linux/Documentation
Kees Cook af884cd4a5 proc: report no_new_privs state
Similar to being able to examine if a process has been correctly
confined with seccomp, the state of no_new_privs is equally interesting,
so this adds it to /proc/$pid/status.

Link: http://lkml.kernel.org/r/20161103214041.GA58566@beast
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Jann Horn <jann@thejh.net>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Konstantin Khlebnikov <koct9i@gmail.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: Rodrigo Freire <rfreire@redhat.com>
Cc: John Stultz <john.stultz@linaro.org>
Cc: Ross Zwisler <ross.zwisler@linux.intel.com>
Cc: Robert Ho <robert.hu@intel.com>
Cc: Jerome Marchand <jmarchan@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: "Richard W.M. Jones" <rjones@redhat.com>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-12-12 18:55:09 -08:00
..
80211 docs-rst: sphinxify 802.11 documentation 2016-10-11 16:19:17 -06:00
ABI platform-drivers-x86 for 4.9-3 2016-11-11 16:48:49 -08:00
accounting tools: move accounting tool from Documentation 2016-09-23 13:07:15 -06:00
acpi Merge branches 'acpi-button', 'acpi-battery' and 'acpi-doc' 2016-10-02 01:40:20 +02:00
aoe
arm linux-kselftest-4.9-rc1-update 2016-10-14 15:17:12 -07:00
arm64 arm64 updates for 4.9: 2016-10-03 08:58:35 -07:00
auxdisplay samples: move auxdisplay example code from Documentation 2016-09-23 11:52:32 -06:00
backlight
blackfin samples: move blackfin gptimers-example from Documentation 2016-10-10 07:12:02 -06:00
block block: remove remnant refs to hardsect 2016-09-14 08:44:57 -06:00
blockdev
bus-devices
cdrom
cgroup-v1
cma
connector
console
cpu-freq cpufreq-stats: Minor documentation fix 2016-09-08 23:05:07 +02:00
cpuidle
cris
crypto
dev-tools mm: kmemleak: avoid using __va() on addresses that don't have a lowmem mapping 2016-10-11 15:06:33 -07:00
development-process docs-rst: add inter-document cross references 2016-09-21 15:43:09 -06:00
device-mapper dm raid: fix activation of existing raid4/10 devices 2016-10-17 16:41:31 -04:00
devicetree dt: add documentation of "hotpluggable" memory property 2016-12-12 18:55:07 -08:00
dmaengine
DocBook A single commit converting the mac80211 DocBook template over to Sphinx. 2016-10-14 14:11:22 -07:00
driver-api docs: Don't format internal MPT docs 2016-09-06 09:15:48 -06:00
driver-model devres: add devm_alloc_percpu() 2016-11-15 22:34:25 -05:00
early-userspace
EDID
extcon
fault-injection
fb
features Documentation: MIPS supports HAVE_REGS_AND_STACK_ACCESS_API 2016-10-13 17:19:19 +02:00
filesystems proc: report no_new_privs state 2016-12-12 18:55:09 -08:00
firmware_class
fmc
fpga
frv
gpio gpio/board.txt: point to gpiod_set_value 2016-10-20 14:14:11 +02:00
gpu Merge tag 'drm-for-v4.9' of git://people.freedesktop.org/~airlied/linux 2016-10-11 18:12:22 -07:00
hid Documentation: HID: Intel ISH HID document 2016-08-17 11:13:07 +02:00
hwmon hwmon: (max6650) Allow fan shutdown and initial rpm target 2016-09-08 21:34:17 -07:00
i2c i2c: Documentation: i2c-topology: fix minor whitespace nit 2016-11-10 21:18:56 +01:00
ia64 selftests: move ia64 tests from Documentation/ia64 2016-09-20 09:58:12 -06:00
ide
iio iio: Documentation: Correct the path used to create triggers. 2016-10-01 00:49:58 -06:00
infiniband IB/hfi1: Document new sysfs entries for hfi1 driver 2016-10-02 08:42:19 -04:00
input Input: ALPS - add V8 protocol documentation 2016-10-04 11:47:02 -07:00
ioctl doc: ioctl: Add some clarifications to botching-up-ioctls 2016-09-06 06:00:22 -06:00
isdn
ja_JP
kbuild Merge branch 'kbuild' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild 2016-10-14 14:26:58 -07:00
kdump Documentation: kdump: Add description of enable multi-cpus support 2016-09-20 18:02:54 -06:00
ko_KR
laptops tools: move laptops dslm tool from Documentation 2016-09-23 13:07:21 -06:00
leds Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/j.anaszewski/linux-leds 2016-10-04 10:25:53 -07:00
livepatch Documentation: livepatch: add section about arch-specific code 2016-08-18 23:41:56 +02:00
locking locking/lglock: Remove lglock implementation 2016-09-22 15:25:56 +02:00
m68k
media Linux 4.8 2016-10-05 16:43:53 -03:00
memory-devices
metag
mic samples: move mic/mpssd example code from Documentation 2016-09-20 12:38:48 -06:00
mips
misc-devices samples: move misc-devices/mei example code from Documentation 2016-09-23 11:51:43 -06:00
mmc
mn10300
mtd
namespaces
netlabel
networking net: l2tp: deprecate PPPOL2TP_MSG_* in favour of L2TP_MSG_* 2016-12-10 23:29:11 -05:00
nfc
nios2
nvdimm
nvmem
parisc
PCI PCI changes for the v4.9 merge window: 2016-10-07 11:46:37 -07:00
pcmcia tools: move pcmcia crc32hash tool from Documentation 2016-09-23 13:07:27 -06:00
perf perf: xgene: Add APM X-Gene SoC Performance Monitoring Unit driver 2016-09-15 11:20:55 -07:00
phy
platform
power power supply and reset changes for the v4.9 series 2016-10-06 18:21:15 -07:00
powerpc powerpc updates for 4.9 2016-10-07 20:19:31 -07:00
pps
prctl selftests: move prctl tests from Documentation/prctl 2016-09-20 09:09:09 -06:00
pti
ptp selftests: move ptp tests from Documentation/ptp 2016-09-20 09:54:38 -06:00
rapidio rapidio/documentation/mport_cdev: add missing parameter description 2016-09-01 17:52:02 -07:00
RCU Documentation/RCU: Fix minor typo 2016-11-14 10:39:48 -08:00
s390
scheduler sched/deadline: Document behavior of sched_yield() 2016-09-10 11:17:41 +02:00
scsi scsi: g_NCR5380: Stop using scsi_module.c 2016-09-29 21:52:43 -04:00
security
serial Documentation: rs485: Do not define manually the ioctl 2016-08-18 11:08:33 -06:00
sh
sound
sphinx Merge tag 'docs-next' of git://git.lwn.net/linux.git into patchwork 2016-09-19 16:36:41 -03:00
sphinx-static This is the documentation update pull for the 4.9 merge window. 2016-10-04 13:54:07 -07:00
spi Doc: update 00-INDEX files to reflect the runnable code move 2016-10-10 07:12:09 -06:00
sysctl mnt: Add a per mount namespace limit on the number of mounts 2016-09-30 12:46:48 -05:00
target
thermal thermal: Add support for hardware-tracked trip points 2016-09-27 14:02:16 +08:00
timers Doc: update 00-INDEX files to reflect the runnable code move 2016-10-10 07:12:09 -06:00
tpm
trace This release cycle is rather small. Just a few fixes to tracing. 2016-10-06 11:48:41 -07:00
usb
virtual Documentation/virtual/kvm: Support the vCPU preemption check 2016-11-22 12:48:09 +01:00
vm mm: make transparent hugepage size public 2016-12-12 18:55:09 -08:00
w1
watchdog linux-kselftest-4.9-rc1-update 2016-10-14 15:17:12 -07:00
wimax
x86 Merge branch 'mm-pkeys-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-10-10 11:01:51 -07:00
xtensa
zh_CN
.gitignore
00-INDEX Doc: update 00-INDEX files to reflect the runnable code move 2016-10-10 07:12:09 -06:00
adding-syscalls.txt
applying-patches.txt docs: Clean up bare :: lines 2016-09-20 18:46:36 -06:00
assoc_array.txt
atomic_ops.txt
bad_memory.txt
basic_profiling.txt
bcache.txt
binfmt_misc.txt
braille-console.txt
bt8xxgpio.txt
btmrvl.txt
BUG-HUNTING
bus-virt-phys-mapping.txt
cachetlb.txt
cgroup-v2.txt
Changes docs: Clean up bare :: lines 2016-09-20 18:46:36 -06:00
circular-buffers.txt
clk.txt Documentation: clk: update file names containing referenced structures 2016-08-14 12:12:36 -06:00
CodeOfConflict URL changed for Linux Foundation TAB 2016-10-01 00:57:13 -06:00
CodingStyle docs: Remove space-before-label guidance from CodingStyle 2016-09-21 15:53:31 -06:00
conf.py media updates for v4.9-rc1 2016-10-11 13:22:22 -07:00
cpu-hotplug.txt
cpu-load.txt
cputopology.txt
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt
devices.txt
digsig.txt
DMA-API-HOWTO.txt Documentation: DMA-API-HOWTO: Fix a typo 2016-09-20 17:58:46 -06:00
DMA-API.txt dma-mapping: add dma_{map,unmap}_resource 2016-09-26 22:16:41 +05:30
DMA-attributes.txt dma-mapping: introduce the DMA_ATTR_NO_WARN attribute 2016-10-11 15:06:32 -07:00
dma-buf-sharing.txt
DMA-ISA-LPC.txt
docutils.conf doc-rst: add docutils config file 2016-08-14 11:52:40 -06:00
dontdiff
dynamic-debug-howto.txt
edac.txt
efi-stub.txt
eisa.txt
email-clients.txt Documentation/email-clients.txt: convert it to ReST markup 2016-09-21 15:41:50 -06:00
flexible-arrays.txt
futex-requeue-pi.txt
gcc-plugins.txt
highuid.txt
HOWTO docs: Clean up bare :: lines 2016-09-20 18:46:36 -06:00
hw_random.txt
hwspinlock.txt
index.rst docs-rst: sphinxify 802.11 documentation 2016-10-11 16:19:17 -06:00
init.txt
initrd.txt
intel_txt.txt
Intel-IOMMU.txt
io_ordering.txt
io-mapping.txt
iostats.txt
IPMI.txt
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
irqflags-tracing.txt
isa.txt
isapnp.txt
java.txt
kernel-doc-nano-HOWTO.txt
kernel-docs.txt Documentation/kernel-docs.txt: reorder based on timestamp 2016-09-20 18:54:42 -06:00
kernel-documentation.rst This is the documentation update pull for the 4.9 merge window. 2016-10-04 13:54:07 -07:00
kernel-parameters.txt mm: remove x86-only restriction of movable_node 2016-12-12 18:55:07 -08:00
kernel-per-CPU-kthreads.txt
kobject.txt
kprobes.txt Documentation: kprobes: Document jprobes stack copying limitations 2016-08-15 10:19:11 -06:00
kref.txt
kselftest.txt kselftest: kselftest documentation improvement 2016-09-20 08:58:27 -06:00
ldm.txt
local_ops.txt
lockup-watchdogs.txt
logo.gif
logo.txt
lzo.txt
magic-number.txt
mailbox.txt
Makefile samples: move blackfin gptimers-example from Documentation 2016-10-10 07:12:02 -06:00
Makefile.sphinx doc-rst: generic way to build PDF of sub-folders 2016-09-01 08:49:23 -06:00
ManagementStyle Documentation/HOWTO: add cross-references to other documents 2016-09-20 18:41:04 -06:00
md-cluster.txt
md.txt
memory-barriers.txt
memory-hotplug.txt
men-chameleon-bus.txt
module-signing.txt
mono.txt
nommu-mmap.txt
ntb.txt
numastat.txt
oops-tracing.txt
padata.txt
parport-lowlevel.txt
parport.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pinctrl.txt
pnp.txt
preempt-locking.txt
printk-formats.txt
pwm.txt
ramoops.txt
rbtree.txt
remoteproc.txt remoteproc: Split driver and consumer dereferencing 2016-10-02 22:50:21 -07:00
rfkill.txt
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
rtc.txt
SAK.txt
SecurityBugs Documentation/HOWTO: add cross-references to other documents 2016-09-20 18:41:04 -06:00
serial-console.txt
sgi-ioc4.txt
SM501.txt
smsc_ece1099.txt
stable_api_nonsense.txt Documentation/HOWTO: add cross-references to other documents 2016-09-20 18:41:04 -06:00
stable_kernel_rules.txt docs-rst: add inter-document cross references 2016-09-21 15:43:09 -06:00
static-keys.txt jump_labels: Allow array initialisers 2016-09-07 09:41:11 +01:00
SubmitChecklist docs-rst: add inter-document cross references 2016-09-21 15:43:09 -06:00
SubmittingDrivers docs-rst: add inter-document cross references 2016-09-21 15:43:09 -06:00
SubmittingPatches docs-rst: add inter-document cross references 2016-09-21 15:43:09 -06:00
svga.txt
sync_file.txt
sysfs-rules.txt
sysrq.txt
this_cpu_ops.txt
unaligned-memory-access.txt
unicode.txt
unshare.txt
vfio.txt
VGA-softcursor.txt
video-output.txt
vme_api.txt vme: Update documentation to match api 2016-08-31 13:20:16 +02:00
volatile-considered-harmful.txt
workqueue.txt
xillybus.txt
xz.txt
zorro.txt