mirror of https://github.com/mkerrisk/man-pages
Place options in some semblance of alphabetical order.
(No content or formatting changes were made.)
This commit is contained in:
parent
cf2aa9dd33
commit
88989295a8
285
man2/prctl.2
285
man2/prctl.2
|
@ -37,9 +37,8 @@
|
||||||
.\" 2008-06-13 Erik Bosman, <ejbosman@cs.vu.nl>
|
.\" 2008-06-13 Erik Bosman, <ejbosman@cs.vu.nl>
|
||||||
.\" Document PR_GET_TSC and PR_SET_TSC.
|
.\" Document PR_GET_TSC and PR_SET_TSC.
|
||||||
.\" 2008-06-15 mtk, Document PR_SET_SECCOMP, PR_GET_SECCOMP
|
.\" 2008-06-15 mtk, Document PR_SET_SECCOMP, PR_GET_SECCOMP
|
||||||
.\" FIXME . reorder commands alphabetically
|
|
||||||
.\"
|
.\"
|
||||||
.TH PRCTL 2 2008-07-15 "Linux" "Linux Programmer's Manual"
|
.TH PRCTL 2 2008-07-16 "Linux" "Linux Programmer's Manual"
|
||||||
.SH NAME
|
.SH NAME
|
||||||
prctl \- operations on a process
|
prctl \- operations on a process
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
|
@ -56,66 +55,6 @@ is called with a first argument describing what to do
|
||||||
arguments with a significance depending on the first one.
|
arguments with a significance depending on the first one.
|
||||||
The first argument can be:
|
The first argument can be:
|
||||||
.TP
|
.TP
|
||||||
.BR PR_SET_PDEATHSIG " (since Linux 2.1.57)"
|
|
||||||
Set the parent process death signal
|
|
||||||
of the calling process to \fIarg2\fP (either a signal value
|
|
||||||
in the range 1..maxsig, or 0 to clear).
|
|
||||||
This is the signal that the calling process will get when its
|
|
||||||
parent dies.
|
|
||||||
This value is cleared for the child of a
|
|
||||||
.BR fork (2).
|
|
||||||
.TP
|
|
||||||
.BR PR_GET_PDEATHSIG " (since Linux 2.3.15)"
|
|
||||||
Return the current value of the parent process death signal,
|
|
||||||
in the location pointed to by
|
|
||||||
.IR "(int\ *) arg2" .
|
|
||||||
.TP
|
|
||||||
.BR PR_SET_DUMPABLE " (since Linux 2.3.20)"
|
|
||||||
Set the state of the flag determining whether core dumps are produced
|
|
||||||
for this process upon delivery of a signal whose default behavior is
|
|
||||||
to produce a core dump.
|
|
||||||
(Normally this flag is set for a process by default, but it is cleared
|
|
||||||
when a set-user-ID or set-group-ID program is executed and also by
|
|
||||||
various system calls that manipulate process UIDs and GIDs).
|
|
||||||
In kernels up to and including 2.6.12,
|
|
||||||
.I arg2
|
|
||||||
must be either 0 (process is not dumpable) or 1 (process is dumpable).
|
|
||||||
Between kernels 2.6.13 and 2.6.17, the value 2 was also permitted,
|
|
||||||
which caused any binary which normally would not be dumped
|
|
||||||
to be dumped readable by root only;
|
|
||||||
for security reasons, this feature has been removed.
|
|
||||||
.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
|
|
||||||
.\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
|
|
||||||
.\" From: Marcel Holtmann <marcel () holtmann ! org>
|
|
||||||
.\" Date: 2006-07-12 11:12:00
|
|
||||||
(See also the description of
|
|
||||||
.I /proc/sys/fs/suid_dumpable
|
|
||||||
in
|
|
||||||
.BR proc (5).)
|
|
||||||
.TP
|
|
||||||
.BR PR_GET_DUMPABLE " (since Linux 2.3.20)"
|
|
||||||
Return (as the function result) the current state of the calling
|
|
||||||
process's dumpable flag.
|
|
||||||
.\" Since Linux 2.6.13, the dumpable flag can have the value 2,
|
|
||||||
.\" but in 2.6.13 PR_GET_DUMPABLE simply returns 1 if the dumpable
|
|
||||||
.\" flags has a non-zero value. This was fixed in 2.6.14.
|
|
||||||
.TP
|
|
||||||
.BR PR_SET_KEEPCAPS " (since Linux 2.2.18)"
|
|
||||||
Set the state of the thread's "keep capabilities" flag,
|
|
||||||
which determines whether the threads's effective and permitted
|
|
||||||
capability sets are cleared when a change is made to the threads's user IDs
|
|
||||||
such that the threads's real UID, effective UID, and saved set-user-ID
|
|
||||||
all become non-zero when at least one of them previously had the value 0.
|
|
||||||
(By default, these credential sets are cleared).
|
|
||||||
.I arg2
|
|
||||||
must be either 0 (capabilities are cleared) or 1 (capabilities are kept).
|
|
||||||
This value will be reset to 0 on subsequent calls to
|
|
||||||
.BR execve (2).
|
|
||||||
.TP
|
|
||||||
.BR PR_GET_KEEPCAPS " (since Linux 2.2.18)"
|
|
||||||
Return (as the function result) the current state of the calling threads's
|
|
||||||
"keep capabilities" flag.
|
|
||||||
.TP
|
|
||||||
.BR PR_CAPBSET_READ " (since Linux 2.6.25)
|
.BR PR_CAPBSET_READ " (since Linux 2.6.25)
|
||||||
Return (as the function result) 1 if the capability specified in
|
Return (as the function result) 1 if the capability specified in
|
||||||
.I arg2
|
.I arg2
|
||||||
|
@ -154,72 +93,35 @@ does not represent a valid capability; or
|
||||||
if file capabilities are not enabled in the kernel,
|
if file capabilities are not enabled in the kernel,
|
||||||
in which case bounding sets are not supported.
|
in which case bounding sets are not supported.
|
||||||
.TP
|
.TP
|
||||||
.BR PR_SET_SECUREBITS " (since Linux 2.6.26)"
|
.BR PR_SET_DUMPABLE " (since Linux 2.3.20)"
|
||||||
Set the "securebits" flags of the calling thread to the value supplied in
|
Set the state of the flag determining whether core dumps are produced
|
||||||
.IR arg2 .
|
for this process upon delivery of a signal whose default behavior is
|
||||||
See
|
to produce a core dump.
|
||||||
.BR capabilities (7).
|
(Normally this flag is set for a process by default, but it is cleared
|
||||||
.TP
|
when a set-user-ID or set-group-ID program is executed and also by
|
||||||
.BR PR_GET_SECUREBITS " (since Linux 2.6.26)"
|
various system calls that manipulate process UIDs and GIDs).
|
||||||
Return (as the function result)
|
In kernels up to and including 2.6.12,
|
||||||
the "securebits" flags of the calling thread.
|
|
||||||
See
|
|
||||||
.BR capabilities (7).
|
|
||||||
.TP
|
|
||||||
.BR PR_SET_TSC " (since Linux 2.6.26, x86 only)"
|
|
||||||
Set the state of the flag determining whether the timestamp counter
|
|
||||||
can be read by the process.
|
|
||||||
Pass
|
|
||||||
.B PR_TSC_ENABLE
|
|
||||||
to
|
|
||||||
.I arg2
|
.I arg2
|
||||||
to allow it to be read, or
|
must be either 0 (process is not dumpable) or 1 (process is dumpable).
|
||||||
.B PR_TSC_SIGSEGV
|
Between kernels 2.6.13 and 2.6.17, the value 2 was also permitted,
|
||||||
to generate a
|
which caused any binary which normally would not be dumped
|
||||||
.B SIGSEGV
|
to be dumped readable by root only;
|
||||||
when the process tries to read the timestamp counter.
|
for security reasons, this feature has been removed.
|
||||||
|
.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
|
||||||
|
.\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
|
||||||
|
.\" From: Marcel Holtmann <marcel () holtmann ! org>
|
||||||
|
.\" Date: 2006-07-12 11:12:00
|
||||||
|
(See also the description of
|
||||||
|
.I /proc/sys/fs/suid_dumpable
|
||||||
|
in
|
||||||
|
.BR proc (5).)
|
||||||
.TP
|
.TP
|
||||||
.BR PR_GET_TSC " (since Linux 2.6.26, x86 only)"
|
.BR PR_GET_DUMPABLE " (since Linux 2.3.20)"
|
||||||
Return the state of the flag determining whether the timestamp counter
|
Return (as the function result) the current state of the calling
|
||||||
can be read,
|
process's dumpable flag.
|
||||||
in the location pointed to by
|
.\" Since Linux 2.6.13, the dumpable flag can have the value 2,
|
||||||
.IR "(int\ *) arg2" .
|
.\" but in 2.6.13 PR_GET_DUMPABLE simply returns 1 if the dumpable
|
||||||
.TP
|
.\" flags has a non-zero value. This was fixed in 2.6.14.
|
||||||
.BR PR_SET_TIMING " (since Linux 2.6.0-test4)"
|
|
||||||
Set whether to use (normal, traditional) statistical process timing or
|
|
||||||
accurate timestamp based process timing, by passing
|
|
||||||
.B PR_TIMING_STATISTICAL
|
|
||||||
.\" 0
|
|
||||||
or
|
|
||||||
.B PR_TIMING_TIMESTAMP
|
|
||||||
.\" 1
|
|
||||||
to \fIarg2\fP.
|
|
||||||
.B PR_TIMING_TIMESTAMP
|
|
||||||
is not currently implemented
|
|
||||||
(attempting to set this mode will yield the error
|
|
||||||
.BR EINVAL ).
|
|
||||||
.\" PR_TIMING_TIMESTAMP doesn't do anything in 2.6.26-rc8,
|
|
||||||
.\" and looking at the patch history, it appears
|
|
||||||
.\" that it never did anything.
|
|
||||||
.TP
|
|
||||||
.BR PR_GET_TIMING " (since Linux 2.6.0-test4)"
|
|
||||||
Return (as the function result) which process timing method is currently
|
|
||||||
in use.
|
|
||||||
.TP
|
|
||||||
.BR PR_SET_NAME " (since Linux 2.6.9)"
|
|
||||||
Set the process name for the calling process,
|
|
||||||
using the value in the location pointed to by
|
|
||||||
.IR "(char\ *) arg2" .
|
|
||||||
The name can be up to 16 bytes long,
|
|
||||||
.\" TASK_COMM_LEN in include/linux/sched.h
|
|
||||||
and should be null terminated if it contains fewer bytes.
|
|
||||||
.TP
|
|
||||||
.BR PR_GET_NAME " (since Linux 2.6.11)"
|
|
||||||
Return the process name for the calling process,
|
|
||||||
in the buffer pointed to by
|
|
||||||
.IR "(char\ *) arg2" .
|
|
||||||
The buffer should allow space for up to 16 bytes;
|
|
||||||
the returned string will be null terminated if it is shorter than that.
|
|
||||||
.TP
|
.TP
|
||||||
.BR PR_SET_ENDIAN " (since Linux 2.6.18, PowerPC only)"
|
.BR PR_SET_ENDIAN " (since Linux 2.6.18, PowerPC only)"
|
||||||
Set the endian-ness of the calling process to the value given
|
Set the endian-ness of the calling process to the value given
|
||||||
|
@ -236,23 +138,6 @@ Return the endian-ness of the calling process,
|
||||||
in the location pointed to by
|
in the location pointed to by
|
||||||
.IR "(int\ *) arg2" .
|
.IR "(int\ *) arg2" .
|
||||||
.TP
|
.TP
|
||||||
.B PR_SET_UNALIGN
|
|
||||||
(Only on: ia64, since Linux 2.3.48; parisc, since Linux 2.6.15;
|
|
||||||
PowerPC, since Linux 2.6.18; Alpha, since Linux 2.6.22)
|
|
||||||
Set unaligned access control bits to \fIarg2\fP.
|
|
||||||
Pass
|
|
||||||
\fBPR_UNALIGN_NOPRINT\fP to silently fix up unaligned user accesses,
|
|
||||||
or \fBPR_UNALIGN_SIGBUS\fP to generate
|
|
||||||
.B SIGBUS
|
|
||||||
on unaligned user access.
|
|
||||||
.TP
|
|
||||||
.B PR_GET_UNALIGN
|
|
||||||
(see
|
|
||||||
.B PR_SET_UNALIGN
|
|
||||||
for information on versions and architectures)
|
|
||||||
Return unaligned access control bits, in the location pointed to by
|
|
||||||
.IR "(int\ *) arg2" .
|
|
||||||
.TP
|
|
||||||
.BR PR_SET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)"
|
.BR PR_SET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)"
|
||||||
Set floating-point emulation control bits to \fIarg2\fP.
|
Set floating-point emulation control bits to \fIarg2\fP.
|
||||||
Pass \fBPR_FPEMU_NOPRINT\fP to silently emulate fp operations accesses, or
|
Pass \fBPR_FPEMU_NOPRINT\fP to silently emulate fp operations accesses, or
|
||||||
|
@ -283,6 +168,51 @@ Return floating-point exception mode,
|
||||||
in the location pointed to by
|
in the location pointed to by
|
||||||
.IR "(int\ *) arg2" .
|
.IR "(int\ *) arg2" .
|
||||||
.TP
|
.TP
|
||||||
|
.BR PR_SET_KEEPCAPS " (since Linux 2.2.18)"
|
||||||
|
Set the state of the thread's "keep capabilities" flag,
|
||||||
|
which determines whether the threads's effective and permitted
|
||||||
|
capability sets are cleared when a change is made to the threads's user IDs
|
||||||
|
such that the threads's real UID, effective UID, and saved set-user-ID
|
||||||
|
all become non-zero when at least one of them previously had the value 0.
|
||||||
|
(By default, these credential sets are cleared).
|
||||||
|
.I arg2
|
||||||
|
must be either 0 (capabilities are cleared) or 1 (capabilities are kept).
|
||||||
|
This value will be reset to 0 on subsequent calls to
|
||||||
|
.BR execve (2).
|
||||||
|
.TP
|
||||||
|
.BR PR_GET_KEEPCAPS " (since Linux 2.2.18)"
|
||||||
|
Return (as the function result) the current state of the calling threads's
|
||||||
|
"keep capabilities" flag.
|
||||||
|
.TP
|
||||||
|
.BR PR_SET_NAME " (since Linux 2.6.9)"
|
||||||
|
Set the process name for the calling process,
|
||||||
|
using the value in the location pointed to by
|
||||||
|
.IR "(char\ *) arg2" .
|
||||||
|
The name can be up to 16 bytes long,
|
||||||
|
.\" TASK_COMM_LEN in include/linux/sched.h
|
||||||
|
and should be null terminated if it contains fewer bytes.
|
||||||
|
.TP
|
||||||
|
.BR PR_GET_NAME " (since Linux 2.6.11)"
|
||||||
|
Return the process name for the calling process,
|
||||||
|
in the buffer pointed to by
|
||||||
|
.IR "(char\ *) arg2" .
|
||||||
|
The buffer should allow space for up to 16 bytes;
|
||||||
|
the returned string will be null terminated if it is shorter than that.
|
||||||
|
.TP
|
||||||
|
.BR PR_SET_PDEATHSIG " (since Linux 2.1.57)"
|
||||||
|
Set the parent process death signal
|
||||||
|
of the calling process to \fIarg2\fP (either a signal value
|
||||||
|
in the range 1..maxsig, or 0 to clear).
|
||||||
|
This is the signal that the calling process will get when its
|
||||||
|
parent dies.
|
||||||
|
This value is cleared for the child of a
|
||||||
|
.BR fork (2).
|
||||||
|
.TP
|
||||||
|
.BR PR_GET_PDEATHSIG " (since Linux 2.3.15)"
|
||||||
|
Return the current value of the parent process death signal,
|
||||||
|
in the location pointed to by
|
||||||
|
.IR "(int\ *) arg2" .
|
||||||
|
.TP
|
||||||
.BR PR_SET_SECCOMP " (since Linux 2.6.23)"
|
.BR PR_SET_SECCOMP " (since Linux 2.6.23)"
|
||||||
.\" See http://thread.gmane.org/gmane.linux.kernel/542632
|
.\" See http://thread.gmane.org/gmane.linux.kernel/542632
|
||||||
.\" [PATCH 0 of 2] seccomp updates
|
.\" [PATCH 0 of 2] seccomp updates
|
||||||
|
@ -319,6 +249,75 @@ call will cause a
|
||||||
signal to be sent to the process.
|
signal to be sent to the process.
|
||||||
This operation is only available
|
This operation is only available
|
||||||
if the kernel is configured with CONFIG_SECCOMP enabled.
|
if the kernel is configured with CONFIG_SECCOMP enabled.
|
||||||
|
.TP
|
||||||
|
.BR PR_SET_SECUREBITS " (since Linux 2.6.26)"
|
||||||
|
Set the "securebits" flags of the calling thread to the value supplied in
|
||||||
|
.IR arg2 .
|
||||||
|
See
|
||||||
|
.BR capabilities (7).
|
||||||
|
.TP
|
||||||
|
.BR PR_GET_SECUREBITS " (since Linux 2.6.26)"
|
||||||
|
Return (as the function result)
|
||||||
|
the "securebits" flags of the calling thread.
|
||||||
|
See
|
||||||
|
.BR capabilities (7).
|
||||||
|
.TP
|
||||||
|
.BR PR_SET_TIMING " (since Linux 2.6.0-test4)"
|
||||||
|
Set whether to use (normal, traditional) statistical process timing or
|
||||||
|
accurate timestamp based process timing, by passing
|
||||||
|
.B PR_TIMING_STATISTICAL
|
||||||
|
.\" 0
|
||||||
|
or
|
||||||
|
.B PR_TIMING_TIMESTAMP
|
||||||
|
.\" 1
|
||||||
|
to \fIarg2\fP.
|
||||||
|
.B PR_TIMING_TIMESTAMP
|
||||||
|
is not currently implemented
|
||||||
|
(attempting to set this mode will yield the error
|
||||||
|
.BR EINVAL ).
|
||||||
|
.\" PR_TIMING_TIMESTAMP doesn't do anything in 2.6.26-rc8,
|
||||||
|
.\" and looking at the patch history, it appears
|
||||||
|
.\" that it never did anything.
|
||||||
|
.TP
|
||||||
|
.BR PR_GET_TIMING " (since Linux 2.6.0-test4)"
|
||||||
|
Return (as the function result) which process timing method is currently
|
||||||
|
in use.
|
||||||
|
.TP
|
||||||
|
.BR PR_SET_TSC " (since Linux 2.6.26, x86 only)"
|
||||||
|
Set the state of the flag determining whether the timestamp counter
|
||||||
|
can be read by the process.
|
||||||
|
Pass
|
||||||
|
.B PR_TSC_ENABLE
|
||||||
|
to
|
||||||
|
.I arg2
|
||||||
|
to allow it to be read, or
|
||||||
|
.B PR_TSC_SIGSEGV
|
||||||
|
to generate a
|
||||||
|
.B SIGSEGV
|
||||||
|
when the process tries to read the timestamp counter.
|
||||||
|
.TP
|
||||||
|
.BR PR_GET_TSC " (since Linux 2.6.26, x86 only)"
|
||||||
|
Return the state of the flag determining whether the timestamp counter
|
||||||
|
can be read,
|
||||||
|
in the location pointed to by
|
||||||
|
.IR "(int\ *) arg2" .
|
||||||
|
.TP
|
||||||
|
.B PR_SET_UNALIGN
|
||||||
|
(Only on: ia64, since Linux 2.3.48; parisc, since Linux 2.6.15;
|
||||||
|
PowerPC, since Linux 2.6.18; Alpha, since Linux 2.6.22)
|
||||||
|
Set unaligned access control bits to \fIarg2\fP.
|
||||||
|
Pass
|
||||||
|
\fBPR_UNALIGN_NOPRINT\fP to silently fix up unaligned user accesses,
|
||||||
|
or \fBPR_UNALIGN_SIGBUS\fP to generate
|
||||||
|
.B SIGBUS
|
||||||
|
on unaligned user access.
|
||||||
|
.TP
|
||||||
|
.B PR_GET_UNALIGN
|
||||||
|
(see
|
||||||
|
.B PR_SET_UNALIGN
|
||||||
|
for information on versions and architectures)
|
||||||
|
Return unaligned access control bits, in the location pointed to by
|
||||||
|
.IR "(int\ *) arg2" .
|
||||||
.SH "RETURN VALUE"
|
.SH "RETURN VALUE"
|
||||||
On success,
|
On success,
|
||||||
.BR PR_GET_DUMPABLE ,
|
.BR PR_GET_DUMPABLE ,
|
||||||
|
|
Loading…
Reference in New Issue