dect
/
linux-2.6
Archived
13
0
Fork 0
Code Releases Activity
This repository has been archived on 2022-02-17. You can view files and clone it, but cannot push or open issues or pull requests.
linux-2.6/Documentation/filesystems
History
Kees Cook 2f4b3bf6b2 /proc/pid/status: add "Seccomp" field 
It is currently impossible to examine the state of seccomp for a given
process.  While attaching with gdb and attempting "call
prctl(PR_GET_SECCOMP,...)" will work with some situations, it is not
reliable.  If the process is in seccomp mode 1, this query will kill the
process (prctl not allowed), if the process is in mode 2 with prctl not
allowed, it will similarly be killed, and in weird cases, if prctl is
filtered to return errno 0, it can look like seccomp is disabled.

When reviewing the state of running processes, there should be a way to
externally examine the seccomp mode.  ("Did this build of Chrome end up
using seccomp?" "Did my distro ship ssh with seccomp enabled?")

This adds the "Seccomp" line to /proc/$pid/status.

Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: James Morris <jmorris@namei.org>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 		2012-12-17 17:15:22 -08:00
..
caching doc: fix broken references 2011-09-27 18:08:04 +02:00
configfs configfs: convert to umode_t 2012-01-03 22:54:57 -05:00
nfs Merge branch 'for-3.7' of git://linux-nfs.org/~bfields/linux 2012-10-13 10:53:54 +09:00
pohmelfs Documentation: Fix multiple typo in Documentation 2012-03-07 16:08:24 +01:00
00-INDEX efivarfs: Add documentation for the EFI variable filesystem 2012-10-30 10:39:18 +00:00
9p.txt 9p: fix 9p.txt to advertise msize instead of maxdata 2011-10-24 11:13:12 -05:00
Locking Documentation: get rid of write_super 2012-08-04 01:25:20 +04:00
Makefile Documentation/fs/: split txt and source files 2010-03-12 15:52:35 -08:00
adfs.txt adfs: add hexadecimal filetype suffix option 2011-03-22 17:44:17 -07:00
affs.txt Documentation: update broken web addresses. 2010-08-04 15:21:40 +02:00
afs.txt AFS: Documentation updates 2009-08-19 10:40:13 -07:00
autofs4-mount-control.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
automount-support.txt
befs.txt Documentation: befs.txt: no maintainer, orphaned 2011-08-13 18:34:03 -07:00
bfs.txt
btrfs.txt Fix URL of btrfs-progs git repository in docs 2011-11-30 18:46:02 +01:00
ceph.txt ceph: enable/disable dentry complete flags via mount option 2012-01-12 11:00:40 -08:00
cifs.txt
coda.txt
cramfs.txt
debugfs.txt debugfs: more tightly restrict default mount mode 2012-08-27 13:42:02 -07:00
devpts.txt
directory-locking
dlmfs.txt Documentation/: it's -> its where appropriate 2010-04-23 02:09:52 +02:00
dnotify.txt Documentation/fs/: split txt and source files 2010-03-12 15:52:35 -08:00
dnotify_test.c Documentation/fs/: split txt and source files 2010-03-12 15:52:35 -08:00
ecryptfs.txt
efivarfs.txt efivarfs: Add documentation for the EFI variable filesystem 2012-10-30 10:39:18 +00:00
exofs.txt exofs: Add option to mount by osdname 2011-03-15 15:02:51 +02:00
ext2.txt Doc fix: ext2 can only have 32,000 subdirs, not 32,768 2009-06-18 13:03:44 -07:00
ext3.txt ext3: update documentation with barrier=1 default 2012-04-11 11:12:45 +02:00
ext4.txt ext4: Remove CONFIG_EXT4_FS_XATTR 2012-12-10 16:30:43 -05:00
fiemap.txt Documentation/: it's -> its where appropriate 2010-04-23 02:09:52 +02:00
files.txt Wrap accesses to the fd_sets in struct fdtable 2012-02-19 10:30:52 -08:00
fuse.txt Documentation/: it's -> its where appropriate 2010-04-23 02:09:52 +02:00
gfs2-glocks.txt GFS2: Update glock doc to add new stats info 2012-05-10 12:41:40 +01:00
gfs2-uevents.txt Documentation: Fix multiple typo in Documentation 2012-03-07 16:08:24 +01:00
gfs2.txt GFS2: Update main gfs2 doc 2012-05-10 11:45:31 +01:00
hfs.txt Documentation: HFS is orphaned 2011-11-04 12:01:48 -07:00
hfsplus.txt
hpfs.txt Documentation/: it's -> its where appropriate 2010-04-23 02:09:52 +02:00
inotify.txt Documentation: fix inotify source file paths 2011-11-04 12:01:47 -07:00
isofs.txt Documentation: update broken web addresses. 2010-08-04 15:21:40 +02:00
jfs.txt jfs: Remove obsolete email address 2012-09-17 12:00:01 -05:00
locks.txt doc: fix broken references 2011-09-27 18:08:04 +02:00
logfs.txt fix "seperate" typos in comments 2010-05-10 11:56:30 +02:00
mandatory-locking.txt
ncpfs.txt ncpfs: remove dead URL from documentation 2009-09-23 07:39:42 -07:00
nilfs2.txt nilfs2: remove resize from unsupported features list 2011-07-13 16:08:59 +09:00
ntfs.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
ocfs2.txt ocfs2: clean up mount option about atime in ocfs2.txt 2011-05-23 23:37:12 -07:00
omfs.txt
path-lookup.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
porting Documentation: get rid of write_super 2012-08-04 01:25:20 +04:00
proc.txt /proc/pid/status: add "Seccomp" field 2012-12-17 17:15:22 -08:00
qnx6.txt Documentation: Fix typo in multiple files in Documentation 2012-04-16 14:37:13 +02:00
quota.txt
ramfs-rootfs-initramfs.txt Documentation: Fix Broken URL "freshmeat" 2012-02-21 11:43:45 +01:00
relay.txt
romfs.txt Documentation/filesystems/romfs.txt: fixing link to genromfs 2011-02-17 22:04:46 +01:00
seq_file.txt seq_file: use proc_create() in documentation 2009-12-16 07:20:07 -08:00
sharedsubtree.txt Documentation: Fix trivial typo in filesystems/sharedsubtree.txt 2010-10-25 21:18:21 -04:00
spufs.txt
squashfs.txt Squashfs: Update documentation to include xattrs 2011-12-30 01:20:24 +00:00
sysfs-pci.txt PCI: Allow read/write access to sysfs I/O port resources 2010-07-30 09:32:08 -07:00
sysfs-tagging.txt sysfs-namespaces: add a high-level Documentation file 2010-05-21 09:37:31 -07:00
sysfs.txt sysfs: propagate umode_t 2012-01-03 22:55:03 -05:00
sysv-fs.txt
tmpfs.txt mempolicy: document cpuset interaction with tmpfs mpol mount option 2010-05-25 08:06:57 -07:00
ubifs.txt UBIFS: switch self-check knobs to debugfs 2011-07-04 10:54:28 +03:00
udf.txt
ufs.txt
vfat.txt fat: provide option for setting timezone offset 2012-12-17 17:15:22 -08:00
vfs.txt Documentation: get rid of write_super 2012-08-04 01:25:20 +04:00
xfs-delayed-logging-design.txt Fix common misspellings 2011-03-31 11:26:23 -03:00
xfs.txt xfs: Remove the description of nodelaylog mount option from xfs.txt 2012-11-26 16:00:51 -06:00
xip.txt