diff options
Diffstat (limited to 'po/ru/man2/memfd_secret.2.po')
| -rw-r--r-- | po/ru/man2/memfd_secret.2.po | 493 |
1 files changed, 493 insertions, 0 deletions
diff --git a/po/ru/man2/memfd_secret.2.po b/po/ru/man2/memfd_secret.2.po new file mode 100644 index 00000000..48b52ec0 --- /dev/null +++ b/po/ru/man2/memfd_secret.2.po @@ -0,0 +1,493 @@ +# Russian translation of manpages +# This file is distributed under the same license as the manpages-l10n package. +# Copyright © of this file: +# aereiae <aereiae@gmail.com>, 2014. +# Alexey <a.chepugov@gmail.com>, 2015. +# Azamat Hackimov <azamat.hackimov@gmail.com>, 2013-2017. +# Dmitriy S. Seregin <dseregin@59.ru>, 2013. +# Dmitry Bolkhovskikh <d20052005@yandex.ru>, 2017. +# ITriskTI <ITriskTI@gmail.com>, 2013. +# Max Is <ismax799@gmail.com>, 2016. +# Yuri Kozlov <yuray@komyakino.ru>, 2011-2019. +# Иван Павлов <pavia00@gmail.com>, 2017. +# Малянов Евгений Викторович <maljanow@outlook.com>, 2014. +msgid "" +msgstr "" +"Project-Id-Version: manpages-l10n\n" +"POT-Creation-Date: 2024-03-01 17:01+0100\n" +"PO-Revision-Date: 2019-10-06 08:59+0300\n" +"Last-Translator: Yuri Kozlov <yuray@komyakino.ru>\n" +"Language-Team: Russian <man-pages-ru-talks@lists.sourceforge.net>\n" +"Language: ru\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && " +"n%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || " +"(n%100>=11 && n%100<=14)? 2 : 3);\n" +"X-Generator: Lokalize 2.0\n" + +#. type: TH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "memfd_secret" +msgstr "memfd_secret" + +#. type: TH +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "2023-10-31" +msgstr "31 октября 2023 г." + +#. type: TH +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Linux man-pages 6.06" +msgstr "Linux man-pages 6.06" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "NAME" +msgstr "ИМЯ" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, fuzzy +#| msgid "memfd_create - create an anonymous file" +msgid "" +"memfd_secret - create an anonymous RAM-based file to access secret memory " +"regions" +msgstr "memfd_create - создаёт анонимный файл" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "LIBRARY" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "Standard C library (I<libc>, I<-lc>)" +msgstr "" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "SYNOPSIS" +msgstr "СИНТАКСИС" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "" +"B<#include E<lt>sys/syscall.hE<gt>> /* Definition of B<SYS_*> constants */\n" +"B<#include E<lt>unistd.hE<gt>>\n" +msgstr "" +"B<#include E<lt>sys/syscall.hE<gt>> /* определения констант B<SYS_*> */\n" +"B<#include E<lt>unistd.hE<gt>>\n" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "B<int syscall(SYS_memfd_secret, unsigned int >I<flags>B<);>\n" +msgstr "B<int syscall(SYS_memfd_secret, unsigned int >I<flags>B<);>\n" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"I<Note>: glibc provides no wrapper for B<memfd_secret>(), necessitating the " +"use of B<syscall>(2)." +msgstr "" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "DESCRIPTION" +msgstr "ОПИСАНИЕ" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"B<memfd_secret>() creates an anonymous RAM-based file and returns a file " +"descriptor that refers to it. The file provides a way to create and access " +"memory regions with stronger protection than usual RAM-based files and " +"anonymous memory mappings. Once all open references to the file are closed, " +"it is automatically released. The initial size of the file is set to 0. " +"Following the call, the file size should be set using B<ftruncate>(2)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The memory areas backing the file created with B<memfd_secret>(2) are " +"visible only to the processes that have access to the file descriptor. The " +"memory region is removed from the kernel page tables and only the page " +"tables of the processes holding the file descriptor map the corresponding " +"physical memory. (Thus, the pages in the region can't be accessed by the " +"kernel itself, so that, for example, pointers to the region can't be passed " +"to system calls.)" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The following values may be bitwise ORed in I<flags> to control the behavior " +"of B<memfd_secret>():" +msgstr "" +"Для изменения поведения B<memfd_secret>() можно использовать следующие " +"значения I<flags> (через OR):" + +#. type: TP +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "B<FD_CLOEXEC>" +msgstr "B<FD_CLOEXEC>" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, fuzzy +#| msgid "" +#| "Set the close-on-exec (B<FD_CLOEXEC>) flag on the new file descriptor. " +#| "See the description of the B<O_CLOEXEC> flag in B<open>(2) for reasons " +#| "why this may be useful." +msgid "" +"Set the close-on-exec flag on the new file descriptor, which causes the " +"region to be removed from the process on B<execve>(2). See the description " +"of the B<O_CLOEXEC> flag in B<open>(2)" +msgstr "" +"Устанавливает флаг close-on-exec (B<FD_CLOEXEC>) для нового открытого " +"файлового дескриптора. Смотрите описание флага B<O_CLOEXEC> в B<open>(2) для " +"того, чтобы узнать как это может пригодиться." + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, fuzzy +#| msgid "" +#| "As its return value, B<memfd_create>() returns a new file descriptor " +#| "that can be used to refer to the file. This file descriptor is opened " +#| "for both reading and writing (B<O_RDWR>) and B<O_LARGEFILE> is set for " +#| "the file descriptor." +msgid "" +"As its return value, B<memfd_secret>() returns a new file descriptor that " +"refers to an anonymous file. This file descriptor is opened for both " +"reading and writing (B<O_RDWR>) and B<O_LARGEFILE> is set for the file " +"descriptor." +msgstr "" +"В качестве возвращаемого значения B<memfd_create>() возвращает новый " +"файловый дескриптор, который можно использовать для обращения к файлу. " +"Данный файловый дескриптор открыт на чтение и запись (B<O_RDWR>) и в " +"файловом дескрипторе установлен флаг B<O_LARGEFILE>." + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"With respect to B<fork>(2) and B<execve>(2), the usual semantics apply for " +"the file descriptor created by B<memfd_secret>(). A copy of the file " +"descriptor is inherited by the child produced by B<fork>(2) and refers to " +"the same file. The file descriptor is preserved across B<execve>(2), unless " +"the close-on-exec flag has been set." +msgstr "" +"При вызове B<fork>(2) и B<execve>(2) с файловым дескриптором, созданным " +"B<memfd_secret>(), применяется обычная семантика. Копия файлового " +"дескриптора наследуется потомком, созданным B<fork>(2), указывает на тот же " +"файл. Файловый дескриптор сохраняется при после B<execve>(2), если не " +"установлен флаг close-on-exec." + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The memory region is locked into memory in the same way as with B<mlock>(2), " +"so that it will never be written into swap, and hibernation is inhibited for " +"as long as any B<memfd_secret>() descriptions exist. However the " +"implementation of B<memfd_secret>() will not try to populate the whole " +"range during the B<mmap>(2) call that attaches the region into the " +"process's address space; instead, the pages are only actually allocated as " +"they are faulted in. The amount of memory allowed for memory mappings of " +"the file descriptor obeys the same rules as B<mlock>(2) and cannot exceed " +"B<RLIMIT_MEMLOCK>." +msgstr "" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "RETURN VALUE" +msgstr "ВОЗВРАЩАЕМОЕ ЗНАЧЕНИЕ" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"On success, B<memfd_secret>() returns a new file descriptor. On error, -1 " +"is returned and I<errno> is set to indicate the error." +msgstr "" +"При успешном выполнении B<memfd_secret>() возвращает новый файловый " +"дескриптор. При ошибке возвращается -1, и I<errno> устанавливается в " +"соответствующее значение." + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "ERRORS" +msgstr "ОШИБКИ" + +#. type: TP +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "B<EINVAL>" +msgstr "B<EINVAL>" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "I<flags> included unknown bits." +msgstr "В I<flags> указаны неизвестные биты." + +#. type: TP +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "B<EMFILE>" +msgstr "B<EMFILE>" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The per-process limit on the number of open file descriptors has been " +"reached." +msgstr "" +"Было достигнуто ограничение по количеству открытых файловых дескрипторов на " +"процесс." + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The system-wide limit on the total number of open files has been reached." +msgstr "Достигнуто максимальное количество открытых файлов в системе." + +#. type: TP +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "B<ENOMEM>" +msgstr "B<ENOMEM>" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "There was insufficient memory to create a new anonymous file." +msgstr "Недостаточно памяти для создания нового анонимного файла." + +#. type: TP +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "B<ENOSYS>" +msgstr "B<ENOSYS>" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"B<memfd_secret>() is not implemented on this architecture, or has not been " +"enabled on the kernel command-line with B<secretmem_enable>=1." +msgstr "" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "STANDARDS" +msgstr "СТАНДАРТЫ" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-leap-15-6 opensuse-tumbleweed +msgid "Linux." +msgstr "Linux." + +#. type: SH +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "HISTORY" +msgstr "ИСТОРИЯ" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-leap-15-6 opensuse-tumbleweed +msgid "Linux 5.14." +msgstr "" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "NOTES" +msgstr "ЗАМЕЧАНИЯ" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The B<memfd_secret>() system call is designed to allow a user-space process " +"to create a range of memory that is inaccessible to anybody else - kernel " +"included. There is no 100% guarantee that kernel won't be able to access " +"memory ranges backed by B<memfd_secret>() in any circumstances, but " +"nevertheless, it is much harder to exfiltrate data from these regions." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "B<memfd_secret>() provides the following protections:" +msgstr "" + +#. type: IP +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "\\[bu]" +msgstr "\\[bu]" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"Enhanced protection (in conjunction with all the other in-kernel attack " +"prevention systems) against ROP attacks. Absence of any in-kernel " +"primitive for accessing memory backed by B<memfd_secret>() means that one-" +"gadget ROP attack can't work to perform data exfiltration. The attacker " +"would need to find enough ROP gadgets to reconstruct the missing page table " +"entries, which significantly increases difficulty of the attack, especially " +"when other protections like the kernel stack size limit and address space " +"layout randomization are in place." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"Prevent cross-process user-space memory exposures. Once a region for a " +"B<memfd_secret>() memory mapping is allocated, the user can't accidentally " +"pass it into the kernel to be transmitted somewhere. The memory pages in " +"this region cannot be accessed via the direct map and they are disallowed in " +"get_user_pages." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"Harden against exploited kernel flaws. In order to access memory areas " +"backed by B<memfd_secret>(), a kernel-side attack would need to either walk " +"the page tables and create new ones, or spawn a new privileged user-space " +"process to perform secrets exfiltration using B<ptrace>(2)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"The way B<memfd_secret>() allocates and locks the memory may impact overall " +"system performance, therefore the system call is disabled by default and " +"only available if the system administrator turned it on using \"secretmem." +"enable=y\" kernel parameter." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"To prevent potential data leaks of memory regions backed by " +"B<memfd_secret>() from a hybernation image, hybernation is prevented when " +"there are active B<memfd_secret>() users." +msgstr "" + +#. type: SH +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "SEE ALSO" +msgstr "СМ. ТАКЖЕ" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-leap-15-6 opensuse-tumbleweed +msgid "" +"B<fcntl>(2), B<ftruncate>(2), B<mlock>(2), B<memfd_create>(2), B<mmap>(2), " +"B<setrlimit>(2)" +msgstr "" +"B<fcntl>(2), B<ftruncate>(2), B<mlock>(2), B<memfd_create>(2), B<mmap>(2), " +"B<setrlimit>(2)" + +#. type: TH +#: debian-bookworm +#, no-wrap +msgid "2023-02-05" +msgstr "5 февраля 2023 г." + +#. type: TH +#: debian-bookworm +#, no-wrap +msgid "Linux man-pages 6.03" +msgstr "Linux man-pages 6.03" + +#. type: SH +#: debian-bookworm +#, no-wrap +msgid "VERSIONS" +msgstr "ВЕРСИИ" + +#. type: Plain text +#: debian-bookworm +#, fuzzy +#| msgid "This system call first appeared in Linux 2.6.10." +msgid "The B<memfd_secret>() system call first appeared in Linux 5.14." +msgstr "Этот системный вызов впервые появился в Linux 2.6.10." + +#. type: Plain text +#: debian-bookworm +msgid "The B<memfd_secret>() system call is Linux-specific." +msgstr "Системный вызов B<memfd_secret>() есть только в Linux." + +#. type: TH +#: debian-unstable opensuse-leap-15-6 opensuse-tumbleweed +#, no-wrap +msgid "2023-03-30" +msgstr "30 марта 2023 г." + +#. type: TH +#: debian-unstable opensuse-tumbleweed +#, no-wrap +msgid "Linux man-pages 6.05.01" +msgstr "Linux man-pages 6.05.01" + +#. type: TH +#: opensuse-leap-15-6 +#, no-wrap +msgid "Linux man-pages 6.04" +msgstr "Linux man-pages 6.04" |