Merge branch 'akpm' (aka "Andrew's patch-bomb")

Andrew elucidates: - First installmeant of MM. We have a HUGE number of MM patches this time. It's crazy. - MAINTAINERS updates - backlight updates - leds - checkpatch updates - misc ELF stuff - rtc updates - reiserfs - procfs - some misc other bits * akpm: (124 commits) user namespace: make signal.c respect user namespaces workqueue: make alloc_workqueue() take printf fmt and args for name procfs: add hidepid= and gid= mount options procfs: parse mount options procfs: introduce the /proc/<pid>/map_files/ directory procfs: make proc_get_link to use dentry instead of inode signal: add block_sigmask() for adding sigmask to current->blocked sparc: make SA_NOMASK a synonym of SA_NODEFER reiserfs: don't lock root inode searching reiserfs: don't lock journal_init() reiserfs: delay reiserfs lock until journal initialization reiserfs: delete comments referring to the BKL drivers/rtc/interface.c: fix alarm rollover when day or month is out-of-range drivers/rtc/rtc-twl.c: add DT support for RTC inside twl4030/twl6030 drivers/rtc/: remove redundant spi driver bus initialization drivers/rtc/rtc-jz4740.c: make jz4740_rtc_driver static drivers/rtc/rtc-mc13xxx.c: make mc13xxx_rtc_idtable static rtc: convert drivers/rtc/* to use module_platform_driver() drivers/rtc/rtc-wm831x.c: convert to devm_kzalloc() drivers/rtc/rtc-wm831x.c: remove unused period IRQ handler ...
author: Linus Torvalds <torvalds@linux-foundation.org> 2012-01-10 19:42:48 -0500
committer: Linus Torvalds <torvalds@linux-foundation.org> 2012-01-10 19:42:48 -0500
commit: 40ba587923ae67090d9f141c1d3c951be5c1420e (patch)
tree: 342a72fc0ee13a0d2496ef970b64dfeadf1355d2 /Documentation/filesystems
parent: 54c2c5761febcca46c8037d3a81612991e6c209a (diff)
parent: 6b550f9495947fc279d12c38feaf98500e8d0646 (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/Documentation/filesystems/proc.txt b/Documentation/filesystems/proc.txt
index 0ec91f03422e..12fee132fbe2 100644
--- a/Documentation/filesystems/proc.txt
+++ b/Documentation/filesystems/proc.txt
@@ -41,6 +41,8 @@ Table of Contents
  3.5   /proc/<pid>/mountinfo - Information about mounts
  3.6   /proc/<pid>/comm  & /proc/<pid>/task/<tid>/comm
+  4     Configuring procfs
+  4.1   Mount options
 ------------------------------------------------------------------------------
 Preface
@@ -1542,3 +1544,40 @@ a task to set its own or one of its thread siblings comm value. The comm value
 is limited in size compared to the cmdline value, so writing anything longer
 then the kernel's TASK_COMM_LEN (currently 16 chars) will result in a truncated
 comm value.
+------------------------------------------------------------------------------
+Configuring procfs
+------------------------------------------------------------------------------
+4.1     Mount options
+---------------------
+The following mount options are supported:
+        hidepid=        Set /proc/<pid>/ access mode.
+        gid=            Set the group authorized to learn processes information.
+hidepid=0 means classic mode - everybody may access all /proc/<pid>/ directories
+(default).
+hidepid=1 means users may not access any /proc/<pid>/ directories but their
+own.  Sensitive files like cmdline, sched*, status are now protected against
+other users.  This makes it impossible to learn whether any user runs
+specific program (given the program doesn't reveal itself by its behaviour).
+As an additional bonus, as /proc/<pid>/cmdline is unaccessible for other users,
+poorly written programs passing sensitive information via program arguments are
+now protected against local eavesdroppers.
+hidepid=2 means hidepid=1 plus all /proc/<pid>/ will be fully invisible to other
+users.  It doesn't mean that it hides a fact whether a process with a specific
+pid value exists (it can be learned by other means, e.g. by "kill -0 $PID"),
+but it hides process' uid and gid, which may be learned by stat()'ing
+/proc/<pid>/ otherwise.  It greatly complicates an intruder's task of gathering
+information about running processes, whether some daemon runs with elevated
+privileges, whether other user runs some sensitive program, whether other users
+run any program at all, etc.
+gid= defines a group authorized to learn processes information otherwise
+prohibited by hidepid=.  If you use some daemon like identd which needs to learn
+information about processes information, just add identd to this group.
author	Linus Torvalds <torvalds@linux-foundation.org>	2012-01-10 19:42:48 -0500
committer	Linus Torvalds <torvalds@linux-foundation.org>	2012-01-10 19:42:48 -0500
commit	40ba587923ae67090d9f141c1d3c951be5c1420e (patch)
tree	342a72fc0ee13a0d2496ef970b64dfeadf1355d2 /Documentation/filesystems
parent	54c2c5761febcca46c8037d3a81612991e6c209a (diff)
parent	6b550f9495947fc279d12c38feaf98500e8d0646 (diff)

diff --git a/Documentation/filesystems/proc.txt b/Documentation/filesystems/proc.txt index 0ec91f03422e..12fee132fbe2 100644 --- a/Documentation/filesystems/proc.txt +++ b/Documentation/filesystems/proc.txt
@@ -41,6 +41,8 @@ Table of Contents
41	3.5 /proc/<pid>/mountinfo - Information about mounts	41	3.5 /proc/<pid>/mountinfo - Information about mounts
42	3.6 /proc/<pid>/comm & /proc/<pid>/task/<tid>/comm	42	3.6 /proc/<pid>/comm & /proc/<pid>/task/<tid>/comm
43		43
		44	4 Configuring procfs
		45	4.1 Mount options
44		46
45	------------------------------------------------------------------------------	47	------------------------------------------------------------------------------
46	Preface	48	Preface
@@ -1542,3 +1544,40 @@ a task to set its own or one of its thread siblings comm value. The comm value
1542	is limited in size compared to the cmdline value, so writing anything longer	1544	is limited in size compared to the cmdline value, so writing anything longer
1543	then the kernel's TASK_COMM_LEN (currently 16 chars) will result in a truncated	1545	then the kernel's TASK_COMM_LEN (currently 16 chars) will result in a truncated
1544	comm value.	1546	comm value.
		1547
		1548
		1549	------------------------------------------------------------------------------
		1550	Configuring procfs
		1551	------------------------------------------------------------------------------
		1552
		1553	4.1 Mount options
		1554	---------------------
		1555
		1556	The following mount options are supported:
		1557
		1558	hidepid= Set /proc/<pid>/ access mode.
		1559	gid= Set the group authorized to learn processes information.
		1560
		1561	hidepid=0 means classic mode - everybody may access all /proc/<pid>/ directories
		1562	(default).
		1563
		1564	hidepid=1 means users may not access any /proc/<pid>/ directories but their
		1565	own. Sensitive files like cmdline, sched*, status are now protected against
		1566	other users. This makes it impossible to learn whether any user runs
		1567	specific program (given the program doesn't reveal itself by its behaviour).
		1568	As an additional bonus, as /proc/<pid>/cmdline is unaccessible for other users,
		1569	poorly written programs passing sensitive information via program arguments are
		1570	now protected against local eavesdroppers.
		1571
		1572	hidepid=2 means hidepid=1 plus all /proc/<pid>/ will be fully invisible to other
		1573	users. It doesn't mean that it hides a fact whether a process with a specific
		1574	pid value exists (it can be learned by other means, e.g. by "kill -0 $PID"),
		1575	but it hides process' uid and gid, which may be learned by stat()'ing
		1576	/proc/<pid>/ otherwise. It greatly complicates an intruder's task of gathering
		1577	information about running processes, whether some daemon runs with elevated
		1578	privileges, whether other user runs some sensitive program, whether other users
		1579	run any program at all, etc.
		1580
		1581	gid= defines a group authorized to learn processes information otherwise
		1582	prohibited by hidepid=. If you use some daemon like identd which needs to learn
		1583	information about processes information, just add identd to this group.