The 3.19 kernel will have support for Intel MPX, including
a pair of new prctl() calls (PR_MPX_ENABLE_MANAGEMENT and
PR_MPX_DISABLE_MANAGEMENT) for enabling and disabling the
kernel's management of the "bounds tables". Add a
descriptions of the interface.
The kernel patches were written by myself and another Intel
developer.
Signed-off-by: Dave Hansen <dave.hansen@intel.com>
Cc: Qiaowei Ren <qiaowei.ren@intel.com>
Cc: linux-man@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
/dev/urandom uses a pseudo-random number generator to replace
missing entropy.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
/dev/random and /dev/urandom treat O_NONBLOCK differently.
This should be described in the manpage.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This change clarifies the behavior of the PERF_FLAG_FD_OUTPUT and
PERF_FLAG_FD_NO_GROUP flags to perf_event_open(), and removes
the related FIXME comments.
While writing tests to validate the behavior of these flags I
discovered that PERF_FLAG_FD_OUTPUT has been broken since the
2.6.35 kernel release.
Signed-off-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There was a typo with the name of PERF_ATTR_SIZE_VER3
Signed-off-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Quoting Daniel's response to my FIXME
> Still hoping to hear from Will Drewy regarding this FIXME in the
> page source:
>
> .\" FIXME What is the significance of the line
> .\" ftest->code = BPF_LDX | BPF_W | BPF_ABS;
> .\" in kernel/seccomp.c::seccomp_check_filter()?
This came in from our rework via commit bd4cf0ed331a ("net: filter:
rework/optimize internal BPF interpreter's instruction set"), and
is kernel-internal only, and unused in classic BPF. It translates
into A = *(u32 *) (ctx + K) and will basically load an offset from
the populated seccomp_data (= ctx) to A. For the man-page itself
it has therefore no relevance, hope that clarifies it.
Reviewed-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Revert a wording change, as suggested by Kees Cook.
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Rename the arguments to install_filter() to improve readability
a little and to remove a little ambiguity. In particular, rename
'arch' to 't_arch' so that it does not get confused with the
seccomp_data field of the same name.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>