65cfc71220
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-06-30 13:28:10 +02:00
ef5a2800f7
seccomp.2: srcfix
...
Reported-by: Sam Varshavchik <mrsam@courier-mta.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-05-08 16:13:42 +02:00
1a7e5113c6
seccomp.2: Note that seccomp_data is read-only
...
Reported-by: Pierre Chifflier <pollux@debian.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-04-19 09:33:38 +02:00
0582770c52
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-04-11 08:46:26 +02:00
1e64c86bbf
intro.1, ldd.1, clone.2, getgroups.2, getpid.2, getsockopt.2, ioctl_list.2, msgop.2, open.2, seccomp.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaction.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, syscall.2, syscalls.2, umount.2, clock.3, dlopen.3, fmemopen.3, fpathconf.3, fputwc.3, fputws.3, fseek.3, fseeko.3, gcvt.3, getline.3, getwchar.3, hypot.3, if_nameindex.3, initgroups.3, popen.3, resolver.3, strcoll.3, strdup.3, tzset.3, ulimit.3, wcstombs.3, wctob.3, xdr.3, console_codes.4, random.4, filesystems.5, host.conf.5, hosts.5, proc.5, resolv.conf.5, securetty.5, credentials.7, feature_test_macros.7, hier.7, ipv6.7, packet.7, pthreads.7, raw.7, signal.7, tcp.7, user_namespaces.7, ld.so.8, ldconfig.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-29 22:30:09 +02:00
37daa840af
seccomp.2: Minor edits to Jann Horn's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-29 18:09:56 +02:00
b44088b44f
seccomp.2: Explain blacklisting problems, expand example
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-29 17:52:09 +02:00
65be1b46fb
seccomp.2: Minor fixes to Jann Horn's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-22 20:25:10 +01:00
bec56ee2bb
seccomp.2: Add note about alarm(2) not being sufficient to limit runtime
...
On Wed, Mar 11, 2015 at 10:43:50PM +0100, Mikael Pettersson wrote:
> Jann Horn writes:
> > Or should I throw this patch away and write a patch
> > for the prctl() manpage instead that documents that
> > being able to call sigreturn() implies being able to
> > effectively call sigprocmask(), at least on some
> > architectures like X86?
>
> Well, that is the semantics of sigreturn(). It is essentially
> setcontext() [which includes the actions of sigprocmask()], but
> with restrictions on parameter placement (at least on x86).
>
> You could introduce some setting to restrict that aspect for
> seccomp processes, but you can't change this for normal processes
> without breaking things.
Then I think it's probably better and easier to just document the
existing behavior? If a new setting would have to be introduced
and developers would need to be aware of that, it's probably
easier to just tell everyone to use SIGKILL.
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Mikael Pettersson <mikpelinux@gmail.com>
Acked-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-22 20:25:03 +01:00
aea38298b3
seccomp.2: Add mention of libseccomp
...
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-15 09:51:44 +01:00
71bb61ecf6
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-10 10:47:22 +01:00
3b4a59c4b5
ptrace.2, sigaction.2, seccomp.2: Ptrace and siginfo details
...
While writing some additional seccomp tests, I realized
PTRACE_EVENT_SECCOMP wasn't documented yet. Fixed this, and added
additional notes related to ptrace events SIGTRAP details.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-18 12:04:32 +01:00
dff539545a
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 07:55:21 +01:00
1ac80024c9
perf_event_open.2, seccomp.2, setns.2, shmget.2, memchr.3, pthread_tryjoin_np.3, strstr.3, random.4, epoll.7, netlink.7, pid_namespaces.7, tcp.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 16:05:01 +01:00
5ac5e03b0d
seccomp.2: srcfix: Remove a FIXME
...
Quoting Daniel's response to my FIXME
> Still hoping to hear from Will Drewy regarding this FIXME in the
> page source:
>
> .\" FIXME What is the significance of the line
> .\" ftest->code = BPF_LDX | BPF_W | BPF_ABS;
> .\" in kernel/seccomp.c::seccomp_check_filter()?
This came in from our rework via commit bd4cf0ed331a ("net: filter:
rework/optimize internal BPF interpreter's instruction set"), and
is kernel-internal only, and unused in classic BPF. It translates
into A = *(u32 *) (ctx + K) and will basically load an offset from
the populated seccomp_data (= ctx) to A. For the man-page itself
it has therefore no relevance, hope that clarifies it.
Reviewed-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
a79566fba6
seccomp.2: wfix
...
Revert a wording change, as suggested by Kees Cook.
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
1367a60afb
seccomp.2: A process's seccomp mode is viewable via /proc/PID/status "Seccomp"
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
068653012c
seccomp.2: Changes after review feedback by Kees Cook
...
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
36931cfc80
seccomp.2: srcfx: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
ef05ec712f
seccomp.2: Minor fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
699996321d
seccomp.2: Tweak an argument name
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
6426723630
seccomp.2: EXAMPLE: Expand comments in the BPF program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
86ae10e3bd
seccomp.2: Rename arguments inside example program
...
Rename the arguments to install_filter() to improve readability
a little and to remove a little ambiguity. In particular, rename
'arch' to 't_arch' so that it does not get confused with the
seccomp_data field of the same name.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
cecc8c48ba
seccomp.2: Add subsection on seccomp-specific BPF details
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
93b9a9eeff
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
882cf566d8
seccomp.2: ERRORS: add an EINVAL case
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
043ed1c6d3
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
0c2e01b788
seccomp.2: Rework discussion of 'seccomp_data' buffer
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
e28e21fea0
seccomp.2: SEE ALSO: add Documentation/prctl/seccomp_filter.txt
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
f74fd424c1
seccomp.2: Add reference to original Usenix BPF paper
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
65a1328c75
seccomp.2: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
5b95c4aba5
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
a0a0c98bdc
seccomp.2: Mention <linux/audit.h>
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
43b265ff16
seccomp.2: wfix for EFAULT error
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
0e27eb0cd4
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
3edfdb10b2
seccomp.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
30d8060bd7
seccomp.2: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
76db415686
seccomp.2: Minor tweak to wording of ENOSYS error
2015-01-10 09:38:09 +01:00
cf690e13ff
seccomp.2: Rework discussion of 'siginfo_t' fields
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
41bf4e32e0
seccomp.2: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
db99c0648c
seccomp.2: Add reference to sigaction(2) under SECCOMP_RET_TRAP discussion
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
1da13d158d
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
ce67ca2364
seccomp.2: Minor tweak to ENOMEM error text
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
29efefece6
seccomp.2: Add some ERRORS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
5c8dd0e971
seccomp.2: Add a comment to example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
610082d992
seccomp.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
880bc4eb2d
seccomp.2: Clarify thread ID returned on SECCOMP_FILTER_FLAG_TSYNC failure
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
cbffd6ae44
seccomp.2: Fixes after review comments from Kees Cook
...
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
b8ffefd766
seccomp.2: Clarifications from Andy Lutomirski
...
Reported-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
87aa1b2cd8
seccomp.2: Minor fixes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
Michael Kerrisk