This adds a short summary of the arguments used
for "mode 2" (BPF) seccomp.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Notes from Bert Hubert:
Recently PowerDNS needed to support the getting of the
original destination address of packets received on ::.
Following the advice in ipv6(7) generated an error on
setsockopt().
Some googling confirmed that setsockopt() with
IPV6_PKTINFO indeed does not work, but we found that
IPV6_RECVPKTINFO did.
Our experiences are detailed in
http://bert-hubert.blogspot.nl/2012/10/on-binding-datagram-udp-sockets-to-any.html
Please find attached a quite naive patch to ipv6.7 that at
least fixes 'my' problem, but does not document if
IPV6_PKTINFO ever worked as a flag. It does document that
IPV6_RECVPKTINFO is available since 2.6.13.
Please let me know if this patch is acceptable, or if you
want me to dig deeper into the IPV6_PKTINFO situation.
Notes from mtk:
Drop mention of IPV6_PKTINFO; that's IPV6_2292PKTINFO nowadays
(and needs to be documented). And, confusingly, there's nowadays
an IPV6_PKTINFO that is a quite different thig.
With kernel commit 333fad5364d6b457c8d837f7d05802d2aaf8a961
(Sep 2005) PV6_PKTINFO disappeared from the
getsockopt/setsockopt API, and IPV6_2292PKTINFO took its place.
Meanwhile, IPV6_RECVPKTINFO was added.
Then kernel commit b24a2516d10751d7ed5afb58420df25370c9dffb
(Dec 2008) added IPV6_PKTINFO back to the
getsockopt/getsockopt API, but with what looks to be a
rather different meaning (it takes a 'struct in6_pktinfo'
as the third arg).
This seems consistent (if confusing) with the RFCs:
http://www.ietf.org/rfc/rfc2292.txthttp://www.ietf.org/rfc/rfc3542.txt (obsoletes 2292)
Both of those RFCs define an IPV6_PKTINO sockopt, but the
former takes an int arg, and the latter takes a
'struct in6_pktinfo'.
So, my summary of your patch is that it's correct. (But I think
that IPV6_RECVPKTINFO is present since 2.6.14, not 2.6.13.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Add a 'check-groff-warnings' target to check if groff
reports warnings (the underlying problem may be causing
words or sentences not to be displayed) from
http://lintian.debian.org/tags/manpage-has-errors-from-man.html
Some edits by mtk.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
The line(s) in the NAME section should only use capitals
where English usage dictates that. Otherwise, use
lowercase throughout.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Existing pages variously use "userspace or "user space".
But, "userspace" is not quite an English word.
So change "userspace" to "user space" or, when used
attributively, "user-space".
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There is now nothing left of the original FSF-copyrighted
page. So, change the copyright and license.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Rusty notes that O_NONBLOCK is almost always used in
practice. Therefore, it would be better to reorganize
the page to consider that "the default".
Reviewed-by: Lucas De Marchi <lucas.de.marchi@gmail.com>
Reviewed-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Info mosly taken from Documentation/filesystems/proc.txt
and Documentation/vm/hugetlbpage.txt.
Also added info on the CONFIG_* options that govern various
parameters, and also version information for fields
introduced since 2.6.0. This information is current up to
Linux 3.6.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Note that violating 'protected_symlinks' restrictions
causes system calls to fail with the error EACCES.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Michael Kerrisk