On Thu, Nov 19, 2020 at 12:43:05PM -0500, Gabriel Krisman Bertazi wrote: > The existing interface could be extended with a flags field as part of > the opcode passed in argument 2, which is currently reserved, and then > return a FD, just like seccomp(2) does. So it is not like the current > patches couldn't be extended in the future if needed, unless I'm > mistaken. Yes, I'd prefer this series go in as-is, and if there is a need for extending the API, arg2 can have more values added. -- Kees Cook
