Received: by 10.223.164.202 with SMTP id h10csp67715wrb; Fri, 10 Nov 2017 02:43:37 -0800 (PST) X-Google-Smtp-Source: ABhQp+T4NfOCtsk2sa8s37jFUEQ1TGyljds9rJgsJTJm5DVxd9fWdNKRAjDNTMARRVRZquj79niX X-Received: by 10.84.129.132 with SMTP id b4mr3769700plb.412.1510310617343; Fri, 10 Nov 2017 02:43:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510310617; cv=none; d=google.com; s=arc-20160816; b=sBfOK52exhhFX29/hWUBvHrqc2lkMnvKGlOAAdGilxVPUOsM3MimP0AICjQsFwYg8J dn1UYwzHxx/Y1zSQw3OEQUaKuEMunvJ+AJTpAqF4qU54EXbiy9H8qbIohjormoamJHPD U0y25xAbOL/0nnKeBmgQ0rd3TeeHKSNgUzAFchh0sh+qq1FJYgGos6nqlLrhMl5Efedw Vv1VvtqGroYMTJ9ArAiIpiARjhnOK9AM0gTpkapYJ0bfR9wbNmXLs+dr949Lz3MLcBs3 NbBpGaOZhdG+pIAb0WPdw2epMGCMtOokynuCJP3lzpL0Oza0VXdkWs5ADzI+NW6Quhdh pK6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=U4WTKzUByXaKsyWiPCOYdU5a2IdHadwD5Xf9x6RUfVk=; b=KP+tMQXx4OcqaeBGe1mTCZT/Dq4to03WdVj/PjvKzQedI9X4SXxTY3ijOtsvxeH5mn ubi9Wtl2OBS0Jy9V6TSStfH2YgNEVj6ha44ZK9QFMj95SozfdV6w8F0QEU5eBPKzCdsE e7igwvGZtMLts5vLAaKeWyKwNayjIGOlsRBp+O+8BkNg6h+KODntwVl/FuguleJtIVqa TkTttJZyTxd43KCLzDfmhhKm0taHKhLCwsdGDHPZ1DCTnp+tnAobLaHULhg2gIAetrib CiCb/cosYIgjB0C3Mp9dF0WxuyLoU9EJNlkX7o7wXsFgzr3v74x+7hrpgMpqTZt/SeLw 7H/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ItEBhBnF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3si8600903plz.759.2017.11.10.02.43.26; Fri, 10 Nov 2017 02:43:37 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ItEBhBnF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753021AbdKJKlR (ORCPT + 82 others); Fri, 10 Nov 2017 05:41:17 -0500 Received: from mail-qt0-f195.google.com ([209.85.216.195]:51702 "EHLO mail-qt0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752965AbdKJKlO (ORCPT ); Fri, 10 Nov 2017 05:41:14 -0500 Received: by mail-qt0-f195.google.com with SMTP id e19so6425234qte.8; Fri, 10 Nov 2017 02:41:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=U4WTKzUByXaKsyWiPCOYdU5a2IdHadwD5Xf9x6RUfVk=; b=ItEBhBnFFY2VGbAMQYu1U542W5yUdZFcjfa9+22xrbpy0Dv64wuJ9XQDXI7QgekdCR sq/Kq6zLtrGuYblHVA/yaS2rUJYo4z64qdbaf3WNehACTQIjKvSHM4OfU3BORC6dxzk2 3LBSGlsaJ3+PU0XWeGnsouxHLWCO2UriVVW1/tUq+I+LsXdMbxMa9SGXT/cec5w8nM4U Sx46lYYONXcW9T1I09gCM1ygje1z88MdZGuXmomEg9kFreVEmt57HMv2Zn9sI6MQOYY5 sSVR5l12ilqwJGUOm2rZrVNovRsOLKCeGa9K/ue9ilFCNmy18qQuJX7ur6Y5H3UJ17Po K7iw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=U4WTKzUByXaKsyWiPCOYdU5a2IdHadwD5Xf9x6RUfVk=; b=ErCI//0a3WeMY9Qeuysu0lSvOD0mBxj5GiKJQXd8Bgp5hIcnOzhJ2Djx5oSzEIzFcl WYimZhXcVYzA/PCVZ5+D3ULDcsk50RVPEN3AkGEqC/n6h1h3kocWmE3AZUUTs7Ud0aYF xpixJxJewAgtJuui3ayaSaES9YIPn26TFEuBYj+y2a8Pw6PS9CDhxhNAKuPIMIO7RNBB AehTaOxgM7CWtenaQ6rbBBvb07iolPLJuarqFJY56pACG0RDLMH1akN01kVC/NyU92Ie yy+gwY2lYRp3i4XWeHxRpbTYPEWN5ZGfcwGZR1JR6C9No6WOW6JdNrLLFc7x0UBE/oAm s29g== X-Gm-Message-State: AJaThX51LOAdQ/pHMYzhcrFv2PzNRDb1ugASGUKJjT+XWYs5eHz0JmV9 lErGjKXuU1Dp+tOMW1Dt4guuDZSncme5Neu6w40= X-Received: by 10.237.63.17 with SMTP id p17mr5959447qtf.235.1510310473209; Fri, 10 Nov 2017 02:41:13 -0800 (PST) MIME-Version: 1.0 Received: by 10.140.102.80 with HTTP; Fri, 10 Nov 2017 02:41:12 -0800 (PST) In-Reply-To: References: <1510244046-3256-1-git-send-email-tixxdz@gmail.com> <1510244046-3256-4-git-send-email-tixxdz@gmail.com> From: Djalal Harouni Date: Fri, 10 Nov 2017 11:41:12 +0100 Message-ID: Subject: Re: [PATCH RFC v3 3/7] proc: add helpers to set and get proc hidepid and gid mount options To: Alexey Dobriyan Cc: Kees Cook , Alexey Gladkov , Andy Lutomirski , Andrew Morton , Linux FS Devel , linux-kernel , kernel-hardening@lists.openwall.com, LSM List , Linux API , Greg Kroah-Hartman , Alexander Viro , Akinobu Mita , "Tobin C. Harding" , Oleg Nesterov , Jeff Layton , Ingo Molnar , "Eric W. Biederman" , Linus Torvalds , Daniel Micay , Jonathan Corbet , "J. Bruce Fields" , Stephen Rothwell , Solar Designer Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 10, 2017 at 11:36 AM, Alexey Dobriyan wrote: > On 11/9/17, Djalal Harouni wrote: >> --- a/fs/proc/base.c >> +++ b/fs/proc/base.c > >> -static bool has_pid_permissions(struct pid_namespace *pid, >> +static bool has_pid_permissions(struct proc_fs_info *fs_info, > > More "const". > >> diff --git a/fs/proc/inode.c b/fs/proc/inode.c >> index 9abc370..bdd808d 100644 >> --- a/fs/proc/inode.c >> +++ b/fs/proc/inode.c >> @@ -476,11 +476,12 @@ struct inode *proc_get_inode(struct super_block *sb, >> struct proc_dir_entry *de) >> int proc_fill_super(struct super_block *s, void *data, int silent) >> { >> struct proc_fs_info *fs_info = proc_sb(s); >> - struct pid_namespace *ns = get_pid_ns(fs_info->pid_ns); >> struct inode *root_inode; >> int ret; >> >> - if (!proc_parse_options(data, ns)) >> + get_pid_ns(fs_info->pid_ns); >> + >> + if (!proc_parse_options(data, fs_info)) >> return -EINVAL; >> >> /* User space would break if executables or devices appear on proc */ >> diff --git a/fs/proc/internal.h b/fs/proc/internal.h >> index 4a67188..10bc7be 100644 >> --- a/fs/proc/internal.h >> +++ b/fs/proc/internal.h >> @@ -240,7 +240,7 @@ static inline void proc_tty_init(void) {} >> * root.c >> */ >> extern struct proc_dir_entry proc_root; >> -extern int proc_parse_options(char *options, struct pid_namespace *pid); >> +extern int proc_parse_options(char *options, struct proc_fs_info >> *fs_info); > > "extern" can be dropped if you're touching prototype anyway. > > > >> +static inline int proc_fs_hide_pid(struct proc_fs_info *fs_info) >> +{ >> + return fs_info->pid_ns->hide_pid; >> +} >> + >> +static inline kgid_t proc_fs_pid_gid(struct proc_fs_info *fs_info) >> +{ >> + return fs_info->pid_ns->pid_gid; >> +} > > More "const". > >> @@ -59,6 +81,24 @@ static inline void proc_flush_task(struct task_struct >> *task) >> { >> } >> >> +static inline void proc_fs_set_hide_pid(struct proc_fs_info *fs_info, int >> hide_pid) >> +{ >> +} >> + >> +static inline void proc_fs_set_pid_gid(struct proc_info_fs *fs_info, kgid_t >> gid) >> +{ >> +} >> + >> +static inline int proc_fs_hide_pid(struct proc_fs_info *fs_info) >> +{ >> + return 0; >> +} >> + >> +extern kgid_t proc_fs_pid_gid(struct proc_fs_info *fs_info) > > ehh? Ouch copy/past, will compile it without proc support. Will fix "const" and other comments too, thank you! -- tixxdz From 1583675103022006081@xxx Fri Nov 10 10:37:51 +0000 2017 X-GM-THRID: 1583605944173221308 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread