mirror of https://github.com/mkerrisk/man-pages
prctl.2: Some tweaks to Dave Handsen's patch
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk
parent
0397979417
commit
3cd5e9837f
65
man2/prctl.2
65
man2/prctl.2
|
|
@ -1,6 +1,7 @@
|
|||
.\" Copyright (C) 1998 Andries Brouwer (aeb@cwi.nl)
|
||||
.\" and Copyright (C) 2002, 2006, 2008, 2012, 2013 Michael Kerrisk <mtk.manpages@gmail.com>
|
||||
.\" and Copyright Guillem Jover <guillem@hadrons.org>
|
||||
.\" and Copyright (C) 2014 Dave Hansen / Intel
|
||||
.\"
|
||||
.\" %%%LICENSE_START(VERBATIM)
|
||||
.\" Permission is granted to make and distribute verbatim copies of this
|
||||
|
|
@ -817,35 +818,42 @@ This should help system administrators monitor unusual
|
|||
symbolic-link transitions over all processes running on a system.
|
||||
.RE
|
||||
.TP
|
||||
.BR PR_MPX_ENABLE_MANAGEMENT / PR_MPX_DISABLE_MANAGEMENT " (since Linux 3.19) "
|
||||
.BR PR_MPX_ENABLE_MANAGEMENT ", " PR_MPX_DISABLE_MANAGEMENT " (since Linux 3.19) "
|
||||
.\" commit fe3d197f84319d3bce379a9c0dc17b1f48ad358c
|
||||
.\" See also http://lwn.net/Articles/582712/
|
||||
.\" See also https://gcc.gnu.org/wiki/Intel%20MPX%20support%20in%20the%20GCC%20compiler
|
||||
|
||||
Control the kernel's management of Memory Protection eXtensions (MPX)
|
||||
Enable or disable kernel management of Memory Protection eXtensions (MPX)
|
||||
bounds tables.
|
||||
|
||||
MPX is a hardware-assisted mechanism for performing bounds checking on
|
||||
pointers. It consists of a set of registers storing bounds information
|
||||
pointers.
|
||||
It consists of a set of registers storing bounds information
|
||||
and a set of special instruction prefixes that tell the CPU on which
|
||||
instructions it should do bounds enforcement. There is a limited
|
||||
number of these registers and when there are more pointers than
|
||||
registers, their contents must be "spilled" in to a set of tables.
|
||||
These tables are called "bounds tables" and these prctl()s control
|
||||
instructions it should do bounds enforcement.
|
||||
There is a limited number of these registers and
|
||||
when there are more pointers than registers,
|
||||
their contents must be "spilled" into a set of tables.
|
||||
These tables are called "bounds tables" and the MPX
|
||||
.BR prctl ()
|
||||
operations control
|
||||
whether the kernel manages their allocation and freeing.
|
||||
|
||||
When management is enabled, the kernel will take over allocation
|
||||
and freeing of the bounds tables. It does this by trapping the #BR
|
||||
exceptions that result at first use of missing bounds tables and
|
||||
instead of delivering the exception to userspace, it allocates the
|
||||
table and populates the bounds directory with the location of the
|
||||
new table. For freeing, the kernel checks to see if bounds tables are
|
||||
and freeing of the bounds tables.
|
||||
It does this by trapping the #BR exceptions that result
|
||||
at first use of missing bounds tables and
|
||||
instead of delivering the exception to user space,
|
||||
it allocates the table and populates the bounds directory
|
||||
with the location of the new table.
|
||||
For freeing, the kernel checks to see if bounds tables are
|
||||
present for memory which is not allocated, and frees them if so.
|
||||
|
||||
Before enabling MPX management using PR_MPX_ENABLE_MANAGEMENT,
|
||||
Before enabling MPX management using
|
||||
.BR PR_MPX_ENABLE_MANAGEMENT ,
|
||||
the application must first have allocated a user-space buffer for
|
||||
the bounds directory and placed the location of that directory in
|
||||
the bndcfgu register.
|
||||
the bounds directory and placed the location of that directory in the
|
||||
.I bndcfgu
|
||||
register.
|
||||
|
||||
These calls will fail if the CPU or kernel does not support MPX.
|
||||
Kernel support for MPX is enabled via the
|
||||
|
|
@ -861,14 +869,17 @@ enabled.
|
|||
|
||||
All threads in a process are affected by these calls.
|
||||
|
||||
The child of a fork(2) will inherit the state of MPX management.
|
||||
|
||||
During an execve(2) call, MPX management will be reset to a state
|
||||
as if PR_MPX_DISABLE_MANAGEMENT had been called.
|
||||
The child of a
|
||||
.BR fork (2)
|
||||
inherits the state of MPX management.
|
||||
During
|
||||
.BR execve (2),
|
||||
MPX management is reset to a state as if
|
||||
.BR PR_MPX_DISABLE_MANAGEMENT
|
||||
had been called.
|
||||
|
||||
For further information on Intel MPX, see the kernel source file
|
||||
.IR Documentation/x86/intel_mpx.txt .
|
||||
|
||||
.\"
|
||||
.SH RETURN VALUE
|
||||
On success,
|
||||
|
|
@ -1157,12 +1168,12 @@ is not valid.
|
|||
.TP
|
||||
.B ENXIO
|
||||
.I option
|
||||
is PR_MPX_ENABLE_MANAGEMENT and the kernel was unable to enable
|
||||
management. Ensure the kernel and processor have MPX support.
|
||||
.TP
|
||||
.B ENXIO
|
||||
.I option
|
||||
is PR_MPX_DISABLE_MANAGEMENT and the kernel or CPU does not support MPX.
|
||||
was
|
||||
.BR PR_MPX_ENABLE_MANAGEMENT
|
||||
or
|
||||
.BR PR_MPX_DISABLE_MANAGEMENT
|
||||
and the kernel or the CPU does not support MPX management.
|
||||
Check that the kernel and processor have MPX support.
|
||||
.SH VERSIONS
|
||||
The
|
||||
.BR prctl ()
|
||||
|
|
|
|||
Loading…
Reference in New Issue