Closed gnoack closed 3 years ago
First part: https://github.com/landlock-lsm/go-landlock/commit/9b36fb91b64a819939ec1ae4c4fa291b46f25e0a (just assume it's the highest Landlock ABI version known to go-landlock)
Specific scenario:
go-landlock
ABI version.Option: Maybe it should just be a strict error to pass in HandledAccessFS flags that go-landlock
doesn't know about yet. If the HandledAccessFS flags are always within the known set, it doesn't matter if the kernel supports a newer version, but using the go-landlock
-supported ABI versions will suffice. The library will need to be upgraded to support higher ABI versions.
Addressed in https://github.com/landlock-lsm/go-landlock/commit/4e4877f69930828348e10f975c3c778cca318bf6
Constructing a Config
with unknown HandledAccessFS flag values is made impossible in the constructor for the Config
struct, and so it's more naturally clear that users need to upgrade go-landlock in order to use Landlock features that belong to higher Landlock ABI versions.
Thanks, I appreciate the review (answered to the comment inline).
I have thought a bit about how this API can evolve when Landlock supports non-filesystem restrictions at some point. I think this is reasonable to do without surprising users. I'll try to write it up (tracking in #16) and run it by you.
Deal with the case where the kernel supports a higher Landlock version than known to go-landlock.