diff options
| author | Christian Brauner (Amutable) <brauner@kernel.org> | 2026-05-20 23:48:52 +0200 |
|---|---|---|
| committer | Christian Brauner <brauner@kernel.org> | 2026-05-26 11:02:01 +0200 |
| commit | 4f365e7a5d448dab7e0bb56ed32ff2bfddd134bd (patch) | |
| tree | af58696cfc9a870fe3a09a4d01ecb2cee26f8644 /include/linux | |
| parent | 5200f5f493f79f14bbdc349e402a40dfb32f23c8 (diff) | |
sched/coredump: introduce enum task_dumpable
Replace the SUID_DUMP_DISABLE/USER/ROOT preprocessor constants with
enum task_dumpable. Numeric values are preserved (kernel.suid_dumpable
sysctl and prctl(PR_SET_DUMPABLE) ABI), so this is a pure rename with
no behavioral change.
Subsequent commits relocate dumpability onto a per-task structure
where the enum type will allow stronger type-checking on the new API.
Reviewed-by: Jann Horn <jannh@google.com>
Reviewed-by: David Hildenbrand (arm) <david@kernel.org>
Link: https://patch.msgid.link/20260520-work-task_exec_state-v3-1-69f895bc1385@kernel.org
Signed-off-by: Christian Brauner (Amutable) <brauner@kernel.org>
Diffstat (limited to 'include/linux')
| -rw-r--r-- | include/linux/mm_types.h | 2 | ||||
| -rw-r--r-- | include/linux/sched/coredump.h | 15 |
2 files changed, 12 insertions, 5 deletions
diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h index a308e2c23b82..51ea37b2a0aa 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -1908,7 +1908,7 @@ enum { /* * The first two bits represent core dump modes for set-user-ID, - * the modes are SUID_DUMP_* defined in linux/sched/coredump.h + * the modes are TASK_DUMPABLE_* defined in linux/sched/coredump.h */ #define MMF_DUMPABLE_BITS 2 #define MMF_DUMPABLE_MASK (BIT(MMF_DUMPABLE_BITS) - 1) diff --git a/include/linux/sched/coredump.h b/include/linux/sched/coredump.h index 624fda17a785..ed6547692b61 100644 --- a/include/linux/sched/coredump.h +++ b/include/linux/sched/coredump.h @@ -4,9 +4,16 @@ #include <linux/mm_types.h> -#define SUID_DUMP_DISABLE 0 /* No setuid dumping */ -#define SUID_DUMP_USER 1 /* Dump as user of process */ -#define SUID_DUMP_ROOT 2 /* Dump as root */ +/* + * Task dumpability mode. Gates core dump production and ptrace_attach() + * authorization. The numeric values are stable ABI (suid_dumpable + * sysctl, prctl(PR_SET_DUMPABLE)); do not renumber. + */ +enum task_dumpable { + TASK_DUMPABLE_OFF = 0, /* no dump; ptrace needs CAP_SYS_PTRACE */ + TASK_DUMPABLE_OWNER = 1, /* default; dump and ptrace by uid match */ + TASK_DUMPABLE_ROOT = 2, /* dump as root; ptrace needs CAP_SYS_PTRACE */ +}; static inline unsigned long __mm_flags_get_dumpable(const struct mm_struct *mm) { @@ -26,7 +33,7 @@ extern void set_dumpable(struct mm_struct *mm, int value); /* * This returns the actual value of the suid_dumpable flag. For things * that are using this for checking for privilege transitions, it must - * test against SUID_DUMP_USER rather than treating it as a boolean + * test against TASK_DUMPABLE_OWNER rather than treating it as a boolean * value. */ static inline int __get_dumpable(unsigned long mm_flags) |