48235a56f3
syscalls.2: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
2016-07-01 20:56:11 +02:00
e203673ac7
unshare.2: Add reference to mount_namespaces(7) under CLONE_NEWNS description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
c212248c77
clone.2: Add reference to mount_namespaces(7) under CLONE_NEWNS description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
39b3f0058e
clone.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
b7b798454a
mount.2: Refer reader to mount_namespaces(7) for details on propagation types
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
f481726d64
mount_namespaces.7: Minor fixes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
e210919644
mount_namespaces.7: Describe "dominant peer group" and "propagate_from" mountinfo tag
...
Reported-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:32 +02:00
966b583993
proc.5: Move shared subtree /proc/PID/mountinfo fields to mount_namespaces(7)
...
Move information on shared subtree fields in /proc/PID/mountinfo
to mount_namespaces(7).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
211f4a1468
proc.5: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
803c129a65
proc.5: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
ef5b47f63c
proc.5: Add references to mount_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
a67271b0c9
umount.2: SEE ALSO: add mount_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
3077ac0f12
mount.2: SEE ALSO: s/namespaces(7)/mount_namespaces(7)/
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
da031af127
namespaces.7: Refer to new mount_namespaces(7) for information on mount namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
d9cdf357c9
mount_namespaces.7: Minor tweaks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
98c28960c3
mount_namespaces.7: New page describing mount namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
20eed1b32f
proc.5: /proc/PID/mountinfo 'propagate_from' always appears with 'master' tag
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
124b24148b
proc.5: Rework /proc/PID/mountinfo text on dominant peer groups
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
e7fa660159
proc.5: ffix + wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:31 +02:00
fa7ae0ea13
user_namespaces.7: Correct kernel version where XFS added support for user namespaces
...
Linux 3.12, not 3.11.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:18 +02:00
028b5760e8
ptrace.2: Minor fixes after review by Kees Cook
...
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
e48ed83a6a
ptrace.2: tfix
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
d5765e275d
ptrace.2: Note that user namespaces can be used to bypass Yama protections
...
Cowrittten-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
801245a110
user_namespaces.7: SEE ALSO: add ptrace(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
e532361686
ptrace.2: Update Yama ptrace_scope documentation
...
Reframe the discussion in terms of PTRACE_MODE_ATTACH checks,
and make a few other minor tweaks and additions.
Reviewed-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
94b0464cc2
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
b0459842ff
ptrace.2: srcfix: add 2015 copyright notice for mtk
...
(Yama ptrace_scope text added in 2015.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
00172d8d96
ptrace.2: Add an introductory paragraph to the Ptrace access mode checks" section
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
1c22e40a71
ptrace.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
3224581342
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
edb7368474
ptrace.2: Relocate text noting that PTRACE_MODE_* constants are kernel-internal
...
(No content changes.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
be26fa864f
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
bcd0d82dac
ptrace.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
3cd161fe57
ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
78f0786577
ptrace.2: Further fixes after review from Jann Horn
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
a330bffa78
ptrace.2: Minor improvements to ptrace access mode text
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
611d3ac40a
ptrace.2: Various fixes after review by Jann Horn
...
Among other things, Jann pointed out that the commoncap LSM
is always invoked, and Kees Cook pointed out the relevant
kernel code:
===
> BTW, can you point me at the piece(s) of kernel code that show that
> "commoncap" is always invoked in addition to any other LSM that has
> been installed?
It's not entirely obvious, but the bottom of security/commoncap.c shows:
struct security_hook_list capability_hooks[] = {
LSM_HOOK_INIT(capable, cap_capable),
...
};
void __init capability_add_hooks(void)
{
security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks));
}
And security/security.c shows the initialization order of the LSMs:
int __init security_init(void)
{
pr_info("Security Framework initialized\n");
/*
* Load minor LSMs, with the capability module always first.
*/
capability_add_hooks();
yama_add_hooks();
loadpin_add_hooks();
/*
* Load all the remaining security modules.
*/
do_security_initcalls();
return 0;
}
===
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
0647331a06
kcmp.2, ptrace.2: tfix
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
e4e2367fe6
ptrace.2: Clarify the purpose of mentioning the kernel PTRACE_MODE_* constants
...
The "ptrace access mode" text is about user-space-visible
behavior, but in order to explain that behavior at what I
believe is a sufficient level of detail (e.g., to differentiate
the various types of checks that are performed for various
system calls and pseudofile accesses), one needs (1) to discuss
the MODE flag details as implemented in the kernel, and (2) to
have a shorthand way to refer to the various cases from other
pages. It's not absolutely necessary to name the flags for (1),
but using the flag names is certainly a handy shorthand for (2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
6f92213776
proc.5: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
3bd3ab0f55
kcmp.2: kcmp() is governed by PTRACE_MODE_READ_REALCREDS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
a1c7ef5685
get_robust_list.2: get_robust_list() is governed by PTRACE_MODE_READ_REALCREDS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
13ec13dc19
perf_event_open.2: If pid > 0, the operation is governed by PTRACE_MODE_READ_REALCREDS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
c33e8aff8c
ptrace.2: Note that PTRACE_SEIZE is subject to a ptrace access mode check
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
d4c976d820
ptrace.2: Rephrase PTRACE_ATTACH permissions in terms of ptrace access mode check
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
408c8172e4
process_vm_readv.2: Rephrase permission rules in terms of a ptrace access mode check
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
b02b4b74d5
proc.5: Note /proc/PID/stat fields that are governed by PTRACE_MODE_READ_FSCREDS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
138a191e99
proc.5: /proc/PID/fd/* are governed by PTRACE_MODE_READ_FSCREDS
...
Permission to dereference/readlink /proc/PID/fd/* symlinks is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
33a1ab5da1
namespaces.7: /proc/PID/ns/* are governed by PTRACE_MODE_READ_FSCREDS
...
Permission to dereference/readlink /proc/PID/ns/* symlinks is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
b902fe180b
proc.5: /proc/PID/{cwd,exe,root} are governed by PTRACE_MODE_READ_FSCREDS
...
Permission to dereference/readlink /proc/PID/{cwd,exe,root} is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Jakub Wilk