Michael Kerrisk
8cc4d07100
Removed trailing white space at end of lines
2015-07-23 16:15:22 +02:00
Michael Kerrisk
5722c835ab
intro.1, locale.1, _exit.2, access.2, bpf.2, brk.2, capget.2, chmod.2, chroot.2, clock_getres.2, clone.2, eventfd.2, fallocate.2, fork.2, getgroups.2, gethostname.2, getpid.2, getpriority.2, getrlimit.2, getrusage.2, gettid.2, iopl.2, ioprio_set.2, killpg.2, mlock.2, mprotect.2, perf_event_open.2, poll.2, posix_fadvise.2, pread.2, ptrace.2, read.2, readv.2, recv.2, rename.2, sched_setaffinity.2, sched_setattr.2, seccomp.2, select.2, send.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaltstack.2, signalfd.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, stat.2, timer_create.2, uname.2, utimensat.2, wait.2, wait4.2, write.2, MB_LEN_MAX.3, __ppc_get_timebase.3, clearenv.3, dl_iterate_phdr.3, error.3, fexecve.3, fpurge.3, fread.3, fts.3, getaddrinfo.3, getaddrinfo_a.3, getauxval.3, getgrent_r.3, gethostbyname.3, getifaddrs.3, getnameinfo.3, getnetent_r.3, getprotoent.3, getprotoent_r.3, getpw.3, getpwent_r.3, getrpcent.3, getrpcent_r.3, getrpcport.3, getservent.3, getservent_r.3, gsignal.3, key_setsecret.3, malloc_get_state.3, malloc_info.3, malloc_stats.3, malloc_trim.3, memcpy.3, mq_notify.3, mq_open.3, perror.3, profil.3, psignal.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_create.3, pthread_detach.3, pthread_getattr_np.3, pthread_join.3, pthread_setname_np.3, pthread_tryjoin_np.3, putgrent.3, rcmd.3, rpc.3, rpmatch.3, sem_close.3, sem_open.3, setaliasent.3, shm_open.3, sigqueue.3, strfmon.3, xcrypt.3, xdr.3, console_codes.4, null.4, core.5, host.conf.5, hosts.equiv.5, locale.5, repertoiremap.5, locale.7, man-pages.7, pty.7, rtld-audit.7, sched.7, vdso.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-07-23 16:12:28 +02:00
Michael Kerrisk
00eaa6aaae
seccomp.2: SEE ALSO: add bpf(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-07-23 15:37:27 +02:00
Michael Kerrisk
fe56ce1c5f
seccomp.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-07-13 14:06:24 +02:00
Michael Kerrisk
3c5ab7703e
seccomp.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-07-03 12:40:48 +02:00
Michael Kerrisk
85fbef7408
prctl.2, seccomp.2: Clarify that SECCOMP_SET_MODE_STRICT disallows exit_group(2)
...
These days, glibc implements _exit() as a wrapper around
exit_group(2). (When seccomp was originally introduced, this was
not the case.) Give the reader a clue that, despite what glibc is
doing, what SECCOMP_SET_MODE_STRICT permits is the true _exit(2)
system call, and not exit_group(2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-07-03 12:40:16 +02:00
Michael Kerrisk
7a79bb301a
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-06-30 13:29:23 +02:00
Michael Kerrisk
e9855ef2f7
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-06-30 13:29:00 +02:00
Michael Kerrisk
65cfc71220
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-06-30 13:28:10 +02:00
Michael Kerrisk
ef5a2800f7
seccomp.2: srcfix
...
Reported-by: Sam Varshavchik <mrsam@courier-mta.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-05-08 16:13:42 +02:00
Michael Kerrisk
1a7e5113c6
seccomp.2: Note that seccomp_data is read-only
...
Reported-by: Pierre Chifflier <pollux@debian.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-04-19 09:33:38 +02:00
Michael Kerrisk
0582770c52
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-04-11 08:46:26 +02:00
Michael Kerrisk
1e64c86bbf
intro.1, ldd.1, clone.2, getgroups.2, getpid.2, getsockopt.2, ioctl_list.2, msgop.2, open.2, seccomp.2, setgid.2, setresuid.2, setreuid.2, setuid.2, sigaction.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, syscall.2, syscalls.2, umount.2, clock.3, dlopen.3, fmemopen.3, fpathconf.3, fputwc.3, fputws.3, fseek.3, fseeko.3, gcvt.3, getline.3, getwchar.3, hypot.3, if_nameindex.3, initgroups.3, popen.3, resolver.3, strcoll.3, strdup.3, tzset.3, ulimit.3, wcstombs.3, wctob.3, xdr.3, console_codes.4, random.4, filesystems.5, host.conf.5, hosts.5, proc.5, resolv.conf.5, securetty.5, credentials.7, feature_test_macros.7, hier.7, ipv6.7, packet.7, pthreads.7, raw.7, signal.7, tcp.7, user_namespaces.7, ld.so.8, ldconfig.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-29 22:30:09 +02:00
Michael Kerrisk
37daa840af
seccomp.2: Minor edits to Jann Horn's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-29 18:09:56 +02:00
Jann Horn
b44088b44f
seccomp.2: Explain blacklisting problems, expand example
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-29 17:52:09 +02:00
Michael Kerrisk
65be1b46fb
seccomp.2: Minor fixes to Jann Horn's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-22 20:25:10 +01:00
Jann Horn
bec56ee2bb
seccomp.2: Add note about alarm(2) not being sufficient to limit runtime
...
On Wed, Mar 11, 2015 at 10:43:50PM +0100, Mikael Pettersson wrote:
> Jann Horn writes:
> > Or should I throw this patch away and write a patch
> > for the prctl() manpage instead that documents that
> > being able to call sigreturn() implies being able to
> > effectively call sigprocmask(), at least on some
> > architectures like X86?
>
> Well, that is the semantics of sigreturn(). It is essentially
> setcontext() [which includes the actions of sigprocmask()], but
> with restrictions on parameter placement (at least on x86).
>
> You could introduce some setting to restrict that aspect for
> seccomp processes, but you can't change this for normal processes
> without breaking things.
Then I think it's probably better and easier to just document the
existing behavior? If a new setting would have to be introduced
and developers would need to be aware of that, it's probably
easier to just tell everyone to use SIGKILL.
Acked-by: Kees Cook <keescook@chromium.org>
Acked-by: Mikael Pettersson <mikpelinux@gmail.com>
Acked-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-22 20:25:03 +01:00
Michael Kerrisk
aea38298b3
seccomp.2: Add mention of libseccomp
...
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-15 09:51:44 +01:00
Michael Kerrisk
71bb61ecf6
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-03-10 10:47:22 +01:00
Kees Cook
3b4a59c4b5
ptrace.2, sigaction.2, seccomp.2: Ptrace and siginfo details
...
While writing some additional seccomp tests, I realized
PTRACE_EVENT_SECCOMP wasn't documented yet. Fixed this, and added
additional notes related to ptrace events SIGTRAP details.
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-18 12:04:32 +01:00
Michael Kerrisk
dff539545a
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 07:55:21 +01:00
Michael Kerrisk
1ac80024c9
perf_event_open.2, seccomp.2, setns.2, shmget.2, memchr.3, pthread_tryjoin_np.3, strstr.3, random.4, epoll.7, netlink.7, pid_namespaces.7, tcp.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 16:05:01 +01:00
Michael Kerrisk
5ac5e03b0d
seccomp.2: srcfix: Remove a FIXME
...
Quoting Daniel's response to my FIXME
> Still hoping to hear from Will Drewy regarding this FIXME in the
> page source:
>
> .\" FIXME What is the significance of the line
> .\" ftest->code = BPF_LDX | BPF_W | BPF_ABS;
> .\" in kernel/seccomp.c::seccomp_check_filter()?
This came in from our rework via commit bd4cf0ed331a ("net: filter:
rework/optimize internal BPF interpreter's instruction set"), and
is kernel-internal only, and unused in classic BPF. It translates
into A = *(u32 *) (ctx + K) and will basically load an offset from
the populated seccomp_data (= ctx) to A. For the man-page itself
it has therefore no relevance, hope that clarifies it.
Reviewed-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
a79566fba6
seccomp.2: wfix
...
Revert a wording change, as suggested by Kees Cook.
Reported-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
1367a60afb
seccomp.2: A process's seccomp mode is viewable via /proc/PID/status "Seccomp"
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
068653012c
seccomp.2: Changes after review feedback by Kees Cook
...
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
36931cfc80
seccomp.2: srcfx: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
ef05ec712f
seccomp.2: Minor fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
699996321d
seccomp.2: Tweak an argument name
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
6426723630
seccomp.2: EXAMPLE: Expand comments in the BPF program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
86ae10e3bd
seccomp.2: Rename arguments inside example program
...
Rename the arguments to install_filter() to improve readability
a little and to remove a little ambiguity. In particular, rename
'arch' to 't_arch' so that it does not get confused with the
seccomp_data field of the same name.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
cecc8c48ba
seccomp.2: Add subsection on seccomp-specific BPF details
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
93b9a9eeff
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
882cf566d8
seccomp.2: ERRORS: add an EINVAL case
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
043ed1c6d3
seccomp.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
0c2e01b788
seccomp.2: Rework discussion of 'seccomp_data' buffer
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
e28e21fea0
seccomp.2: SEE ALSO: add Documentation/prctl/seccomp_filter.txt
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
f74fd424c1
seccomp.2: Add reference to original Usenix BPF paper
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
65a1328c75
seccomp.2: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
5b95c4aba5
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
a0a0c98bdc
seccomp.2: Mention <linux/audit.h>
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
43b265ff16
seccomp.2: wfix for EFAULT error
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
0e27eb0cd4
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
3edfdb10b2
seccomp.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
30d8060bd7
seccomp.2: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:10 +01:00
Michael Kerrisk
76db415686
seccomp.2: Minor tweak to wording of ENOSYS error
2015-01-10 09:38:09 +01:00
Michael Kerrisk
cf690e13ff
seccomp.2: Rework discussion of 'siginfo_t' fields
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
Michael Kerrisk
41bf4e32e0
seccomp.2: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
Michael Kerrisk
db99c0648c
seccomp.2: Add reference to sigaction(2) under SECCOMP_RET_TRAP discussion
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00
Michael Kerrisk
1da13d158d
seccomp.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 09:38:09 +01:00