https://github.com/landlock-lsm/go-landlock/commit/4e4877f69930828348e10f975c3c778cca318bf6#r55652317

[gnoack]

Thanks, I appreciate the review (answered to the comment inline).

I have thought a bit about how this API can evolve when Landlock supports non-filesystem restrictions at some point. I think this is reasonable to do without surprising users. I'll try to write it up (tracking in #16) and run it by you.