On Fri, 8 Oct 2021 12:48:37 +0200 Mickaël Salaün <mic@xxxxxxxxxxx> wrote: > The final goal of this patch series is to enable the kernel to be a > global policy manager by entrusting processes with access control at > their level. To reach this goal, two complementary parts are required: > * user space needs to be able to know if it can trust some file > descriptor content for a specific usage; > * and the kernel needs to make available some part of the policy > configured by the system administrator. Apologies if I missed this... It would be nice to see a description of the proposed syscall interface in these changelogs! Then a few questions I have will be answered... long trusted_for(const int fd, const enum trusted_for_usage usage, const u32 flags) - `usage' must be equal to TRUSTED_FOR_EXECUTION, so why does it exist? Some future modes are planned? Please expand on this. - `flags' is unused (must be zero). So why does it exist? What are the plans here? - what values does the syscall return and what do they mean?
