LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity
18,082 Commits 1 Branch 197 Tags 93 MiB
Commit Graph

184 Commits

Author SHA1 Message Date
Omar Sandoval 14d6e62f12 ptrace.2: clarify PTRACE_O_EXITKILL 
The description in the man page is confusing; it makes it sound like
setting the PTRACE_O_EXITKILL flag on any tracee makes it so that all
tracees are killed if the tracer exits. The description from kernel
commit 992fb6e170639b that introduced PTRACE_O_EXITKILL offers a
different explanation: "If the tracer exits it sends SIGKILL to every
tracee which has this bit set".

Cc: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-31 20:39:16 +01:00
Michael Kerrisk 35deeb8703 bind.2, chmod.2, chown.2, chroot.2, clock_getres.2, clone.2, connect.2, dup.2, fallocate.2, get_mempolicy.2, getpeername.2, getpriority.2, getsockname.2, getsockopt.2, gettimeofday.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, kill.2, mbind.2, mmap.2, mount.2, mprotect.2, nfsservctl.2, nice.2, open.2, perf_event_open.2, pipe.2, pkey_alloc.2, prctl.2, ptrace.2, quotactl.2, remap_file_pages.2, sched_setscheduler.2, set_mempolicy.2, signal.2, signalfd.2, swapon.2, sync_file_range.2, syscalls.2, timer_create.2, timerfd_create.2, utime.2, utimensat.2, wait.2, atof.3, ctime.3, errno.3, fclose.3, fflush.3, insque.3, malloc_get_state.3, mallopt.3, mbsnrtowcs.3, mq_close.3, mq_open.3, mq_receive.3, mq_send.3, printf.3, pthread_attr_init.3, pthread_create.3, pthread_setaffinity_np.3, ptsname.3, remainder.3, strtod.3, tgamma.3, timegm.3, tmpnam.3, ttyname.3, console_ioctl.4, elf.5, filesystems.5, proc.5, utmp.5, capabilities.7, cgroups.7, credentials.7, ddp.7, feature_test_macros.7, fifo.7, inotify.7, libc.7, mount_namespaces.7, namespaces.7, netlink.7, pid_namespaces.7, pkeys.7, shm_overview.7, standards.7, uri.7, user_namespaces.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 10:45:24 +01:00
Jakub Wilk 0d5b85ca7b ptrace.2: tfix 
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
 2016-11-27 18:58:18 +01:00
Michael Kerrisk ff20e9ca6b ptrace.2: Tweaks to Keno Fischer's patches 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-17 08:21:01 +01:00
Keno Fischer 5419141e28 ptrace.2: Expand documentation PTRACE_EVENT_SECCOMP traps 
In Linux 4.8 (through a series of commits, 93e35efb8de45393c
being the actual reordering on x86), the order of
PTRACE_EVENT_SECCOMP and syscall-entry-stops was reversed.
Document both behaviors and their interaction with the
various forms of restart.

Signed-off-by: Keno Fischer <keno@juliacomputing.com>
 2016-11-17 08:07:37 +01:00
Keno Fischer 131bcd7aaa ptrace.2: Document the behavior of PTRACE_SYSEMU stops 
Signed-off-by: Keno Fischer <keno@juliacomputing.com>
 2016-11-17 08:02:48 +01:00
Michael Kerrisk c73916154d ptrace.2: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-09 01:49:25 +01:00
Michael Kerrisk baf11d5c1d ptrace.2: Document PTRACE_SECCOMP_GET_FILTER 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-08 14:07:56 +01:00
Michael Kerrisk b8854baedb ptrace.2: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-08 14:07:56 +01:00
Michael Kerrisk bc8bfd8ac8 ptrace.2: Document PTRACE_GET_THREAD_AREA and PTRACE_SET_THREAD_AREA 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-01 14:25:06 +01:00
Michael Kerrisk 02418dd0c7 ptrace.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-01 14:06:28 +01:00
Michael Kerrisk 65ba6523ea ptrace.2: srcfix: update FIXME details 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-01 14:02:13 +01:00
Michael Kerrisk 3b1fdaf38f ptrace.2: srcfix: FIXME tidy-up 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-10-29 13:34:57 +02:00
Michael Kerrisk a686506533 ptrace.2: ffix 
Reported-by: Sam Varshavchik <mrsam@courier-mta.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-08-12 07:14:42 +12:00
Michael Kerrisk bf7bc8b898 arch_prctl.2, execveat.2, fanotify_mark.2, fcntl.2, fork.2, madvise.2, mknod.2, mmap.2, modify_ldt.2, mount.2, open.2, prctl.2, ptrace.2, restart_syscall.2, seccomp.2, semop.2, set_thread_area.2, symlink.2, umount.2, unlink.2, error.3, getnetent.3, getprotoent.3, getservent.3, getutent.3, glob.3, login.3, setjmp.3, setnetgrent.3, wordexp.3, epoll.7: Remove section number from page self reference 
Fix places where pages refer to the function that they describe
and include a section number in that reference. Such references
cause some HTML-rendering tools to create self-references in the
page.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-08-08 05:54:12 +10:00
Michael Kerrisk 3df541c0e6 ldd.1, localedef.1, add_key.2, chroot.2, clone.2, fork.2, futex.2, get_mempolicy.2, get_robust_list.2, getitimer.2, getpriority.2, ioctl.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, kcmp.2, kill.2, lookup_dcookie.2, mmap.2, mount.2, open.2, pciconfig_read.2, perf_event_open.2, prctl.2, process_vm_readv.2, ptrace.2, quotactl.2, recv.2, setfsgid.2, setfsuid.2, sysinfo.2, umask.2, umount.2, unshare.2, utimensat.2, wait.2, assert.3, fmax.3, fmin.3, getauxval.3, inet_pton.3, malloc_hook.3, memmem.3, mkdtemp.3, mktemp.3, printf.3, strcasecmp.3, strcat.3, strtoul.3, strxfrm.3, console_codes.4, console_ioctl.4, lirc.4, tty.4, vcs.4, charmap.5, elf.5, locale.5, proc.5, repertoiremap.5, utmp.5, capabilities.7, cgroup_namespaces.7, cgroups.7, charsets.7, cp1251.7, cp1252.7, credentials.7, feature_test_macros.7, iso_8859-1.7, iso_8859-15.7, iso_8859-5.7, koi8-r.7, koi8-u.7, man-pages.7, mount_namespaces.7, namespaces.7, netlink.7, pid_namespaces.7, unix.7, user_namespaces.7, utf-8.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-07-17 18:10:19 +02:00
Michael Kerrisk 028b5760e8 ptrace.2: Minor fixes after review by Kees Cook 
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk e48ed83a6a ptrace.2: tfix 
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk d5765e275d ptrace.2: Note that user namespaces can be used to bypass Yama protections 
Cowrittten-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk e532361686 ptrace.2: Update Yama ptrace_scope documentation 
Reframe the discussion in terms of PTRACE_MODE_ATTACH checks,
and make a few other minor tweaks and additions.

Reviewed-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk 94b0464cc2 ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk b0459842ff ptrace.2: srcfix: add 2015 copyright notice for mtk 
(Yama ptrace_scope text added in 2015.)

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk 00172d8d96 ptrace.2: Add an introductory paragraph to the Ptrace access mode checks" section 
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 1c22e40a71 ptrace.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 3224581342 ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk edb7368474 ptrace.2: Relocate text noting that PTRACE_MODE_* constants are kernel-internal 
(No content changes.)

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk be26fa864f ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk bcd0d82dac ptrace.2: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Stephen Smalley 3cd161fe57 ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 78f0786577 ptrace.2: Further fixes after review from Jann Horn 
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk a330bffa78 ptrace.2: Minor improvements to ptrace access mode text 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 611d3ac40a ptrace.2: Various fixes after review by Jann Horn 
Among other things, Jann pointed out that the commoncap LSM
is always invoked, and Kees Cook pointed out the relevant
kernel code:

===
> BTW, can you point me at the piece(s) of kernel code that show that
> "commoncap" is always invoked in addition to any other LSM that has
> been installed?

It's not entirely obvious, but the bottom of security/commoncap.c shows:

struct security_hook_list capability_hooks[] = {
        LSM_HOOK_INIT(capable, cap_capable),
...
};

void __init capability_add_hooks(void)
{
        security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks));
}

And security/security.c shows the initialization order of the LSMs:

int __init security_init(void)
{
        pr_info("Security Framework initialized\n");

        /*
         * Load minor LSMs, with the capability module always first.
         */
        capability_add_hooks();
        yama_add_hooks();
        loadpin_add_hooks();

        /*
         * Load all the remaining security modules.
         */
        do_security_initcalls();

        return 0;
}
===

Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 0647331a06 kcmp.2, ptrace.2: tfix 
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk e4e2367fe6 ptrace.2: Clarify the purpose of mentioning the kernel PTRACE_MODE_* constants 
The "ptrace access mode" text is about user-space-visible
behavior, but in order to explain that behavior at what I
believe is a sufficient level of detail (e.g., to differentiate
the various types of checks that are performed for various
system calls and pseudofile accesses), one needs (1) to discuss
the MODE flag details as implemented in the kernel, and (2) to
have a shorthand way to refer to the various cases from other
pages. It's not absolutely necessary to name the flags for (1),
but using the flag names is certainly a handy shorthand for (2).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk c33e8aff8c ptrace.2: Note that PTRACE_SEIZE is subject to a ptrace access mode check 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk d4c976d820 ptrace.2: Rephrase PTRACE_ATTACH permissions in terms of ptrace access mode check 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk ace93363fb ptrace.2: Document ptrace access modes 
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:28 +02:00
Michael Kerrisk fec74bb1aa ptrace.2: srcfix: add info about PTRACE_SEIZE 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-03-28 17:38:04 +13:00
Michael Kerrisk 1a3c3468bd ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-01-08 17:24:58 +01:00
Jakub Wilk 851eae74ca ptrace.2: tfix 
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-01-08 17:24:20 +01:00
Michael Kerrisk 6f3c74a8b9 mremap.2, open.2, perf_event_open.2, prctl.2, ptrace.2, reboot.2, seccomp.2, signalfd.2, syscalls.2, __ppc_set_ppr_med.3, daemon.3, dirfd.3, fgetgrent.3, fgetpwent.3, getauxval.3, getspnam.3, mallinfo.3, mallopt.3, posix_fallocate.3, termios.3, tty_ioctl.4, core.5, nsswitch.conf.5, proc.5, aio.7, capabilities.7, path_resolution.7, pipe.7, rtld-audit.7, signal.7, tcp.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-12-05 10:46:28 +01:00
Namhyung Kim cc3407d12d ptrace.2: tfix 
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-12-02 17:13:38 +01:00
Michael Kerrisk a47c1f4449 ptrace.2: srcfix: FIXME 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-09 15:09:22 +02:00
Michael Kerrisk d901e32568 ptrace.2: SEE ALSO: add prctl(2) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-08 13:01:33 +01:00
Michael Kerrisk 4978c60601 ptrace.2: Document /proc/sys/kernel/yama/ptrace_scope 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-08 13:01:33 +01:00
Michael Kerrisk b405de5281 ptrace.2: Note that PTRACE_ATTACH cannot be applied to nondumpable processes 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-08 13:01:33 +01:00
Michael Kerrisk b4b436adfb ptrace.2: Minor tweaks to Tycho's patch 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-09-11 14:00:59 +02:00
Tycho Andersen e3cfeba2ff ptrace.2: Document PTRACE_O_SUSPEND_SECCOMP flag 
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Kees Cook <keescook@chromium.org>
CC: Andy Lutomirski <luto@amacapital.net>
CC: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-09-11 14:00:31 +02:00
Michael Kerrisk 5722c835ab intro.1, locale.1, _exit.2, access.2, bpf.2, brk.2, capget.2, chmod.2, chroot.2, clock_getres.2, clone.2, eventfd.2, fallocate.2, fork.2, getgroups.2, gethostname.2, getpid.2, getpriority.2, getrlimit.2, getrusage.2, gettid.2, iopl.2, ioprio_set.2, killpg.2, mlock.2, mprotect.2, perf_event_open.2, poll.2, posix_fadvise.2, pread.2, ptrace.2, read.2, readv.2, recv.2, rename.2, sched_setaffinity.2, sched_setattr.2, seccomp.2, select.2, send.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaltstack.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, stat.2, timer_create.2, uname.2, utimensat.2, wait.2, wait4.2, write.2, MB_LEN_MAX.3, __ppc_get_timebase.3, clearenv.3, dl_iterate_phdr.3, error.3, fexecve.3, fpurge.3, fread.3, fts.3, getaddrinfo.3, getaddrinfo_a.3, getauxval.3, getgrent_r.3, gethostbyname.3, getifaddrs.3, getnameinfo.3, getnetent_r.3, getprotoent.3, getprotoent_r.3, getpw.3, getpwent_r.3, getrpcent.3, getrpcent_r.3, getrpcport.3, getservent.3, getservent_r.3, gsignal.3, key_setsecret.3, malloc_get_state.3, malloc_info.3, malloc_stats.3, malloc_trim.3, memcpy.3, mq_notify.3, mq_open.3, perror.3, profil.3, psignal.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_create.3, pthread_detach.3, pthread_getattr_np.3, pthread_join.3, pthread_setname_np.3, pthread_tryjoin_np.3, putgrent.3, rcmd.3, rpc.3, rpmatch.3, sem_close.3, sem_open.3, setaliasent.3, shm_open.3, sigqueue.3, strfmon.3, xcrypt.3, xdr.3, console_codes.4, null.4, core.5, host.conf.5, hosts.equiv.5, locale.5, repertoiremap.5, locale.7, man-pages.7, pty.7, rtld-audit.7, sched.7, vdso.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-07-23 16:12:28 +02:00
Michael Kerrisk 55bd9495b2 ptrace.2: PTRACE_O_TRACEEXIT clarification 
Reported-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-05-12 12:43:48 +02:00