Stephen Smalley
3cd161fe57
ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
78f0786577
ptrace.2: Further fixes after review from Jann Horn
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
a330bffa78
ptrace.2: Minor improvements to ptrace access mode text
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
611d3ac40a
ptrace.2: Various fixes after review by Jann Horn
...
Among other things, Jann pointed out that the commoncap LSM
is always invoked, and Kees Cook pointed out the relevant
kernel code:
===
> BTW, can you point me at the piece(s) of kernel code that show that
> "commoncap" is always invoked in addition to any other LSM that has
> been installed?
It's not entirely obvious, but the bottom of security/commoncap.c shows:
struct security_hook_list capability_hooks[] = {
LSM_HOOK_INIT(capable, cap_capable),
...
};
void __init capability_add_hooks(void)
{
security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks));
}
And security/security.c shows the initialization order of the LSMs:
int __init security_init(void)
{
pr_info("Security Framework initialized\n");
/*
* Load minor LSMs, with the capability module always first.
*/
capability_add_hooks();
yama_add_hooks();
loadpin_add_hooks();
/*
* Load all the remaining security modules.
*/
do_security_initcalls();
return 0;
}
===
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
0647331a06
kcmp.2, ptrace.2: tfix
...
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
e4e2367fe6
ptrace.2: Clarify the purpose of mentioning the kernel PTRACE_MODE_* constants
...
The "ptrace access mode" text is about user-space-visible
behavior, but in order to explain that behavior at what I
believe is a sufficient level of detail (e.g., to differentiate
the various types of checks that are performed for various
system calls and pseudofile accesses), one needs (1) to discuss
the MODE flag details as implemented in the kernel, and (2) to
have a shorthand way to refer to the various cases from other
pages. It's not absolutely necessary to name the flags for (1),
but using the flag names is certainly a handy shorthand for (2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
c33e8aff8c
ptrace.2: Note that PTRACE_SEIZE is subject to a ptrace access mode check
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
d4c976d820
ptrace.2: Rephrase PTRACE_ATTACH permissions in terms of ptrace access mode check
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:29 +02:00
Michael Kerrisk
ace93363fb
ptrace.2: Document ptrace access modes
...
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:28 +02:00
Michael Kerrisk
fec74bb1aa
ptrace.2: srcfix: add info about PTRACE_SEIZE
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-03-28 17:38:04 +13:00
Michael Kerrisk
1a3c3468bd
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-01-08 17:24:58 +01:00
Jakub Wilk
851eae74ca
ptrace.2: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-01-08 17:24:20 +01:00
Michael Kerrisk
6f3c74a8b9
mremap.2, open.2, perf_event_open.2, prctl.2, ptrace.2, reboot.2, seccomp.2, signalfd.2, syscalls.2, __ppc_set_ppr_med.3, daemon.3, dirfd.3, fgetgrent.3, fgetpwent.3, getauxval.3, getspnam.3, mallinfo.3, mallopt.3, posix_fallocate.3, termios.3, tty_ioctl.4, core.5, nsswitch.conf.5, proc.5, aio.7, capabilities.7, path_resolution.7, pipe.7, rtld-audit.7, signal.7, tcp.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-12-05 10:46:28 +01:00
Namhyung Kim
cc3407d12d
ptrace.2: tfix
...
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-12-02 17:13:38 +01:00
Michael Kerrisk
a47c1f4449
ptrace.2: srcfix: FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-10-09 15:09:22 +02:00
Michael Kerrisk
d901e32568
ptrace.2: SEE ALSO: add prctl(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-10-08 13:01:33 +01:00
Michael Kerrisk
4978c60601
ptrace.2: Document /proc/sys/kernel/yama/ptrace_scope
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-10-08 13:01:33 +01:00
Michael Kerrisk
b405de5281
ptrace.2: Note that PTRACE_ATTACH cannot be applied to nondumpable processes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-10-08 13:01:33 +01:00
Michael Kerrisk
b4b436adfb
ptrace.2: Minor tweaks to Tycho's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-09-11 14:00:59 +02:00
Tycho Andersen
e3cfeba2ff
ptrace.2: Document PTRACE_O_SUSPEND_SECCOMP flag
...
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Kees Cook <keescook@chromium.org>
CC: Andy Lutomirski <luto@amacapital.net>
CC: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-09-11 14:00:31 +02:00
Michael Kerrisk
5722c835ab
intro.1, locale.1, _exit.2, access.2, bpf.2, brk.2, capget.2, chmod.2, chroot.2, clock_getres.2, clone.2, eventfd.2, fallocate.2, fork.2, getgroups.2, gethostname.2, getpid.2, getpriority.2, getrlimit.2, getrusage.2, gettid.2, iopl.2, ioprio_set.2, killpg.2, mlock.2, mprotect.2, perf_event_open.2, poll.2, posix_fadvise.2, pread.2, ptrace.2, read.2, readv.2, recv.2, rename.2, sched_setaffinity.2, sched_setattr.2, seccomp.2, select.2, send.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaltstack.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, stat.2, timer_create.2, uname.2, utimensat.2, wait.2, wait4.2, write.2, MB_LEN_MAX.3, __ppc_get_timebase.3, clearenv.3, dl_iterate_phdr.3, error.3, fexecve.3, fpurge.3, fread.3, fts.3, getaddrinfo.3, getaddrinfo_a.3, getauxval.3, getgrent_r.3, gethostbyname.3, getifaddrs.3, getnameinfo.3, getnetent_r.3, getprotoent.3, getprotoent_r.3, getpw.3, getpwent_r.3, getrpcent.3, getrpcent_r.3, getrpcport.3, getservent.3, getservent_r.3, gsignal.3, key_setsecret.3, malloc_get_state.3, malloc_info.3, malloc_stats.3, malloc_trim.3, memcpy.3, mq_notify.3, mq_open.3, perror.3, profil.3, psignal.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_create.3, pthread_detach.3, pthread_getattr_np.3, pthread_join.3, pthread_setname_np.3, pthread_tryjoin_np.3, putgrent.3, rcmd.3, rpc.3, rpmatch.3, sem_close.3, sem_open.3, setaliasent.3, shm_open.3, sigqueue.3, strfmon.3, xcrypt.3, xdr.3, console_codes.4, null.4, core.5, host.conf.5, hosts.equiv.5, locale.5, repertoiremap.5, locale.7, man-pages.7, pty.7, rtld-audit.7, sched.7, vdso.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-07-23 16:12:28 +02:00
Michael Kerrisk
55bd9495b2
ptrace.2: PTRACE_O_TRACEEXIT clarification
...
Reported-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-05-12 12:43:48 +02:00
Michael Kerrisk
0722a578ed
_exit.2, access.2, brk.2, chmod.2, clone.2, epoll_wait.2, eventfd.2, fork.2, getgroups.2, gethostname.2, getpid.2, getpriority.2, killpg.2, mmap.2, poll.2, posix_fadvise.2, pread.2, ptrace.2, readv.2, sched_setaffinity.2, select.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaction.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, stat.2, timer_create.2, uname.2, wait.2, wait4.2, mq_notify.3, mq_open.3, sigqueue.3, man-pages.7: Remove "ABI" from "C library/kernel ABI differences" subheadings
...
The "ABI" doesn't really convey anything significant in
the title. These subsections are about describing differences
between the kernel and (g)libc interfaces.
Reported-by: Andries E. Brouwer <Andries.Brouwer@cwi.nl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-05-08 13:10:04 +02:00
Michael Kerrisk
94e66ffdb0
ptrace.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-05-04 13:08:24 +02:00
Michael Kerrisk
6d322d5fc7
time.1, access.2, arch_prctl.2, cacheflush.2, capget.2, clone.2, execve.2, fcntl.2, fork.2, getpid.2, getxattr.2, ioctl.2, ioctl_fat.2, killpg.2, listxattr.2, madvise.2, migrate_pages.2, modify_ldt.2, mprotect.2, msgget.2, msgop.2, perf_event_open.2, ptrace.2, sched_setattr.2, semget.2, semop.2, sendfile.2, set_thread_area.2, setxattr.2, stat.2, statfs.2, wait.2, wait4.2, encrypt.3, mktemp.3, pthread_attr_setschedparam.3, resolver.3, statvfs.3, syslog.3, tzset.3, core.5, host.conf.5, intro.5, proc.5, resolv.conf.5, pthreads.7, socket.7, unix.7, ld.so.8, ldconfig.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 09:26:52 +01:00
Michael Kerrisk
53cdec414b
ptrace.2: Minor tweaks to Denys Vlasenko's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:12 +01:00
Denys Vlasenko
28e2ca574f
ptrace.2: Add information on PTRACE_SEIZE versus PTRACE_ATTACH differences
...
Extend description of PTRACE_SEIZE with the short summary of its
differences from PTRACE_ATTACH.
The following paragraph:
PTRACE_EVENT_STOP
Stop induced by PTRACE_INTERRUPT command, or group-stop, or ini-
tial ptrace-stop when a new child is attached (only if attached
using PTRACE_SEIZE), or PTRACE_EVENT_STOP if PTRACE_SEIZE was used.
has an editing error (the part after last comma makes no sense).
Removing it.
Mention that legacy post-execve SIGTRAP is disabled by PTRACE_SEIZE.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:12 +01:00
James Hunt
674f11ecbc
ptrace.2: Explain behaviour should ptrace tracer call execve(2)
...
This behaviour was verified by reading the kernel source and
confirming the behaviour using a test program.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Michael Kerrisk
8392a3b33f
_exit.2, dup.2, execve.2, execveat.2, fallocate.2, fcntl.2, get_robust_list.2, getrlimit.2, mbind.2, memfd_create.2, mmap.2, open.2, ptrace.2, readv.2, select.2, sigaction.2, syscall.2, syscalls.2, truncate.2, utimensat.2, write.2, errno.3, exec.3, fclose.3, fexecve.3, fmemopen.3, fopencookie.3, getgrent_r.3, getline.3, getmntent.3, getpw.3, getpwent_r.3, getspnam.3, malloc_info.3, posix_fallocate.3, putgrent.3, shm_open.3, locale.5, proc.5: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-22 23:29:25 +01:00
Michael Kerrisk
81c5080b1b
ptrace.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-18 12:14:48 +01:00
Kees Cook
3b4a59c4b5
ptrace.2, sigaction.2, seccomp.2: Ptrace and siginfo details
...
While writing some additional seccomp tests, I realized
PTRACE_EVENT_SECCOMP wasn't documented yet. Fixed this, and added
additional notes related to ptrace events SIGTRAP details.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-18 12:04:32 +01:00
Michael Kerrisk
e890609356
capget.2, ptrace.2, vhangup.2, wait.2, ttyslot.3, console.4, proc.5, utmp.5, boot.7: tfix: page xrefs for init
2014-10-03 08:47:03 +02:00
Michael Kerrisk
bea08fec7e
adjtimex.2, bind.2, cacheflush.2, clone.2, fallocate.2, fanotify_init.2, fanotify_mark.2, flock.2, futex.2, getdents.2, getpriority.2, getrlimit.2, gettid.2, gettimeofday.2, ioprio_set.2, kexec_load.2, migrate_pages.2, modify_ldt.2, mount.2, move_pages.2, mprotect.2, msgop.2, nfsservctl.2, perf_event_open.2, pread.2, ptrace.2, recvmmsg.2, rename.2, restart_syscall.2, sched_setattr.2, send.2, shmop.2, shutdown.2, sigaction.2, signalfd.2, syscalls.2, timer_create.2, timerfd_create.2, tkill.2, vmsplice.2, wait.2, aio_init.3, confstr.3, exit.3, fmemopen.3, fopen.3, getaddrinfo.3, getauxval.3, getspnam.3, isalpha.3, isatty.3, mallinfo.3, malloc.3, mallopt.3, psignal.3, pthread_attr_setinheritsched.3, qecvt.3, queue.3, rtnetlink.3, strerror.3, strftime.3, toupper.3, towlower.3, towupper.3, initrd.4, locale.5, proc.5, bootparam.7, capabilities.7, ddp.7, fanotify.7, icmp.7, inotify.7, ip.7, ipv6.7, netdevice.7, netlink.7, path_resolution.7, rtld-audit.7, rtnetlink.7, sched.7, signal.7, socket.7, svipc.7, tcp.7, unix.7, ld.so.8: srcfix: Update FIXMEs
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-08-21 16:47:44 -05:00
Michael Kerrisk
8980a50087
access.2, bdflush.2, bind.2, brk.2, chmod.2, chown.2, clone.2, epoll_wait.2, execve.2, fsync.2, getgroups.2, gethostname.2, getpagesize.2, getpriority.2, getrlimit.2, ioperm.2, kexec_load.2, link.2, mkdir.2, mmap.2, msgop.2, perf_event_open.2, process_vm_readv.2, ptrace.2, readlink.2, readv.2, recv.2, rename.2, sched_setaffinity.2, select.2, send.2, seteuid.2, signal.2, sigwaitinfo.2, stat.2, symlink.2, sync.2, sync_file_range.2, sysinfo.2, timer_create.2, uname.2, unlink.2, utime.2, wait.2, abs.3, atoi.3, catopen.3, cerf.3, cexp2.3, clearenv.3, clog2.3, ctime.3, des_crypt.3, ecvt.3, fgetgrent.3, flockfile.3, fseeko.3, ftime.3, ftok.3, ftw.3, getauxval.3, getcwd.3, getdtablesize.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, getline.3, getpass.3, getutent.3, glob.3, insque.3, lseek64.3, memmem.3, mkstemp.3, mktemp.3, on_exit.3, openpty.3, putenv.3, qecvt.3, realpath.3, remove.3, setbuf.3, sigpause.3, strftime.3, strptime.3, strstr.3, strtod.3, tzset.3, updwtmp.3, xcrypt.3, core.5, utmp.5, capabilities.7, charsets.7, environ.7, ipv6.7, man-pages.7, packet.7, vdso.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-08-19 11:55:41 -05:00
Michael Kerrisk
53a99749df
ptrace.2: NOTES: add "C library/kernel ABI differences" subheading
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-08-18 17:01:47 -05:00
Michael Kerrisk
177660fae0
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-05-19 10:10:03 +02:00
Michael Kerrisk
07318a59d6
ptrace.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-05-15 14:20:26 +02:00
Michael Kerrisk
15d33661c7
ptrace.2: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-03-26 07:33:17 +01:00
Michael Kerrisk
92692952b1
Removed trailing white space at end of lines
2014-02-26 18:29:50 +01:00
Michael Kerrisk
051ec121f0
ptrace.2: Make it clearer that glibc and syscall APIs differ for PTRACE_PEEK*
...
Thanks to Denys Vlasenko's additions in 78686915ae
this page does note that the glibc API for PTRACE_PEEK*
differs from the raw syscall interface. But, as the report
at https://bugzilla.kernel.org/show_bug.cgi?id=70801 shows,
this information could be more obvious. This patch makes its so.
Reported-by: Andrew Hunter <ahh@google.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-02-19 11:41:33 +01:00
Michael Kerrisk
36f5dd10ba
ptrace.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-02-19 10:34:42 +01:00
Michael Kerrisk
a71b27f8bb
ptrace.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-02-19 09:24:51 +01:00
Michael Kerrisk
a797afac4e
fcntl.2, msgget.2, ptrace.2, request_key.2, shmget.2, sigaction.2, syscalls.2, dbopen.3, euidaccess.3, getgrnam.3, getpwnam.3, strfmon.3, strtol.3, strtoul.3, cciss.4, hpsa.4, mouse.4, termcap.5, charsets.7, iso_8859-16.7, iso_8859-2.7, koi8-r.7, unicode.7, utf-8.7: Use Oxford comma
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-02-05 16:09:11 +01:00
David Prévot
8abd92fca7
ptrace.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-02-04 10:02:50 +01:00
Michael Kerrisk
222475b004
ptrace.2: Add details to descriptions of PTRACE_GETSIGMASK and PTRACE_SETSIGMASK
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-01-23 15:36:04 +01:00
Michael Kerrisk
83894d15e2
ptrace.2: Reworking of Andrey's patches
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-01-20 13:20:56 +01:00
Andrey Vagin
9a36b8fca0
ptrace.2: Add description for PTRACE_GETSIGMASK and PTRACE_SETSIGMASK
...
These two commands allow to examine and change mask of blocked signals.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-01-20 10:43:11 +01:00
Andrey Vagin
7a535f54fb
ptrace.2: Add description for PTRACE_PEEKSIGINFO
...
Retrieve signals without removing them from a queue.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-01-20 10:42:13 +01:00
Mike Frysinger
a9deb5e056
ptrace.2: tfix userspace->user space
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-01-02 11:49:16 +13:00
Simon Paillard
5c977011c1
ptrace.2, setns.2, glob.7, ld.so.8: ffix: hyphen-used-as-minus-sign
...
See http://lintian.debian.org/tags/hyphen-used-as-minus-sign.html
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-09-05 13:09:41 +02:00