LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity
15,898 Commits 1 Branch 197 Tags 93 MiB
Commit Graph

163 Commits

Author SHA1 Message Date
Michael Kerrisk b0459842ff ptrace.2: srcfix: add 2015 copyright notice for mtk 
(Yama ptrace_scope text added in 2015.)

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:30 +02:00
Michael Kerrisk 00172d8d96 ptrace.2: Add an introductory paragraph to the Ptrace access mode checks" section 
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 1c22e40a71 ptrace.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 3224581342 ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk edb7368474 ptrace.2: Relocate text noting that PTRACE_MODE_* constants are kernel-internal 
(No content changes.)

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk be26fa864f ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk bcd0d82dac ptrace.2: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Stephen Smalley 3cd161fe57 ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 78f0786577 ptrace.2: Further fixes after review from Jann Horn 
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk a330bffa78 ptrace.2: Minor improvements to ptrace access mode text 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 611d3ac40a ptrace.2: Various fixes after review by Jann Horn 
Among other things, Jann pointed out that the commoncap LSM
is always invoked, and Kees Cook pointed out the relevant
kernel code:

===
> BTW, can you point me at the piece(s) of kernel code that show that
> "commoncap" is always invoked in addition to any other LSM that has
> been installed?

It's not entirely obvious, but the bottom of security/commoncap.c shows:

struct security_hook_list capability_hooks[] = {
        LSM_HOOK_INIT(capable, cap_capable),
...
};

void __init capability_add_hooks(void)
{
        security_add_hooks(capability_hooks, ARRAY_SIZE(capability_hooks));
}

And security/security.c shows the initialization order of the LSMs:

int __init security_init(void)
{
        pr_info("Security Framework initialized\n");

        /*
         * Load minor LSMs, with the capability module always first.
         */
        capability_add_hooks();
        yama_add_hooks();
        loadpin_add_hooks();

        /*
         * Load all the remaining security modules.
         */
        do_security_initcalls();

        return 0;
}
===

Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 0647331a06 kcmp.2, ptrace.2: tfix 
Reported-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk e4e2367fe6 ptrace.2: Clarify the purpose of mentioning the kernel PTRACE_MODE_* constants 
The "ptrace access mode" text is about user-space-visible
behavior, but in order to explain that behavior at what I
believe is a sufficient level of detail (e.g., to differentiate
the various types of checks that are performed for various
system calls and pseudofile accesses), one needs (1) to discuss
the MODE flag details as implemented in the kernel, and (2) to
have a shorthand way to refer to the various cases from other
pages. It's not absolutely necessary to name the flags for (1),
but using the flag names is certainly a handy shorthand for (2).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk c33e8aff8c ptrace.2: Note that PTRACE_SEIZE is subject to a ptrace access mode check 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk d4c976d820 ptrace.2: Rephrase PTRACE_ATTACH permissions in terms of ptrace access mode check 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk ace93363fb ptrace.2: Document ptrace access modes 
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Jann Horn <jann@thejh.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:28 +02:00
Michael Kerrisk fec74bb1aa ptrace.2: srcfix: add info about PTRACE_SEIZE 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-03-28 17:38:04 +13:00
Michael Kerrisk 1a3c3468bd ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-01-08 17:24:58 +01:00
Jakub Wilk 851eae74ca ptrace.2: tfix 
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-01-08 17:24:20 +01:00
Michael Kerrisk 6f3c74a8b9 mremap.2, open.2, perf_event_open.2, prctl.2, ptrace.2, reboot.2, seccomp.2, signalfd.2, syscalls.2, __ppc_set_ppr_med.3, daemon.3, dirfd.3, fgetgrent.3, fgetpwent.3, getauxval.3, getspnam.3, mallinfo.3, mallopt.3, posix_fallocate.3, termios.3, tty_ioctl.4, core.5, nsswitch.conf.5, proc.5, aio.7, capabilities.7, path_resolution.7, pipe.7, rtld-audit.7, signal.7, tcp.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-12-05 10:46:28 +01:00
Namhyung Kim cc3407d12d ptrace.2: tfix 
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-12-02 17:13:38 +01:00
Michael Kerrisk a47c1f4449 ptrace.2: srcfix: FIXME 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-09 15:09:22 +02:00
Michael Kerrisk d901e32568 ptrace.2: SEE ALSO: add prctl(2) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-08 13:01:33 +01:00
Michael Kerrisk 4978c60601 ptrace.2: Document /proc/sys/kernel/yama/ptrace_scope 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-08 13:01:33 +01:00
Michael Kerrisk b405de5281 ptrace.2: Note that PTRACE_ATTACH cannot be applied to nondumpable processes 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-10-08 13:01:33 +01:00
Michael Kerrisk b4b436adfb ptrace.2: Minor tweaks to Tycho's patch 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-09-11 14:00:59 +02:00
Tycho Andersen e3cfeba2ff ptrace.2: Document PTRACE_O_SUSPEND_SECCOMP flag 
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Kees Cook <keescook@chromium.org>
CC: Andy Lutomirski <luto@amacapital.net>
CC: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-09-11 14:00:31 +02:00
Michael Kerrisk 5722c835ab intro.1, locale.1, _exit.2, access.2, bpf.2, brk.2, capget.2, chmod.2, chroot.2, clock_getres.2, clone.2, eventfd.2, fallocate.2, fork.2, getgroups.2, gethostname.2, getpid.2, getpriority.2, getrlimit.2, getrusage.2, gettid.2, iopl.2, ioprio_set.2, killpg.2, mlock.2, mprotect.2, perf_event_open.2, poll.2, posix_fadvise.2, pread.2, ptrace.2, read.2, readv.2, recv.2, rename.2, sched_setaffinity.2, sched_setattr.2, seccomp.2, select.2, send.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaltstack.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, stat.2, timer_create.2, uname.2, utimensat.2, wait.2, wait4.2, write.2, MB_LEN_MAX.3, __ppc_get_timebase.3, clearenv.3, dl_iterate_phdr.3, error.3, fexecve.3, fpurge.3, fread.3, fts.3, getaddrinfo.3, getaddrinfo_a.3, getauxval.3, getgrent_r.3, gethostbyname.3, getifaddrs.3, getnameinfo.3, getnetent_r.3, getprotoent.3, getprotoent_r.3, getpw.3, getpwent_r.3, getrpcent.3, getrpcent_r.3, getrpcport.3, getservent.3, getservent_r.3, gsignal.3, key_setsecret.3, malloc_get_state.3, malloc_info.3, malloc_stats.3, malloc_trim.3, memcpy.3, mq_notify.3, mq_open.3, perror.3, profil.3, psignal.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_create.3, pthread_detach.3, pthread_getattr_np.3, pthread_join.3, pthread_setname_np.3, pthread_tryjoin_np.3, putgrent.3, rcmd.3, rpc.3, rpmatch.3, sem_close.3, sem_open.3, setaliasent.3, shm_open.3, sigqueue.3, strfmon.3, xcrypt.3, xdr.3, console_codes.4, null.4, core.5, host.conf.5, hosts.equiv.5, locale.5, repertoiremap.5, locale.7, man-pages.7, pty.7, rtld-audit.7, sched.7, vdso.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-07-23 16:12:28 +02:00
Michael Kerrisk 55bd9495b2 ptrace.2: PTRACE_O_TRACEEXIT clarification 
Reported-by: Vegard Nossum <vegard.nossum@oracle.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-05-12 12:43:48 +02:00
Michael Kerrisk 0722a578ed _exit.2, access.2, brk.2, chmod.2, clone.2, epoll_wait.2, eventfd.2, fork.2, getgroups.2, gethostname.2, getpid.2, getpriority.2, killpg.2, mmap.2, poll.2, posix_fadvise.2, pread.2, ptrace.2, readv.2, sched_setaffinity.2, select.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaction.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, stat.2, timer_create.2, uname.2, wait.2, wait4.2, mq_notify.3, mq_open.3, sigqueue.3, man-pages.7: Remove "ABI" from "C library/kernel ABI differences" subheadings 
The "ABI" doesn't really convey anything significant in
the title. These subsections are about describing differences
between the kernel and (g)libc interfaces.

Reported-by: Andries E. Brouwer <Andries.Brouwer@cwi.nl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-05-08 13:10:04 +02:00
Michael Kerrisk 94e66ffdb0 ptrace.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-05-04 13:08:24 +02:00
Michael Kerrisk 6d322d5fc7 time.1, access.2, arch_prctl.2, cacheflush.2, capget.2, clone.2, execve.2, fcntl.2, fork.2, getpid.2, getxattr.2, ioctl.2, ioctl_fat.2, killpg.2, listxattr.2, madvise.2, migrate_pages.2, modify_ldt.2, mprotect.2, msgget.2, msgop.2, perf_event_open.2, ptrace.2, sched_setattr.2, semget.2, semop.2, sendfile.2, set_thread_area.2, setxattr.2, stat.2, statfs.2, wait.2, wait4.2, encrypt.3, mktemp.3, pthread_attr_setschedparam.3, resolver.3, statvfs.3, syslog.3, tzset.3, core.5, host.conf.5, intro.5, proc.5, resolv.conf.5, pthreads.7, socket.7, unix.7, ld.so.8, ldconfig.8: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-02-21 09:26:52 +01:00
Michael Kerrisk 53cdec414b ptrace.2: Minor tweaks to Denys Vlasenko's patch 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-02-21 08:32:12 +01:00
Denys Vlasenko 28e2ca574f ptrace.2: Add information on PTRACE_SEIZE versus PTRACE_ATTACH differences 
Extend description of PTRACE_SEIZE with the short summary of its
differences from PTRACE_ATTACH.

The following paragraph:

PTRACE_EVENT_STOP
       Stop induced by PTRACE_INTERRUPT command, or group-stop, or ini-
       tial  ptrace-stop when a new child is attached (only if attached
       using PTRACE_SEIZE), or PTRACE_EVENT_STOP if PTRACE_SEIZE was used.

has an editing error (the part after last comma makes no sense).
Removing it.

Mention that legacy post-execve SIGTRAP is disabled by PTRACE_SEIZE.

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-02-21 08:32:12 +01:00
James Hunt 674f11ecbc ptrace.2: Explain behaviour should ptrace tracer call execve(2) 
This behaviour was verified by reading the kernel source and
confirming the behaviour using a test program.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-02-21 08:32:11 +01:00
Michael Kerrisk 8392a3b33f _exit.2, dup.2, execve.2, execveat.2, fallocate.2, fcntl.2, get_robust_list.2, getrlimit.2, mbind.2, memfd_create.2, mmap.2, open.2, ptrace.2, readv.2, select.2, sigaction.2, syscall.2, syscalls.2, truncate.2, utimensat.2, write.2, errno.3, exec.3, fclose.3, fexecve.3, fmemopen.3, fopencookie.3, getgrent_r.3, getline.3, getmntent.3, getpw.3, getpwent_r.3, getspnam.3, malloc_info.3, posix_fallocate.3, putgrent.3, shm_open.3, locale.5, proc.5: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-01-22 23:29:25 +01:00
Michael Kerrisk 81c5080b1b ptrace.2: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-01-18 12:14:48 +01:00
Kees Cook 3b4a59c4b5 ptrace.2, sigaction.2, seccomp.2: Ptrace and siginfo details 
While writing some additional seccomp tests, I realized
PTRACE_EVENT_SECCOMP wasn't documented yet. Fixed this, and added
additional notes related to ptrace events SIGTRAP details.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-01-18 12:04:32 +01:00
Michael Kerrisk e890609356 capget.2, ptrace.2, vhangup.2, wait.2, ttyslot.3, console.4, proc.5, utmp.5, boot.7: tfix: page xrefs for init 2014-10-03 08:47:03 +02:00
Michael Kerrisk bea08fec7e adjtimex.2, bind.2, cacheflush.2, clone.2, fallocate.2, fanotify_init.2, fanotify_mark.2, flock.2, futex.2, getdents.2, getpriority.2, getrlimit.2, gettid.2, gettimeofday.2, ioprio_set.2, kexec_load.2, migrate_pages.2, modify_ldt.2, mount.2, move_pages.2, mprotect.2, msgop.2, nfsservctl.2, perf_event_open.2, pread.2, ptrace.2, recvmmsg.2, rename.2, restart_syscall.2, sched_setattr.2, send.2, shmop.2, shutdown.2, sigaction.2, signalfd.2, syscalls.2, timer_create.2, timerfd_create.2, tkill.2, vmsplice.2, wait.2, aio_init.3, confstr.3, exit.3, fmemopen.3, fopen.3, getaddrinfo.3, getauxval.3, getspnam.3, isalpha.3, isatty.3, mallinfo.3, malloc.3, mallopt.3, psignal.3, pthread_attr_setinheritsched.3, qecvt.3, queue.3, rtnetlink.3, strerror.3, strftime.3, toupper.3, towlower.3, towupper.3, initrd.4, locale.5, proc.5, bootparam.7, capabilities.7, ddp.7, fanotify.7, icmp.7, inotify.7, ip.7, ipv6.7, netdevice.7, netlink.7, path_resolution.7, rtld-audit.7, rtnetlink.7, sched.7, signal.7, socket.7, svipc.7, tcp.7, unix.7, ld.so.8: srcfix: Update FIXMEs 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-08-21 16:47:44 -05:00
Michael Kerrisk 8980a50087 access.2, bdflush.2, bind.2, brk.2, chmod.2, chown.2, clone.2, epoll_wait.2, execve.2, fsync.2, getgroups.2, gethostname.2, getpagesize.2, getpriority.2, getrlimit.2, ioperm.2, kexec_load.2, link.2, mkdir.2, mmap.2, msgop.2, perf_event_open.2, process_vm_readv.2, ptrace.2, readlink.2, readv.2, recv.2, rename.2, sched_setaffinity.2, select.2, send.2, seteuid.2, signal.2, sigwaitinfo.2, stat.2, symlink.2, sync.2, sync_file_range.2, sysinfo.2, timer_create.2, uname.2, unlink.2, utime.2, wait.2, abs.3, atoi.3, catopen.3, cerf.3, cexp2.3, clearenv.3, clog2.3, ctime.3, des_crypt.3, ecvt.3, fgetgrent.3, flockfile.3, fseeko.3, ftime.3, ftok.3, ftw.3, getauxval.3, getcwd.3, getdtablesize.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, getline.3, getpass.3, getutent.3, glob.3, insque.3, lseek64.3, memmem.3, mkstemp.3, mktemp.3, on_exit.3, openpty.3, putenv.3, qecvt.3, realpath.3, remove.3, setbuf.3, sigpause.3, strftime.3, strptime.3, strstr.3, strtod.3, tzset.3, updwtmp.3, xcrypt.3, core.5, utmp.5, capabilities.7, charsets.7, environ.7, ipv6.7, man-pages.7, packet.7, vdso.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-08-19 11:55:41 -05:00
Michael Kerrisk 53a99749df ptrace.2: NOTES: add "C library/kernel ABI differences" subheading 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-08-18 17:01:47 -05:00
Michael Kerrisk 177660fae0 ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-05-19 10:10:03 +02:00
Michael Kerrisk 07318a59d6 ptrace.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-05-15 14:20:26 +02:00
Michael Kerrisk 15d33661c7 ptrace.2: grfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-03-26 07:33:17 +01:00
Michael Kerrisk 92692952b1 Removed trailing white space at end of lines 2014-02-26 18:29:50 +01:00
Michael Kerrisk 051ec121f0 ptrace.2: Make it clearer that glibc and syscall APIs differ for PTRACE_PEEK* 
Thanks to Denys Vlasenko's additions in 78686915ae
this page does note that the glibc API for PTRACE_PEEK*
differs from the raw syscall interface. But, as the report
at https://bugzilla.kernel.org/show_bug.cgi?id=70801 shows,
this information could be more obvious. This patch makes its so.

Reported-by: Andrew Hunter <ahh@google.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-02-19 11:41:33 +01:00
Michael Kerrisk 36f5dd10ba ptrace.2: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-02-19 10:34:42 +01:00
Michael Kerrisk a71b27f8bb ptrace.2: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-02-19 09:24:51 +01:00
Michael Kerrisk a797afac4e fcntl.2, msgget.2, ptrace.2, request_key.2, shmget.2, sigaction.2, syscalls.2, dbopen.3, euidaccess.3, getgrnam.3, getpwnam.3, strfmon.3, strtol.3, strtoul.3, cciss.4, hpsa.4, mouse.4, termcap.5, charsets.7, iso_8859-16.7, iso_8859-2.7, koi8-r.7, unicode.7, utf-8.7: Use Oxford comma 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-02-05 16:09:11 +01:00