[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <1b7e8b0a8221bf12800303b522db387713e3151a.1615567183.git.gladkov.alexey@gmail.com>
Date: Fri, 12 Mar 2021 17:41:48 +0100
From: Alexey Gladkov <gladkov.alexey@...il.com>
To: LKML <linux-kernel@...r.kernel.org>,
"Eric W . Biederman" <ebiederm@...ssion.com>
Cc: Alexey Gladkov <legion@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Kees Cook <keescook@...omium.org>,
Linux Containers <containers@...ts.linux-foundation.org>,
Linux FS Devel <linux-fsdevel@...r.kernel.org>
Subject: [PATCH v6 5/5] docs: proc: add documentation about relaxing visibility restrictions
Signed-off-by: Alexey Gladkov <gladkov.alexey@...il.com>
---
Documentation/filesystems/proc.rst | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/Documentation/filesystems/proc.rst b/Documentation/filesystems/proc.rst
index 5a1bb0e081fd..9d993aef7f1c 100644
--- a/Documentation/filesystems/proc.rst
+++ b/Documentation/filesystems/proc.rst
@@ -2182,7 +2182,8 @@ are not related to tasks.
If user namespaces are in use, the kernel additionally checks the instances of
procfs available to the mounter and will not allow procfs to be mounted if:
- 1. This mount is not fully visible.
+ 1. This mount is not fully visible unless the new procfs is going to be
+ mounted with subset=pid option.
a. It's root directory is not the root directory of the filesystem.
b. If any file or non-empty procfs directory is hidden by another mount.
--
2.29.3
Powered by blists - more mailing lists