summaryrefslogtreecommitdiffstats
path: root/upstream/debian-unstable/man2/prctl.2
diff options
context:
space:
mode:
Diffstat (limited to 'upstream/debian-unstable/man2/prctl.2')
-rw-r--r--upstream/debian-unstable/man2/prctl.2141
1 files changed, 87 insertions, 54 deletions
diff --git a/upstream/debian-unstable/man2/prctl.2 b/upstream/debian-unstable/man2/prctl.2
index a592bba7..ce3b3c8b 100644
--- a/upstream/debian-unstable/man2/prctl.2
+++ b/upstream/debian-unstable/man2/prctl.2
@@ -36,7 +36,7 @@
.\" 2014-11-10 Dave Hansen, document PR_MPX_{EN,DIS}ABLE_MANAGEMENT
.\"
.\"
-.TH prctl 2 2023-07-28 "Linux man-pages 6.05.01"
+.TH prctl 2 2024-05-02 "Linux man-pages 6.8"
.SH NAME
prctl \- operations on a process or thread
.SH LIBRARY
@@ -45,8 +45,8 @@ Standard C library
.SH SYNOPSIS
.nf
.B #include <sys/prctl.h>
-.PP
-.BI "int prctl(int " option ", ..."
+.P
+.BI "int prctl(int " op ", ..."
.BI " \fR/*\fP unsigned long " arg2 ", unsigned long " arg3 ,
.BI " unsigned long " arg4 ", unsigned long " arg5 " \fR*/\fP );"
.fi
@@ -54,12 +54,12 @@ Standard C library
.BR prctl ()
manipulates various aspects of the behavior
of the calling thread or process.
-.PP
+.P
Note that careless use of some
.BR prctl ()
operations can confuse the user-space run-time environment,
so these operations should be used with care.
-.PP
+.P
.BR prctl ()
is called with a first argument describing what to do
(with values defined in \fI<linux/prctl.h>\fP), and further
@@ -379,7 +379,7 @@ can operate only when this bit is
Applications that use the O32 FPXX ABI can operate with either
.B FR=0
or
-.B FR=1 .
+.BR FR=1 .
.TP
.B PR_FP_MODE_FRE
Enable emulation of 32-bit floating-point mode.
@@ -414,7 +414,7 @@ so FPU emulation is not required and the FPU always operates in
.B FR=1
mode.
.IP
-This option is mainly intended for use by the dynamic linker
+This operation is mainly intended for use by the dynamic linker
.RB ( ld.so (8)).
.IP
The arguments
@@ -674,7 +674,7 @@ value.
The requirements for the address are the same as for the
.B PR_SET_MM_START_BRK
option.
-.PP
+.P
The following options are available since Linux 3.5.
.\" commit fe8c7f5cbf91124987106faa3bdf0c8b955c4cf7
.TP
@@ -741,7 +741,7 @@ This restriction was enforced for security reasons that were subsequently
deemed specious,
and the restriction was removed in Linux 4.10 because some
user-space applications needed to perform this operation more than once.
-.PP
+.P
The following options are available since Linux 3.18.
.\" commit f606b77f1a9e362451aca8f81d8f36a3a112139e
.TP
@@ -806,7 +806,9 @@ except \[aq][\[aq], \[aq]]\[aq], \[aq]\e\[aq], \[aq]$\[aq], and \[aq]\[ga]\[aq].
.RE
.\" prctl PR_MPX_ENABLE_MANAGEMENT
.TP
-.BR PR_MPX_ENABLE_MANAGEMENT ", " PR_MPX_DISABLE_MANAGEMENT " (since Linux 3.19, removed in Linux 5.4; only on x86)"
+.B PR_MPX_ENABLE_MANAGEMENT
+.TQ
+.BR PR_MPX_DISABLE_MANAGEMENT " (since Linux 3.19, removed in Linux 5.4; only on x86)"
.\" commit fe3d197f84319d3bce379a9c0dc17b1f48ad358c
.\" See also http://lwn.net/Articles/582712/
.\" See also https://gcc.gnu.org/wiki/Intel%20MPX%20support%20in%20the%20GCC%20compiler
@@ -2041,6 +2043,36 @@ the copy will be truncated.
Return (as the function result)
the full length of the auxiliary vector.
\fIarg4\fP and \fIarg5\fP must be 0.
+.TP
+.BR PR_SET_MDWE " (since Linux 6.3)"
+.\" commit b507808ebce23561d4ff8c2aa1fb949fe402bc61
+Set the calling process' Memory-Deny-Write-Execute protection mask.
+Once protection bits are set,
+they can not be changed.
+.I arg2
+must be a bit mask of:
+.RS
+.TP
+.B PR_MDWE_REFUSE_EXEC_GAIN
+New memory mapping protections can't be writable and executable.
+Non-executable mappings can't become executable.
+.TP
+.B PR_MDWE_NO_INHERIT " (since Linux 6.6)"
+.\" commit 2a87e5520554034e8c423479740f95bea4a086a0
+Do not propagate MDWE protection to child processes on
+.BR fork (2).
+Setting this bit requires setting
+.B PR_MDWE_REFUSE_EXEC_GAIN
+too.
+.RE
+.TP
+.BR PR_GET_MDWE " (since Linux 6.3)"
+.\" commit b507808ebce23561d4ff8c2aa1fb949fe402bc61
+Return (as the function result) the Memory-Deny-Write-Execute protection mask
+of the calling process.
+(See
+.B PR_SET_MDWE
+for information on the protection mask bits.)
.SH RETURN VALUE
On success,
.BR PR_CAP_AMBIENT + PR_CAP_AMBIENT_IS_SET ,
@@ -2064,7 +2096,7 @@ and (if it returns)
.B PR_GET_SECCOMP
return the nonnegative values described above.
All other
-.I option
+.I op
values return 0 on success.
On error, \-1 is returned, and
.I errno
@@ -2072,7 +2104,7 @@ is set to indicate the error.
.SH ERRORS
.TP
.B EACCES
-.I option
+.I op
is
.B PR_SET_SECCOMP
and
@@ -2088,7 +2120,7 @@ attribute (see the discussion of
above).
.TP
.B EACCES
-.I option
+.I op
is
.BR PR_SET_MM ,
and
@@ -2098,7 +2130,7 @@ is
the file is not executable.
.TP
.B EBADF
-.I option
+.I op
is
.BR PR_SET_MM ,
.I arg3
@@ -2109,7 +2141,7 @@ and the file descriptor passed in
is not valid.
.TP
.B EBUSY
-.I option
+.I op
is
.BR PR_SET_MM ,
.I arg3
@@ -2124,7 +2156,7 @@ symbolic link, which is prohibited.
is an invalid address.
.TP
.B EFAULT
-.I option
+.I op
is
.BR PR_SET_SECCOMP ,
.I arg2
@@ -2137,7 +2169,7 @@ and
is an invalid address.
.TP
.B EFAULT
-.I option
+.I op
is
.B PR_SET_SYSCALL_USER_DISPATCH
and
@@ -2146,12 +2178,12 @@ has an invalid address.
.TP
.B EINVAL
The value of
-.I option
+.I op
is not recognized,
or not supported on this system.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_MCE_KILL
or
@@ -2165,10 +2197,10 @@ arguments were not specified as zero.
.B EINVAL
.I arg2
is not valid value for this
-.IR option .
+.IR op .
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_SECCOMP
or
@@ -2177,7 +2209,7 @@ and the kernel was not configured with
.BR CONFIG_SECCOMP .
.TP
.B EINVAL
-.I option
+.I op
is
.BR PR_SET_SECCOMP ,
.I arg2
@@ -2187,7 +2219,7 @@ and the kernel was not configured with
.BR CONFIG_SECCOMP_FILTER .
.TP
.B EINVAL
-.I option
+.I op
is
.BR PR_SET_MM ,
and one of the following is true
@@ -2227,7 +2259,7 @@ resource limit to be exceeded.
.RE
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_PTRACER
and
@@ -2237,7 +2269,7 @@ is not 0,
or the PID of an existing process.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_PDEATHSIG
and
@@ -2245,7 +2277,7 @@ and
is not a valid signal number.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_DUMPABLE
and
@@ -2256,7 +2288,7 @@ nor
.BR SUID_DUMP_USER .
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_TIMING
and
@@ -2265,7 +2297,7 @@ is not
.BR PR_TIMING_STATISTICAL .
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_NO_NEW_PRIVS
and
@@ -2279,7 +2311,7 @@ or
is nonzero.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_GET_NO_NEW_PRIVS
and
@@ -2291,7 +2323,7 @@ or
is nonzero.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_THP_DISABLE
and
@@ -2302,7 +2334,7 @@ or
is nonzero.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_GET_THP_DISABLE
and
@@ -2314,7 +2346,7 @@ or
is nonzero.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_CAP_AMBIENT
and an unused argument
@@ -2339,7 +2371,7 @@ and
does not specify a valid capability.
.TP
.B EINVAL
-.I option
+.I op
was
.B PR_GET_SPECULATION_CTRL
or
@@ -2347,8 +2379,9 @@ or
and unused arguments to
.BR prctl ()
are not 0.
+.TP
.B EINVAL
-.I option
+.I op
is
.B PR_PAC_RESET_KEYS
and the arguments are invalid or unsupported.
@@ -2357,7 +2390,7 @@ See the description of
above for details.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SVE_SET_VL
and the arguments are invalid or unsupported,
@@ -2367,13 +2400,13 @@ See the description of
above for details.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SVE_GET_VL
and SVE is not available on this platform.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_SYSCALL_USER_DISPATCH
and one of the following is true:
@@ -2395,7 +2428,7 @@ is invalid.
.RE
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_SET_TAGGED_ADDR_CTRL
and the arguments are invalid or unsupported.
@@ -2404,7 +2437,7 @@ See the description of
above for details.
.TP
.B EINVAL
-.I option
+.I op
is
.B PR_GET_TAGGED_ADDR_CTRL
and the arguments are invalid or unsupported.
@@ -2413,13 +2446,13 @@ See the description of
above for details.
.TP
.B ENODEV
-.I option
+.I op
was
.B PR_SET_SPECULATION_CTRL
the kernel or CPU does not support the requested speculation misfeature.
.TP
.B ENXIO
-.I option
+.I op
was
.B PR_MPX_ENABLE_MANAGEMENT
or
@@ -2428,7 +2461,7 @@ and the kernel or the CPU does not support MPX management.
Check that the kernel and processor have MPX support.
.TP
.B ENXIO
-.I option
+.I op
was
.B PR_SET_SPECULATION_CTRL
implies that the control of the selected speculation misfeature is not possible.
@@ -2437,7 +2470,7 @@ See
for the bit fields to determine which option is available.
.TP
.B EOPNOTSUPP
-.I option
+.I op
is
.B PR_SET_FP_MODE
and
@@ -2445,7 +2478,7 @@ and
has an invalid or unsupported value.
.TP
.B EPERM
-.I option
+.I op
is
.BR PR_SET_SECUREBITS ,
and the caller does not have the
@@ -2457,7 +2490,7 @@ or tried to set a flag whose corresponding locked flag was set
.BR capabilities (7)).
.TP
.B EPERM
-.I option
+.I op
is
.B PR_SET_SPECULATION_CTRL
wherein the speculation was disabled with
@@ -2465,7 +2498,7 @@ wherein the speculation was disabled with
and caller tried to enable it again.
.TP
.B EPERM
-.I option
+.I op
is
.BR PR_SET_KEEPCAPS ,
and the caller's
@@ -2475,7 +2508,7 @@ flag is set
.BR capabilities (7)).
.TP
.B EPERM
-.I option
+.I op
is
.BR PR_CAPBSET_DROP ,
and the caller does not have the
@@ -2483,7 +2516,7 @@ and the caller does not have the
capability.
.TP
.B EPERM
-.I option
+.I op
is
.BR PR_SET_MM ,
and the caller does not have the
@@ -2491,7 +2524,7 @@ and the caller does not have the
capability.
.TP
.B EPERM
-.I option
+.I op
is
.B PR_CAP_AMBIENT
and
@@ -2506,7 +2539,7 @@ or the
securebit has been set.
.TP
.B ERANGE
-.I option
+.I op
was
.B PR_SET_SPECULATION_CTRL
and
@@ -2523,14 +2556,14 @@ IRIX has a
system call (also introduced in Linux 2.1.44
as irix_prctl on the MIPS architecture),
with prototype
-.PP
+.P
.in +4n
.EX
-.BI "ptrdiff_t prctl(int " option ", int " arg2 ", int " arg3 );
+.BI "ptrdiff_t prctl(int " op ", int " arg2 ", int " arg3 );
.EE
.in
-.PP
-and options to get the maximum number of processes per user,
+.P
+and operations to get the maximum number of processes per user,
get the maximum number of processors the calling process can use,
find out whether a specified process is currently blocked,
get or set the maximum stack size, and so on.