* [PATCH] proc: Report no_new_privs state
@ 2016-11-03 21:40 Kees Cook
2016-11-03 22:09 ` Jann Horn
0 siblings, 1 reply; 2+ messages in thread
From: Kees Cook @ 2016-11-03 21:40 UTC (permalink / raw)
To: Andrew Morton
Cc: Jann Horn, Jonathan Corbet, Vlastimil Babka, Michal Hocko,
Konstantin Khlebnikov, Hugh Dickins, Naoya Horiguchi,
Rodrigo Freire, John Stultz, Ross Zwisler, Robert Ho,
Jerome Marchand, Andy Lutomirski, Johannes Weiner,
Alexey Dobriyan, Richard W.M. Jones, Joe Perches, linux-doc,
linux-kernel
Similar to being able to examine if a process has been correctly confined
with seccomp, the state of no_new_privs is equally interesting, so this
adds it to /proc/$pid/status.
Signed-off-by: Kees Cook <keescook@chromium.org>
---
Documentation/filesystems/proc.txt | 2 ++
fs/proc/array.c | 5 +++--
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/Documentation/filesystems/proc.txt b/Documentation/filesystems/proc.txt
index 74329fd0add2..c03f2f91c6ab 100644
--- a/Documentation/filesystems/proc.txt
+++ b/Documentation/filesystems/proc.txt
@@ -191,6 +191,7 @@ read the file /proc/PID/status:
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: ffffffffffffffff
+ NoNewPrivs: 0
Seccomp: 0
voluntary_ctxt_switches: 0
nonvoluntary_ctxt_switches: 1
@@ -262,6 +263,7 @@ Table 1-2: Contents of the status files (as of 4.1)
CapPrm bitmap of permitted capabilities
CapEff bitmap of effective capabilities
CapBnd bitmap of capabilities bounding set
+ NoNewPrivs no_new_privs, like prctl(PR_GET_NO_NEW_PRIV, ...)
Seccomp seccomp mode, like prctl(PR_GET_SECCOMP, ...)
Cpus_allowed mask of CPUs on which this process may run
Cpus_allowed_list Same as previous, but in "list format"
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 81818adb8e9e..082676ab4878 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -342,10 +342,11 @@ static inline void task_cap(struct seq_file *m, struct task_struct *p)
static inline void task_seccomp(struct seq_file *m, struct task_struct *p)
{
+ seq_put_decimal_ull(m, "NoNewPrivs:\t", task_no_new_privs(p));
#ifdef CONFIG_SECCOMP
- seq_put_decimal_ull(m, "Seccomp:\t", p->seccomp.mode);
- seq_putc(m, '\n');
+ seq_put_decimal_ull(m, "\nSeccomp:\t", p->seccomp.mode);
#endif
+ seq_putc(m, '\n');
}
static inline void task_context_switch_counts(struct seq_file *m,
--
2.7.4
--
Kees Cook
Nexus Security
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] proc: Report no_new_privs state
2016-11-03 21:40 [PATCH] proc: Report no_new_privs state Kees Cook
@ 2016-11-03 22:09 ` Jann Horn
0 siblings, 0 replies; 2+ messages in thread
From: Jann Horn @ 2016-11-03 22:09 UTC (permalink / raw)
To: Kees Cook
Cc: Andrew Morton, Jonathan Corbet, Vlastimil Babka, Michal Hocko,
Konstantin Khlebnikov, Hugh Dickins, Naoya Horiguchi,
Rodrigo Freire, John Stultz, Ross Zwisler, Robert Ho,
Jerome Marchand, Andy Lutomirski, Johannes Weiner,
Alexey Dobriyan, Richard W.M. Jones, Joe Perches, linux-doc,
linux-kernel
[-- Attachment #1: Type: text/plain, Size: 2443 bytes --]
On Thu, Nov 03, 2016 at 02:40:41PM -0700, Kees Cook wrote:
> Similar to being able to examine if a process has been correctly confined
> with seccomp, the state of no_new_privs is equally interesting, so this
> adds it to /proc/$pid/status.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>
(Note: The proc.5 manpage also lists all the entries of the "status" file,
so it should also be updated.)
Reviewed-by: Jann Horn <jann@thejh.net>
> ---
> Documentation/filesystems/proc.txt | 2 ++
> fs/proc/array.c | 5 +++--
> 2 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/filesystems/proc.txt b/Documentation/filesystems/proc.txt
> index 74329fd0add2..c03f2f91c6ab 100644
> --- a/Documentation/filesystems/proc.txt
> +++ b/Documentation/filesystems/proc.txt
> @@ -191,6 +191,7 @@ read the file /proc/PID/status:
> CapPrm: 0000000000000000
> CapEff: 0000000000000000
> CapBnd: ffffffffffffffff
> + NoNewPrivs: 0
> Seccomp: 0
> voluntary_ctxt_switches: 0
> nonvoluntary_ctxt_switches: 1
> @@ -262,6 +263,7 @@ Table 1-2: Contents of the status files (as of 4.1)
> CapPrm bitmap of permitted capabilities
> CapEff bitmap of effective capabilities
> CapBnd bitmap of capabilities bounding set
> + NoNewPrivs no_new_privs, like prctl(PR_GET_NO_NEW_PRIV, ...)
> Seccomp seccomp mode, like prctl(PR_GET_SECCOMP, ...)
> Cpus_allowed mask of CPUs on which this process may run
> Cpus_allowed_list Same as previous, but in "list format"
> diff --git a/fs/proc/array.c b/fs/proc/array.c
> index 81818adb8e9e..082676ab4878 100644
> --- a/fs/proc/array.c
> +++ b/fs/proc/array.c
> @@ -342,10 +342,11 @@ static inline void task_cap(struct seq_file *m, struct task_struct *p)
>
> static inline void task_seccomp(struct seq_file *m, struct task_struct *p)
> {
> + seq_put_decimal_ull(m, "NoNewPrivs:\t", task_no_new_privs(p));
> #ifdef CONFIG_SECCOMP
> - seq_put_decimal_ull(m, "Seccomp:\t", p->seccomp.mode);
> - seq_putc(m, '\n');
> + seq_put_decimal_ull(m, "\nSeccomp:\t", p->seccomp.mode);
> #endif
> + seq_putc(m, '\n');
> }
>
> static inline void task_context_switch_counts(struct seq_file *m,
> --
> 2.7.4
>
>
> --
> Kees Cook
> Nexus Security
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-11-03 22:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-11-03 21:40 [PATCH] proc: Report no_new_privs state Kees Cook
2016-11-03 22:09 ` Jann Horn
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox