From 4f365e7a5d448dab7e0bb56ed32ff2bfddd134bd Mon Sep 17 00:00:00 2001 From: "Christian Brauner (Amutable)" Date: Wed, 20 May 2026 23:48:52 +0200 Subject: sched/coredump: introduce enum task_dumpable Replace the SUID_DUMP_DISABLE/USER/ROOT preprocessor constants with enum task_dumpable. Numeric values are preserved (kernel.suid_dumpable sysctl and prctl(PR_SET_DUMPABLE) ABI), so this is a pure rename with no behavioral change. Subsequent commits relocate dumpability onto a per-task structure where the enum type will allow stronger type-checking on the new API. Reviewed-by: Jann Horn Reviewed-by: David Hildenbrand (arm) Link: https://patch.msgid.link/20260520-work-task_exec_state-v3-1-69f895bc1385@kernel.org Signed-off-by: Christian Brauner (Amutable) --- include/linux/sched/coredump.h | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'include/linux/sched') diff --git a/include/linux/sched/coredump.h b/include/linux/sched/coredump.h index 624fda17a785..ed6547692b61 100644 --- a/include/linux/sched/coredump.h +++ b/include/linux/sched/coredump.h @@ -4,9 +4,16 @@ #include -#define SUID_DUMP_DISABLE 0 /* No setuid dumping */ -#define SUID_DUMP_USER 1 /* Dump as user of process */ -#define SUID_DUMP_ROOT 2 /* Dump as root */ +/* + * Task dumpability mode. Gates core dump production and ptrace_attach() + * authorization. The numeric values are stable ABI (suid_dumpable + * sysctl, prctl(PR_SET_DUMPABLE)); do not renumber. + */ +enum task_dumpable { + TASK_DUMPABLE_OFF = 0, /* no dump; ptrace needs CAP_SYS_PTRACE */ + TASK_DUMPABLE_OWNER = 1, /* default; dump and ptrace by uid match */ + TASK_DUMPABLE_ROOT = 2, /* dump as root; ptrace needs CAP_SYS_PTRACE */ +}; static inline unsigned long __mm_flags_get_dumpable(const struct mm_struct *mm) { @@ -26,7 +33,7 @@ extern void set_dumpable(struct mm_struct *mm, int value); /* * This returns the actual value of the suid_dumpable flag. For things * that are using this for checking for privilege transitions, it must - * test against SUID_DUMP_USER rather than treating it as a boolean + * test against TASK_DUMPABLE_OWNER rather than treating it as a boolean * value. */ static inline int __get_dumpable(unsigned long mm_flags) -- cgit v1.2.3