[PATCH v2 2/3] fanotify: define struct members to hold response decision context
Amir Goldstein
amir73il at gmail.com
Thu May 5 17:34:06 UTC 2022
> One open question I have is what should the kernel do with 'info_type' in
> response it does not understand (in the future when there are possibly more
> different info types). It could just skip it because this should be just
> additional info for introspection (the only mandatory part is in
> fanotify_response, however it could surprise userspace that passed info is
> just getting ignored. To solve this we would have to somewhere report
> supported info types (maybe in fanotify fdinfo in proc). I guess we'll
> cross that bridge when we get to it.
>
> Amir, what do you think?
Regardless if and how we provide a way to enumerate supported info types,
I would prefer to reject (EINVAL) unknown info types.
We can provide a command FAN_RESPONSE_TEST to write a test response with
FAN_NOFD and some extra info so the program can test if certain info
types are supported.
Thanks,
Amir.
More information about the Linux-audit
mailing list