From patchwork Thu Nov 9 16:14:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Djalal Harouni X-Patchwork-Id: 10051227 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id B9BFB603FA for ; Thu, 9 Nov 2017 16:16:05 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id ACEED2AFC3 for ; Thu, 9 Nov 2017 16:16:05 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id A15D12AFC4; Thu, 9 Nov 2017 16:16:05 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_MED, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mother.openwall.net (mother.openwall.net [195.42.179.200]) by mail.wl.linuxfoundation.org (Postfix) with SMTP id 232052AFBE for ; Thu, 9 Nov 2017 16:16:03 +0000 (UTC) Received: (qmail 5688 invoked by uid 550); 9 Nov 2017 16:14:48 -0000 Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Delivered-To: mailing list kernel-hardening@lists.openwall.com Received: (qmail 5515 invoked from network); 9 Nov 2017 16:14:44 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=sbrtXq38cXSTDlV8fjCqq+PteTJJ9CgLXrk5S70PRG8=; b=QJ/5vm2FkmvgB+KRnW8386vbHKXMFzUDDqIFQSQTl0WLBtiqT0CUIxtLNKm9dBB5Xn VufcGgZhOjjFptMx/k3eIXLytFYqOTVZUseHEN497tnxfoqEqeJr4FYL7kKnWFOMYD8U Xb8DLnWg3RfEZYKg5TuPLnMgfQ+Drppjfsj2YnPCii9ksI+moPj0Oknx9GkTyvaZ+Fje aB0Gl1/QtrV8VIjLwjKli7NW5XFUva0MUhS04D9InCmotjJDldBvJmPXhUZ9L514fNQe S/WlLh7eDK7ZGguHiEfydb/7jGB8kCUa3nI2yHH11YwYQFNi/qaq9BOop5h3S6T6e38f 27Ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=sbrtXq38cXSTDlV8fjCqq+PteTJJ9CgLXrk5S70PRG8=; b=L5VXJZRADZ1KXJS4NMbdK18drkHSZ1jbl4VDPr9tqfG5dXfYQVZUSh2Pp4xmk/ulcQ z9vr5etQairKhnbgxWzmh7rsHFmUKVVeKwY9X0WKwUvDW3cQJkCcXWMFFcPLhJOIlxaw Gl/4OTP4KzIVVv9imDlWBLNuj7tq3W+GJ0038JiWzf9W5BbIR2IfXTmIFyVtM97hH0Nj 07Wi/aLNANQ8J9FrPMeN6XvfzYV03wx8ziqxAy9swIEF1G4E/CQrcZ+uSRnvjEdt+LGC EuXQKAIZHCxv6CNYAGb1xgrUasxF8Sq69DcbkWw5UjxqIQJUHHL2uju3iMKMd7Lel0hT yAZg== X-Gm-Message-State: AJaThX5RYae7ZGPQL9fbHkA4FwTeqELEcoQGo8LISU5/zSkRSTPZ+KUQ 2cEi9u1ZXobHjuhX9sboqQ8= X-Google-Smtp-Source: ABhQp+TC3XevFunZqcOOOjrWh3ilKV5USjhrUlb/yRi/pXBXyKaz9Xt2MIP+C8Dc6yITTIubEl3VSQ== X-Received: by 10.80.201.12 with SMTP id o12mr1343842edh.98.1510244073325; Thu, 09 Nov 2017 08:14:33 -0800 (PST) From: Djalal Harouni To: Kees Cook , Alexey Gladkov , Andy Lutomirski , Andrew Morton , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, linux-security-module@vger.kernel.org, linux-api@vger.kernel.org Cc: Greg Kroah-Hartman , Alexander Viro , Akinobu Mita , me@tobin.cc, Oleg Nesterov , Jeff Layton , Ingo Molnar , Alexey Dobriyan , ebiederm@xmission.com, Linus Torvalds , Daniel Micay , Jonathan Corbet , bfields@fieldses.org, Stephen Rothwell , solar@openwall.com, Djalal Harouni Date: Thu, 9 Nov 2017 17:14:04 +0100 Message-Id: <1510244046-3256-6-git-send-email-tixxdz@gmail.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1510244046-3256-1-git-send-email-tixxdz@gmail.com> References: <1510244046-3256-1-git-send-email-tixxdz@gmail.com> Subject: [kernel-hardening] [PATCH RFC v3 5/7] proc: move hidepid definitions to proc files X-Virus-Scanned: ClamAV using ClamSMTP This moves the 'hidepid' definitions to proc files. The 'hidepid' is a proc mount option, not really a per pid namespace value. It was there since it was used inside PID namespaces, however now we have improved proc logic and reduce the complexity and ties with PID namespaces lets move this last bit to where it really belongs. Cc: Kees Cook Cc: Greg Kroah-Hartman Cc: Andy Lutomirski Signed-off-by: Alexey Gladkov Signed-off-by: Djalal Harouni --- include/linux/pid_namespace.h | 6 ------ include/linux/proc_fs.h | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/linux/pid_namespace.h b/include/linux/pid_namespace.h index 786ea04..66f47f1 100644 --- a/include/linux/pid_namespace.h +++ b/include/linux/pid_namespace.h @@ -15,12 +15,6 @@ struct fs_pin; -enum { /* definitions for pid_namespace's hide_pid field */ - HIDEPID_OFF = 0, - HIDEPID_NO_ACCESS = 1, - HIDEPID_INVISIBLE = 2, -}; - struct pid_namespace { struct kref kref; struct idr idr; diff --git a/include/linux/proc_fs.h b/include/linux/proc_fs.h index 408b51d..c123e5ec 100644 --- a/include/linux/proc_fs.h +++ b/include/linux/proc_fs.h @@ -12,6 +12,12 @@ struct proc_dir_entry; struct pid_namespace; +enum { /* definitions for 'hidepid' mount option */ + HIDEPID_OFF = 0, + HIDEPID_NO_ACCESS = 1, + HIDEPID_INVISIBLE = 2, +}; + struct proc_fs_info { struct pid_namespace *pid_ns; struct dentry *proc_self; /* For /proc/self/ */