summaryrefslogtreecommitdiffstats
path: root/man2/prctl.2
diff options
context:
space:
mode:
Diffstat (limited to 'man2/prctl.2')
-rw-r--r--man2/prctl.22577
1 files changed, 0 insertions, 2577 deletions
diff --git a/man2/prctl.2 b/man2/prctl.2
deleted file mode 100644
index c6dae6d..0000000
--- a/man2/prctl.2
+++ /dev/null
@@ -1,2577 +0,0 @@
-.\" Copyright (C) 1998 Andries Brouwer (aeb@cwi.nl)
-.\" and Copyright (C) 2002, 2006, 2008, 2012, 2013, 2015 Michael Kerrisk <mtk.manpages@gmail.com>
-.\" and Copyright Guillem Jover <guillem@hadrons.org>
-.\" and Copyright (C) 2010 Andi Kleen <andi@firstfloor.org>
-.\" and Copyright (C) 2012 Cyrill Gorcunov <gorcunov@openvz.org>
-.\" and Copyright (C) 2014 Dave Hansen / Intel
-.\" and Copyright (c) 2016 Eugene Syromyatnikov <evgsyr@gmail.com>
-.\" and Copyright (c) 2018 Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
-.\" and Copyright (c) 2020 Dave Martin <Dave.Martin@arm.com>
-.\"
-.\" SPDX-License-Identifier: Linux-man-pages-copyleft
-.\"
-.\" Modified Thu Nov 11 04:19:42 MET 1999, aeb: added PR_GET_PDEATHSIG
-.\" Modified 27 Jun 02, Michael Kerrisk
-.\" Added PR_SET_DUMPABLE, PR_GET_DUMPABLE,
-.\" PR_SET_KEEPCAPS, PR_GET_KEEPCAPS
-.\" Modified 2006-08-30 Guillem Jover <guillem@hadrons.org>
-.\" Updated Linux versions where the options where introduced.
-.\" Added PR_SET_TIMING, PR_GET_TIMING, PR_SET_NAME, PR_GET_NAME,
-.\" PR_SET_UNALIGN, PR_GET_UNALIGN, PR_SET_FPEMU, PR_GET_FPEMU,
-.\" PR_SET_FPEXC, PR_GET_FPEXC
-.\" 2008-04-29 Serge Hallyn, Document PR_CAPBSET_READ and PR_CAPBSET_DROP
-.\" 2008-06-13 Erik Bosman, <ejbosman@cs.vu.nl>
-.\" Document PR_GET_TSC and PR_SET_TSC.
-.\" 2008-06-15 mtk, Document PR_SET_SECCOMP, PR_GET_SECCOMP
-.\" 2009-10-03 Andi Kleen, document PR_MCE_KILL
-.\" 2012-04 Cyrill Gorcunov, Document PR_SET_MM
-.\" 2012-04-25 Michael Kerrisk, Document PR_TASK_PERF_EVENTS_DISABLE and
-.\" PR_TASK_PERF_EVENTS_ENABLE
-.\" 2012-09-20 Kees Cook, update PR_SET_SECCOMP for mode 2
-.\" 2012-09-20 Kees Cook, document PR_SET_NO_NEW_PRIVS, PR_GET_NO_NEW_PRIVS
-.\" 2012-10-25 Michael Kerrisk, Document PR_SET_TIMERSLACK and
-.\" PR_GET_TIMERSLACK
-.\" 2013-01-10 Kees Cook, document PR_SET_PTRACER
-.\" 2012-02-04 Michael Kerrisk, document PR_{SET,GET}_CHILD_SUBREAPER
-.\" 2014-11-10 Dave Hansen, document PR_MPX_{EN,DIS}ABLE_MANAGEMENT
-.\"
-.\"
-.TH prctl 2 2024-03-03 "Linux man-pages 6.7"
-.SH NAME
-prctl \- operations on a process or thread
-.SH LIBRARY
-Standard C library
-.RI ( libc ", " \-lc )
-.SH SYNOPSIS
-.nf
-.B #include <sys/prctl.h>
-.P
-.BI "int prctl(int " op ", ..."
-.BI " \fR/*\fP unsigned long " arg2 ", unsigned long " arg3 ,
-.BI " unsigned long " arg4 ", unsigned long " arg5 " \fR*/\fP );"
-.fi
-.SH DESCRIPTION
-.BR prctl ()
-manipulates various aspects of the behavior
-of the calling thread or process.
-.P
-Note that careless use of some
-.BR prctl ()
-operations can confuse the user-space run-time environment,
-so these operations should be used with care.
-.P
-.BR prctl ()
-is called with a first argument describing what to do
-(with values defined in \fI<linux/prctl.h>\fP), and further
-arguments with a significance depending on the first one.
-The first argument can be:
-.\"
-.\" prctl PR_CAP_AMBIENT
-.TP
-.BR PR_CAP_AMBIENT " (since Linux 4.3)"
-.\" commit 58319057b7847667f0c9585b9de0e8932b0fdb08
-Reads or changes the ambient capability set of the calling thread,
-according to the value of
-.IR arg2 ,
-which must be one of the following:
-.RS
-.\"
-.TP
-.B PR_CAP_AMBIENT_RAISE
-The capability specified in
-.I arg3
-is added to the ambient set.
-The specified capability must already be present in
-both the permitted and the inheritable sets of the process.
-This operation is not permitted if the
-.B SECBIT_NO_CAP_AMBIENT_RAISE
-securebit is set.
-.TP
-.B PR_CAP_AMBIENT_LOWER
-The capability specified in
-.I arg3
-is removed from the ambient set.
-.TP
-.B PR_CAP_AMBIENT_IS_SET
-The
-.BR prctl ()
-call returns 1 if the capability in
-.I arg3
-is in the ambient set and 0 if it is not.
-.TP
-.B PR_CAP_AMBIENT_CLEAR_ALL
-All capabilities will be removed from the ambient set.
-This operation requires setting
-.I arg3
-to zero.
-.RE
-.IP
-In all of the above operations,
-.I arg4
-and
-.I arg5
-must be specified as 0.
-.IP
-Higher-level interfaces layered on top of the above operations are
-provided in the
-.BR libcap (3)
-library in the form of
-.BR cap_get_ambient (3),
-.BR cap_set_ambient (3),
-and
-.BR cap_reset_ambient (3).
-.\" prctl PR_CAPBSET_READ
-.TP
-.BR PR_CAPBSET_READ " (since Linux 2.6.25)"
-Return (as the function result) 1 if the capability specified in
-.I arg2
-is in the calling thread's capability bounding set,
-or 0 if it is not.
-(The capability constants are defined in
-.IR <linux/capability.h> .)
-The capability bounding set dictates
-whether the process can receive the capability through a
-file's permitted capability set on a subsequent call to
-.BR execve (2).
-.IP
-If the capability specified in
-.I arg2
-is not valid, then the call fails with the error
-.BR EINVAL .
-.IP
-A higher-level interface layered on top of this operation is provided in the
-.BR libcap (3)
-library in the form of
-.BR cap_get_bound (3).
-.\" prctl PR_CAPBSET_DROP
-.TP
-.BR PR_CAPBSET_DROP " (since Linux 2.6.25)"
-If the calling thread has the
-.B CAP_SETPCAP
-capability within its user namespace, then drop the capability specified by
-.I arg2
-from the calling thread's capability bounding set.
-Any children of the calling thread will inherit the newly
-reduced bounding set.
-.IP
-The call fails with the error:
-.B EPERM
-if the calling thread does not have the
-.BR CAP_SETPCAP ;
-.B EINVAL
-if
-.I arg2
-does not represent a valid capability; or
-.B EINVAL
-if file capabilities are not enabled in the kernel,
-in which case bounding sets are not supported.
-.IP
-A higher-level interface layered on top of this operation is provided in the
-.BR libcap (3)
-library in the form of
-.BR cap_drop_bound (3).
-.\" prctl PR_SET_CHILD_SUBREAPER
-.TP
-.BR PR_SET_CHILD_SUBREAPER " (since Linux 3.4)"
-.\" commit ebec18a6d3aa1e7d84aab16225e87fd25170ec2b
-If
-.I arg2
-is nonzero,
-set the "child subreaper" attribute of the calling process;
-if
-.I arg2
-is zero, unset the attribute.
-.IP
-A subreaper fulfills the role of
-.BR init (1)
-for its descendant processes.
-When a process becomes orphaned
-(i.e., its immediate parent terminates),
-then that process will be reparented to
-the nearest still living ancestor subreaper.
-Subsequently, calls to
-.BR getppid (2)
-in the orphaned process will now return the PID of the subreaper process,
-and when the orphan terminates, it is the subreaper process that
-will receive a
-.B SIGCHLD
-signal and will be able to
-.BR wait (2)
-on the process to discover its termination status.
-.IP
-The setting of the "child subreaper" attribute
-is not inherited by children created by
-.BR fork (2)
-and
-.BR clone (2).
-The setting is preserved across
-.BR execve (2).
-.IP
-Establishing a subreaper process is useful in session management frameworks
-where a hierarchical group of processes is managed by a subreaper process
-that needs to be informed when one of the processes\[em]for example,
-a double-forked daemon\[em]terminates
-(perhaps so that it can restart that process).
-Some
-.BR init (1)
-frameworks (e.g.,
-.BR systemd (1))
-employ a subreaper process for similar reasons.
-.\" prctl PR_GET_CHILD_SUBREAPER
-.TP
-.BR PR_GET_CHILD_SUBREAPER " (since Linux 3.4)"
-Return the "child subreaper" setting of the caller,
-in the location pointed to by
-.IR "(int\~*) arg2" .
-.\" prctl PR_SET_DUMPABLE
-.TP
-.BR PR_SET_DUMPABLE " (since Linux 2.3.20)"
-Set the state of the "dumpable" attribute,
-which determines whether core dumps are produced for the calling process
-upon delivery of a signal whose default behavior is to produce a core dump.
-.IP
-Up to and including Linux 2.6.12,
-.I arg2
-must be either 0
-.RB ( SUID_DUMP_DISABLE ,
-process is not dumpable) or 1
-.RB ( SUID_DUMP_USER ,
-process is dumpable).
-Between Linux 2.6.13 and Linux 2.6.17,
-.\" commit abf75a5033d4da7b8a7e92321d74021d1fcfb502
-the value 2 was also permitted,
-which caused any binary which normally would not be dumped
-to be dumped readable by root only;
-for security reasons, this feature has been removed.
-.\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
-.\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
-.\" From: Marcel Holtmann <marcel () holtmann ! org>
-.\" Date: 2006-07-12 11:12:00
-(See also the description of
-.I /proc/sys/fs/\:suid_dumpable
-in
-.BR proc (5).)
-.IP
-Normally, the "dumpable" attribute is set to 1.
-However, it is reset to the current value contained in the file
-.I /proc/sys/fs/\:suid_dumpable
-(which by default has the value 0),
-in the following circumstances:
-.\" See kernel/cred.c::commit_creds() (Linux 3.18 sources)
-.RS
-.IP \[bu] 3
-The process's effective user or group ID is changed.
-.IP \[bu]
-The process's filesystem user or group ID is changed (see
-.BR credentials (7)).
-.IP \[bu]
-The process executes
-.RB ( execve (2))
-a set-user-ID or set-group-ID program, resulting in a change
-of either the effective user ID or the effective group ID.
-.IP \[bu]
-The process executes
-.RB ( execve (2))
-a program that has file capabilities (see
-.BR capabilities (7)),
-.\" See kernel/cred.c::commit_creds()
-but only if the permitted capabilities
-gained exceed those already permitted for the process.
-.\" Also certain namespace operations;
-.RE
-.IP
-Processes that are not dumpable can not be attached via
-.BR ptrace (2)
-.BR PTRACE_ATTACH ;
-see
-.BR ptrace (2)
-for further details.
-.IP
-If a process is not dumpable,
-the ownership of files in the process's
-.IR /proc/ pid
-directory is affected as described in
-.BR proc (5).
-.\" prctl PR_GET_DUMPABLE
-.TP
-.BR PR_GET_DUMPABLE " (since Linux 2.3.20)"
-Return (as the function result) the current state of the calling
-process's dumpable attribute.
-.\" Since Linux 2.6.13, the dumpable flag can have the value 2,
-.\" but in Linux 2.6.13 PR_GET_DUMPABLE simply returns 1 if the dumpable
-.\" flags has a nonzero value. This was fixed in Linux 2.6.14.
-.\" prctl PR_SET_ENDIAN
-.TP
-.BR PR_SET_ENDIAN " (since Linux 2.6.18, PowerPC only)"
-Set the endian-ness of the calling process to the value given
-in \fIarg2\fP, which should be one of the following:
-.\" Respectively 0, 1, 2
-.BR PR_ENDIAN_BIG ,
-.BR PR_ENDIAN_LITTLE ,
-or
-.B PR_ENDIAN_PPC_LITTLE
-(PowerPC pseudo little endian).
-.\" prctl PR_GET_ENDIAN
-.TP
-.BR PR_GET_ENDIAN " (since Linux 2.6.18, PowerPC only)"
-Return the endian-ness of the calling process,
-in the location pointed to by
-.IR "(int\~*) arg2" .
-.\" prctl PR_SET_FP_MODE
-.TP
-.BR PR_SET_FP_MODE " (since Linux 4.0, only on MIPS)"
-.\" commit 9791554b45a2acc28247f66a5fd5bbc212a6b8c8
-On the MIPS architecture,
-user-space code can be built using an ABI which permits linking
-with code that has more restrictive floating-point (FP) requirements.
-For example, user-space code may be built to target the O32 FPXX ABI
-and linked with code built for either one of the more restrictive
-FP32 or FP64 ABIs.
-When more restrictive code is linked in,
-the overall requirement for the process is to use the more
-restrictive floating-point mode.
-.IP
-Because the kernel has no means of knowing in advance
-which mode the process should be executed in,
-and because these restrictions can
-change over the lifetime of the process, the
-.B PR_SET_FP_MODE
-operation is provided to allow control of the floating-point mode
-from user space.
-.IP
-.\" https://dmz-portal.mips.com/wiki/MIPS_O32_ABI_-_FR0_and_FR1_Interlinking
-The
-.I (unsigned int) arg2
-argument is a bit mask describing the floating-point mode used:
-.RS
-.TP
-.B PR_FP_MODE_FR
-When this bit is
-.I unset
-(so called
-.BR FR=0 " or " FR0
-mode), the 32 floating-point registers are 32 bits wide,
-and 64-bit registers are represented as a pair of registers
-(even- and odd- numbered,
-with the even-numbered register containing the lower 32 bits,
-and the odd-numbered register containing the higher 32 bits).
-.IP
-When this bit is
-.I set
-(on supported hardware),
-the 32 floating-point registers are 64 bits wide (so called
-.BR FR=1 " or " FR1
-mode).
-Note that modern MIPS implementations (MIPS R6 and newer) support
-.B FR=1
-mode only.
-.IP
-Applications that use the O32 FP32 ABI can operate only when this bit is
-.I unset
-.RB ( FR=0 ;
-or they can be used with FRE enabled, see below).
-Applications that use the O32 FP64 ABI
-(and the O32 FP64A ABI, which exists to
-provide the ability to operate with existing FP32 code; see below)
-can operate only when this bit is
-.I set
-.RB ( FR=1 ).
-Applications that use the O32 FPXX ABI can operate with either
-.B FR=0
-or
-.BR FR=1 .
-.TP
-.B PR_FP_MODE_FRE
-Enable emulation of 32-bit floating-point mode.
-When this mode is enabled,
-it emulates 32-bit floating-point operations
-by raising a reserved-instruction exception
-on every instruction that uses 32-bit formats and
-the kernel then handles the instruction in software.
-(The problem lies in the discrepancy of handling odd-numbered registers
-which are the high 32 bits of 64-bit registers with even numbers in
-.B FR=0
-mode and the lower 32-bit parts of odd-numbered 64-bit registers in
-.B FR=1
-mode.)
-Enabling this bit is necessary when code with the O32 FP32 ABI should operate
-with code with compatible the O32 FPXX or O32 FP64A ABIs (which require
-.B FR=1
-FPU mode) or when it is executed on newer hardware (MIPS R6 onwards)
-which lacks
-.B FR=0
-mode support when a binary with the FP32 ABI is used.
-.IP
-Note that this mode makes sense only when the FPU is in 64-bit mode
-.RB ( FR=1 ).
-.IP
-Note that the use of emulation inherently has a significant performance hit
-and should be avoided if possible.
-.RE
-.IP
-In the N32/N64 ABI, 64-bit floating-point mode is always used,
-so FPU emulation is not required and the FPU always operates in
-.B FR=1
-mode.
-.IP
-This operation is mainly intended for use by the dynamic linker
-.RB ( ld.so (8)).
-.IP
-The arguments
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-are ignored.
-.\" prctl PR_GET_FP_MODE
-.TP
-.BR PR_GET_FP_MODE " (since Linux 4.0, only on MIPS)"
-Return (as the function result)
-the current floating-point mode (see the description of
-.B PR_SET_FP_MODE
-for details).
-.IP
-On success,
-the call returns a bit mask which represents the current floating-point mode.
-.IP
-The arguments
-.IR arg2 ,
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-are ignored.
-.\" prctl PR_SET_FPEMU
-.TP
-.BR PR_SET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)"
-Set floating-point emulation control bits to \fIarg2\fP.
-Pass
-.B PR_FPEMU_NOPRINT
-to silently emulate floating-point operation accesses, or
-.B PR_FPEMU_SIGFPE
-to not emulate floating-point operations and send
-.B SIGFPE
-instead.
-.\" prctl PR_GET_FPEMU
-.TP
-.BR PR_GET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)"
-Return floating-point emulation control bits,
-in the location pointed to by
-.IR "(int\~*) arg2" .
-.\" prctl PR_SET_FPEXC
-.TP
-.BR PR_SET_FPEXC " (since Linux 2.4.21, 2.5.32, only on PowerPC)"
-Set floating-point exception mode to \fIarg2\fP.
-Pass \fBPR_FP_EXC_SW_ENABLE\fP to use FPEXC for FP exception enables,
-\fBPR_FP_EXC_DIV\fP for floating-point divide by zero,
-\fBPR_FP_EXC_OVF\fP for floating-point overflow,
-\fBPR_FP_EXC_UND\fP for floating-point underflow,
-\fBPR_FP_EXC_RES\fP for floating-point inexact result,
-\fBPR_FP_EXC_INV\fP for floating-point invalid operation,
-\fBPR_FP_EXC_DISABLED\fP for FP exceptions disabled,
-\fBPR_FP_EXC_NONRECOV\fP for async nonrecoverable exception mode,
-\fBPR_FP_EXC_ASYNC\fP for async recoverable exception mode,
-\fBPR_FP_EXC_PRECISE\fP for precise exception mode.
-.\" prctl PR_GET_FPEXC
-.TP
-.BR PR_GET_FPEXC " (since Linux 2.4.21, 2.5.32, only on PowerPC)"
-Return floating-point exception mode,
-in the location pointed to by
-.IR "(int\~*) arg2" .
-.\" prctl PR_SET_IO_FLUSHER
-.TP
-.BR PR_SET_IO_FLUSHER " (since Linux 5.6)"
-If a user process is involved in the block layer or filesystem I/O path,
-and can allocate memory while processing I/O requests it must set
-\fIarg2\fP to 1.
-This will put the process in the IO_FLUSHER state,
-which allows it special treatment to make progress when allocating memory.
-If \fIarg2\fP is 0, the process will clear the IO_FLUSHER state, and
-the default behavior will be used.
-.IP
-The calling process must have the
-.B CAP_SYS_RESOURCE
-capability.
-.IP
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-must be zero.
-.IP
-The IO_FLUSHER state is inherited by a child process created via
-.BR fork (2)
-and is preserved across
-.BR execve (2).
-.IP
-Examples of IO_FLUSHER applications are FUSE daemons, SCSI device
-emulation daemons, and daemons that perform error handling like multipath
-path recovery applications.
-.\" prctl PR_GET_IO_FLUSHER
-.TP
-.B PR_GET_IO_FLUSHER (Since Linux 5.6)
-Return (as the function result) the IO_FLUSHER state of the caller.
-A value of 1 indicates that the caller is in the IO_FLUSHER state;
-0 indicates that the caller is not in the IO_FLUSHER state.
-.IP
-The calling process must have the
-.B CAP_SYS_RESOURCE
-capability.
-.IP
-.IR arg2 ,
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-must be zero.
-.\" prctl PR_SET_KEEPCAPS
-.TP
-.BR PR_SET_KEEPCAPS " (since Linux 2.2.18)"
-Set the state of the calling thread's "keep capabilities" flag.
-The effect of this flag is described in
-.BR capabilities (7).
-.I arg2
-must be either 0 (clear the flag)
-or 1 (set the flag).
-The "keep capabilities" value will be reset to 0 on subsequent calls to
-.BR execve (2).
-.\" prctl PR_GET_KEEPCAPS
-.TP
-.BR PR_GET_KEEPCAPS " (since Linux 2.2.18)"
-Return (as the function result) the current state of the calling thread's
-"keep capabilities" flag.
-See
-.BR capabilities (7)
-for a description of this flag.
-.\" prctl PR_MCE_KILL
-.TP
-.BR PR_MCE_KILL " (since Linux 2.6.32)"
-Set the machine check memory corruption kill policy for the calling thread.
-If
-.I arg2
-is
-.BR PR_MCE_KILL_CLEAR ,
-clear the thread memory corruption kill policy and use the system-wide default.
-(The system-wide default is defined by
-.IR /proc/sys/vm/memory_failure_early_kill ;
-see
-.BR proc (5).)
-If
-.I arg2
-is
-.BR PR_MCE_KILL_SET ,
-use a thread-specific memory corruption kill policy.
-In this case,
-.I arg3
-defines whether the policy is
-.I early kill
-.RB ( PR_MCE_KILL_EARLY ),
-.I late kill
-.RB ( PR_MCE_KILL_LATE ),
-or the system-wide default
-.RB ( PR_MCE_KILL_DEFAULT ).
-Early kill means that the thread receives a
-.B SIGBUS
-signal as soon as hardware memory corruption is detected inside
-its address space.
-In late kill mode, the process is killed only when it accesses a corrupted page.
-See
-.BR sigaction (2)
-for more information on the
-.B SIGBUS
-signal.
-The policy is inherited by children.
-The remaining unused
-.BR prctl ()
-arguments must be zero for future compatibility.
-.\" prctl PR_MCE_KILL_GET
-.TP
-.BR PR_MCE_KILL_GET " (since Linux 2.6.32)"
-Return (as the function result)
-the current per-process machine check kill policy.
-All unused
-.BR prctl ()
-arguments must be zero.
-.\" prctl PR_SET_MM
-.TP
-.BR PR_SET_MM " (since Linux 3.3)"
-.\" commit 028ee4be34a09a6d48bdf30ab991ae933a7bc036
-Modify certain kernel memory map descriptor fields
-of the calling process.
-Usually these fields are set by the kernel and dynamic loader (see
-.BR ld.so (8)
-for more information) and a regular application should not use this feature.
-However, there are cases, such as self-modifying programs,
-where a program might find it useful to change its own memory map.
-.IP
-The calling process must have the
-.B CAP_SYS_RESOURCE
-capability.
-The value in
-.I arg2
-is one of the options below, while
-.I arg3
-provides a new value for the option.
-The
-.I arg4
-and
-.I arg5
-arguments must be zero if unused.
-.IP
-Before Linux 3.10,
-.\" commit 52b3694157e3aa6df871e283115652ec6f2d31e0
-this feature is available only if the kernel is built with the
-.B CONFIG_CHECKPOINT_RESTORE
-option enabled.
-.RS
-.TP
-.B PR_SET_MM_START_CODE
-Set the address above which the program text can run.
-The corresponding memory area must be readable and executable,
-but not writable or shareable (see
-.BR mprotect (2)
-and
-.BR mmap (2)
-for more information).
-.TP
-.B PR_SET_MM_END_CODE
-Set the address below which the program text can run.
-The corresponding memory area must be readable and executable,
-but not writable or shareable.
-.TP
-.B PR_SET_MM_START_DATA
-Set the address above which initialized and
-uninitialized (bss) data are placed.
-The corresponding memory area must be readable and writable,
-but not executable or shareable.
-.TP
-.B PR_SET_MM_END_DATA
-Set the address below which initialized and
-uninitialized (bss) data are placed.
-The corresponding memory area must be readable and writable,
-but not executable or shareable.
-.TP
-.B PR_SET_MM_START_STACK
-Set the start address of the stack.
-The corresponding memory area must be readable and writable.
-.TP
-.B PR_SET_MM_START_BRK
-Set the address above which the program heap can be expanded with
-.BR brk (2)
-call.
-The address must be greater than the ending address of
-the current program data segment.
-In addition, the combined size of the resulting heap and
-the size of the data segment can't exceed the
-.B RLIMIT_DATA
-resource limit (see
-.BR setrlimit (2)).
-.TP
-.B PR_SET_MM_BRK
-Set the current
-.BR brk (2)
-value.
-The requirements for the address are the same as for the
-.B PR_SET_MM_START_BRK
-option.
-.P
-The following options are available since Linux 3.5.
-.\" commit fe8c7f5cbf91124987106faa3bdf0c8b955c4cf7
-.TP
-.B PR_SET_MM_ARG_START
-Set the address above which the program command line is placed.
-.TP
-.B PR_SET_MM_ARG_END
-Set the address below which the program command line is placed.
-.TP
-.B PR_SET_MM_ENV_START
-Set the address above which the program environment is placed.
-.TP
-.B PR_SET_MM_ENV_END
-Set the address below which the program environment is placed.
-.IP
-The address passed with
-.BR PR_SET_MM_ARG_START ,
-.BR PR_SET_MM_ARG_END ,
-.BR PR_SET_MM_ENV_START ,
-and
-.B PR_SET_MM_ENV_END
-should belong to a process stack area.
-Thus, the corresponding memory area must be readable, writable, and
-(depending on the kernel configuration) have the
-.B MAP_GROWSDOWN
-attribute set (see
-.BR mmap (2)).
-.TP
-.B PR_SET_MM_AUXV
-Set a new auxiliary vector.
-The
-.I arg3
-argument should provide the address of the vector.
-The
-.I arg4
-is the size of the vector.
-.TP
-.B PR_SET_MM_EXE_FILE
-.\" commit b32dfe377102ce668775f8b6b1461f7ad428f8b6
-Supersede the
-.IR /proc/ pid /exe
-symbolic link with a new one pointing to a new executable file
-identified by the file descriptor provided in
-.I arg3
-argument.
-The file descriptor should be obtained with a regular
-.BR open (2)
-call.
-.IP
-To change the symbolic link, one needs to unmap all existing
-executable memory areas, including those created by the kernel itself
-(for example the kernel usually creates at least one executable
-memory area for the ELF
-.I .text
-section).
-.IP
-In Linux 4.9 and earlier, the
-.\" commit 3fb4afd9a504c2386b8435028d43283216bf588e
-.B PR_SET_MM_EXE_FILE
-operation can be performed only once in a process's lifetime;
-attempting to perform the operation a second time results in the error
-.BR EPERM .
-This restriction was enforced for security reasons that were subsequently
-deemed specious,
-and the restriction was removed in Linux 4.10 because some
-user-space applications needed to perform this operation more than once.
-.P
-The following options are available since Linux 3.18.
-.\" commit f606b77f1a9e362451aca8f81d8f36a3a112139e
-.TP
-.B PR_SET_MM_MAP
-Provides one-shot access to all the addresses by passing in a
-.I struct prctl_mm_map
-(as defined in \fI<linux/prctl.h>\fP).
-The
-.I arg4
-argument should provide the size of the struct.
-.IP
-This feature is available only if the kernel is built with the
-.B CONFIG_CHECKPOINT_RESTORE
-option enabled.
-.TP
-.B PR_SET_MM_MAP_SIZE
-Returns the size of the
-.I struct prctl_mm_map
-the kernel expects.
-This allows user space to find a compatible struct.
-The
-.I arg4
-argument should be a pointer to an unsigned int.
-.IP
-This feature is available only if the kernel is built with the
-.B CONFIG_CHECKPOINT_RESTORE
-option enabled.
-.RE
-.\" prctl PR_SET_VMA
-.TP
-.BR PR_SET_VMA " (since Linux 5.17)"
-.\" Commit 9a10064f5625d5572c3626c1516e0bebc6c9fe9b
-Sets an attribute specified in
-.I arg2
-for virtual memory areas starting from the address specified in
-.I arg3
-and spanning the size specified in
-.IR arg4 .
-.I arg5
-specifies the value of the attribute to be set.
-.IP
-Note that assigning an attribute to a virtual memory area
-might prevent it from being merged with adjacent virtual memory areas
-due to the difference in that attribute's value.
-.IP
-Currently,
-.I arg2
-must be one of:
-.RS
-.TP
-.B PR_SET_VMA_ANON_NAME
-Set a name for anonymous virtual memory areas.
-.I arg5
-should be a pointer to a null-terminated string containing the name.
-The name length including null byte cannot exceed 80 bytes.
-If
-.I arg5
-is NULL, the name of the appropriate anonymous virtual memory areas
-will be reset.
-The name can contain only printable ascii characters (including space),
-except \[aq][\[aq], \[aq]]\[aq], \[aq]\e\[aq], \[aq]$\[aq], and \[aq]\[ga]\[aq].
-.RE
-.\" prctl PR_MPX_ENABLE_MANAGEMENT
-.TP
-.B PR_MPX_ENABLE_MANAGEMENT
-.TQ
-.BR PR_MPX_DISABLE_MANAGEMENT " (since Linux 3.19, removed in Linux 5.4; only on x86)"
-.\" commit fe3d197f84319d3bce379a9c0dc17b1f48ad358c
-.\" See also http://lwn.net/Articles/582712/
-.\" See also https://gcc.gnu.org/wiki/Intel%20MPX%20support%20in%20the%20GCC%20compiler
-Enable or disable kernel management of Memory Protection eXtensions (MPX)
-bounds tables.
-The
-.IR arg2 ,
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-.\" commit e9d1b4f3c60997fe197bf0243cb4a41a44387a88
-arguments must be zero.
-.IP
-MPX is a hardware-assisted mechanism for performing bounds checking on
-pointers.
-It consists of a set of registers storing bounds information
-and a set of special instruction prefixes that tell the CPU on which
-instructions it should do bounds enforcement.
-There is a limited number of these registers and
-when there are more pointers than registers,
-their contents must be "spilled" into a set of tables.
-These tables are called "bounds tables" and the MPX
-.BR prctl ()
-operations control
-whether the kernel manages their allocation and freeing.
-.IP
-When management is enabled, the kernel will take over allocation
-and freeing of the bounds tables.
-It does this by trapping the #BR exceptions that result
-at first use of missing bounds tables and
-instead of delivering the exception to user space,
-it allocates the table and populates the bounds directory
-with the location of the new table.
-For freeing, the kernel checks to see if bounds tables are
-present for memory which is not allocated, and frees them if so.
-.IP
-Before enabling MPX management using
-.BR PR_MPX_ENABLE_MANAGEMENT ,
-the application must first have allocated a user-space buffer for
-the bounds directory and placed the location of that directory in the
-.I bndcfgu
-register.
-.IP
-These calls fail if the CPU or kernel does not support MPX.
-Kernel support for MPX is enabled via the
-.B CONFIG_X86_INTEL_MPX
-configuration option.
-You can check whether the CPU supports MPX by looking for the
-.I mpx
-CPUID bit, like with the following command:
-.IP
-.in +4n
-.EX
-cat /proc/cpuinfo | grep \[aq] mpx \[aq]
-.EE
-.in
-.IP
-A thread may not switch in or out of long (64-bit) mode while MPX is
-enabled.
-.IP
-All threads in a process are affected by these calls.
-.IP
-The child of a
-.BR fork (2)
-inherits the state of MPX management.
-During
-.BR execve (2),
-MPX management is reset to a state as if
-.B PR_MPX_DISABLE_MANAGEMENT
-had been called.
-.IP
-For further information on Intel MPX, see the kernel source file
-.IR Documentation/x86/intel_mpx.txt .
-.IP
-.\" commit f240652b6032b48ad7fa35c5e701cc4c8d697c0b
-.\" See also https://lkml.kernel.org/r/20190705175321.DB42F0AD@viggo.jf.intel.com
-Due to a lack of toolchain support,
-.BR PR_MPX_ENABLE_MANAGEMENT " and " PR_MPX_DISABLE_MANAGEMENT
-are not supported in Linux 5.4 and later.
-.\" prctl PR_SET_NAME
-.TP
-.BR PR_SET_NAME " (since Linux 2.6.9)"
-Set the name of the calling thread,
-using the value in the location pointed to by
-.IR "(char\~*) arg2" .
-The name can be up to 16 bytes long,
-.\" TASK_COMM_LEN in include/linux/sched.h
-including the terminating null byte.
-(If the length of the string, including the terminating null byte,
-exceeds 16 bytes, the string is silently truncated.)
-This is the same attribute that can be set via
-.BR pthread_setname_np (3)
-and retrieved using
-.BR pthread_getname_np (3).
-The attribute is likewise accessible via
-.IR /proc/self/task/ tid /comm
-(see
-.BR proc (5)),
-where
-.I tid
-is the thread ID of the calling thread, as returned by
-.BR gettid (2).
-.\" prctl PR_GET_NAME
-.TP
-.BR PR_GET_NAME " (since Linux 2.6.11)"
-Return the name of the calling thread,
-in the buffer pointed to by
-.IR "(char\~*) arg2" .
-The buffer should allow space for up to 16 bytes;
-the returned string will be null-terminated.
-.\" prctl PR_SET_NO_NEW_PRIVS
-.TP
-.BR PR_SET_NO_NEW_PRIVS " (since Linux 3.5)"
-Set the calling thread's
-.I no_new_privs
-attribute to the value in
-.IR arg2 .
-With
-.I no_new_privs
-set to 1,
-.BR execve (2)
-promises not to grant privileges to do anything
-that could not have been done without the
-.BR execve (2)
-call (for example,
-rendering the set-user-ID and set-group-ID mode bits,
-and file capabilities non-functional).
-Once set, the
-.I no_new_privs
-attribute cannot be unset.
-The setting of this attribute is inherited by children created by
-.BR fork (2)
-and
-.BR clone (2),
-and preserved across
-.BR execve (2).
-.IP
-Since Linux 4.10,
-the value of a thread's
-.I no_new_privs
-attribute can be viewed via the
-.I NoNewPrivs
-field in the
-.IR /proc/ pid /status
-file.
-.IP
-For more information, see the kernel source file
-.I Documentation/userspace\-api/no_new_privs.rst
-.\" commit 40fde647ccb0ae8c11d256d271e24d385eed595b
-(or
-.I Documentation/prctl/no_new_privs.txt
-before Linux 4.13).
-See also
-.BR seccomp (2).
-.\" prctl PR_GET_NO_NEW_PRIVS
-.TP
-.BR PR_GET_NO_NEW_PRIVS " (since Linux 3.5)"
-Return (as the function result) the value of the
-.I no_new_privs
-attribute for the calling thread.
-A value of 0 indicates the regular
-.BR execve (2)
-behavior.
-A value of 1 indicates
-.BR execve (2)
-will operate in the privilege-restricting mode described above.
-.\" prctl PR_PAC_RESET_KEYS
-.\" commit ba830885656414101b2f8ca88786524d4bb5e8c1
-.TP
-.BR PR_PAC_RESET_KEYS " (since Linux 5.0, only on arm64)"
-Securely reset the thread's pointer authentication keys
-to fresh random values generated by the kernel.
-.IP
-The set of keys to be reset is specified by
-.IR arg2 ,
-which must be a logical OR of zero or more of the following:
-.RS
-.TP
-.B PR_PAC_APIAKEY
-instruction authentication key A
-.TP
-.B PR_PAC_APIBKEY
-instruction authentication key B
-.TP
-.B PR_PAC_APDAKEY
-data authentication key A
-.TP
-.B PR_PAC_APDBKEY
-data authentication key B
-.TP
-.B PR_PAC_APGAKEY
-generic authentication \[lq]A\[rq] key.
-.IP
-(Yes folks, there really is no generic B key.)
-.RE
-.IP
-As a special case, if
-.I arg2
-is zero, then all the keys are reset.
-Since new keys could be added in future,
-this is the recommended way to completely wipe the existing keys
-when establishing a clean execution context.
-Note that there is no need to use
-.B PR_PAC_RESET_KEYS
-in preparation for calling
-.BR execve (2),
-since
-.BR execve (2)
-resets all the pointer authentication keys.
-.IP
-The remaining arguments
-.IR arg3 ", " arg4 ", and " arg5
-must all be zero.
-.IP
-If the arguments are invalid,
-and in particular if
-.I arg2
-contains set bits that are unrecognized
-or that correspond to a key not available on this platform,
-then the call fails with error
-.BR EINVAL .
-.IP
-.B Warning:
-Because the compiler or run-time environment
-may be using some or all of the keys,
-a successful
-.B PR_PAC_RESET_KEYS
-may crash the calling process.
-The conditions for using it safely are complex and system-dependent.
-Don't use it unless you know what you are doing.
-.IP
-For more information, see the kernel source file
-.I Documentation/arm64/pointer\-authentication.rst
-.\"commit b693d0b372afb39432e1c49ad7b3454855bc6bed
-(or
-.I Documentation/arm64/pointer\-authentication.txt
-before Linux 5.3).
-.\" prctl PR_SET_PDEATHSIG
-.TP
-.BR PR_SET_PDEATHSIG " (since Linux 2.1.57)"
-Set the parent-death signal
-of the calling process to \fIarg2\fP (either a signal value
-in the range
-.RB [ 1 ,
-.IR NSIG\~\-\~1 ],
-or
-.B 0
-to clear).
-This is the signal that the calling process will get when its
-parent dies.
-.IP
-.IR Warning :
-.\" https://bugzilla.kernel.org/show_bug.cgi?id=43300
-the "parent" in this case is considered to be the
-.I thread
-that created this process.
-In other words, the signal will be sent when that thread terminates
-(via, for example,
-.BR pthread_exit (3)),
-rather than after all of the threads in the parent process terminate.
-.IP
-The parent-death signal is sent upon subsequent termination of the parent
-thread and also upon termination of each subreaper process
-(see the description of
-.B PR_SET_CHILD_SUBREAPER
-above) to which the caller is subsequently reparented.
-If the parent thread and all ancestor subreapers have already terminated
-by the time of the
-.B PR_SET_PDEATHSIG
-operation, then no parent-death signal is sent to the caller.
-.IP
-The parent-death signal is process-directed (see
-.BR signal (7))
-and, if the child installs a handler using the
-.BR sigaction (2)
-.B SA_SIGINFO
-flag, the
-.I si_pid
-field of the
-.I siginfo_t
-argument of the handler contains the PID of the terminating parent process.
-.IP
-The parent-death signal setting is cleared for the child of a
-.BR fork (2).
-It is also
-(since Linux 2.4.36 / 2.6.23)
-.\" commit d2d56c5f51028cb9f3d800882eb6f4cbd3f9099f
-cleared when executing a set-user-ID or set-group-ID binary,
-or a binary that has associated capabilities (see
-.BR capabilities (7));
-otherwise, this value is preserved across
-.BR execve (2).
-The parent-death signal setting is also cleared upon changes to
-any of the following thread credentials:
-.\" FIXME capability changes can also trigger this; see
-.\" kernel/cred.c::commit_creds in the Linux 5.6 source.
-effective user ID, effective group ID, filesystem user ID,
-or filesystem group ID.
-.\" prctl PR_GET_PDEATHSIG
-.TP
-.BR PR_GET_PDEATHSIG " (since Linux 2.3.15)"
-Return the current value of the parent process death signal,
-in the location pointed to by
-.IR "(int\~*) arg2" .
-.\" prctl PR_SET_PTRACER
-.TP
-.BR PR_SET_PTRACER " (since Linux 3.4)"
-.\" commit 2d514487faf188938a4ee4fb3464eeecfbdcf8eb
-.\" commit bf06189e4d14641c0148bea16e9dd24943862215
-This is meaningful only when the Yama LSM is enabled and in mode 1
-("restricted ptrace", visible via
-.IR /proc/sys/kernel/yama/ptrace_scope ).
-When a "ptracer process ID" is passed in \fIarg2\fP,
-the caller is declaring that the ptracer process can
-.BR ptrace (2)
-the calling process as if it were a direct process ancestor.
-Each
-.B PR_SET_PTRACER
-operation replaces the previous "ptracer process ID".
-Employing
-.B PR_SET_PTRACER
-with
-.I arg2
-set to 0 clears the caller's "ptracer process ID".
-If
-.I arg2
-is
-.BR PR_SET_PTRACER_ANY ,
-the ptrace restrictions introduced by Yama are effectively disabled for the
-calling process.
-.IP
-For further information, see the kernel source file
-.I Documentation/admin\-guide/LSM/Yama.rst
-.\" commit 90bb766440f2147486a2acc3e793d7b8348b0c22
-(or
-.I Documentation/security/Yama.txt
-before Linux 4.13).
-.\" prctl PR_SET_SECCOMP
-.TP
-.BR PR_SET_SECCOMP " (since Linux 2.6.23)"
-.\" See http://thread.gmane.org/gmane.linux.kernel/542632
-.\" [PATCH 0 of 2] seccomp updates
-.\" andrea@cpushare.com
-Set the secure computing (seccomp) mode for the calling thread, to limit
-the available system calls.
-The more recent
-.BR seccomp (2)
-system call provides a superset of the functionality of
-.BR PR_SET_SECCOMP ,
-and is the preferred interface for new applications.
-.IP
-The seccomp mode is selected via
-.IR arg2 .
-(The seccomp constants are defined in
-.IR <linux/seccomp.h> .)
-The following values can be specified:
-.RS
-.TP
-.BR SECCOMP_MODE_STRICT " (since Linux 2.6.23)"
-See the description of
-.B SECCOMP_SET_MODE_STRICT
-in
-.BR seccomp (2).
-.IP
-This operation is available only
-if the kernel is configured with
-.B CONFIG_SECCOMP
-enabled.
-.TP
-.BR SECCOMP_MODE_FILTER " (since Linux 3.5)"
-The allowed system calls are defined by a pointer
-to a Berkeley Packet Filter passed in
-.IR arg3 .
-This argument is a pointer to
-.IR "struct sock_fprog" ;
-it can be designed to filter
-arbitrary system calls and system call arguments.
-See the description of
-.B SECCOMP_SET_MODE_FILTER
-in
-.BR seccomp (2).
-.IP
-This operation is available only
-if the kernel is configured with
-.B CONFIG_SECCOMP_FILTER
-enabled.
-.RE
-.IP
-For further details on seccomp filtering, see
-.BR seccomp (2).
-.\" prctl PR_GET_SECCOMP
-.TP
-.BR PR_GET_SECCOMP " (since Linux 2.6.23)"
-Return (as the function result)
-the secure computing mode of the calling thread.
-If the caller is not in secure computing mode, this operation returns 0;
-if the caller is in strict secure computing mode, then the
-.BR prctl ()
-call will cause a
-.B SIGKILL
-signal to be sent to the process.
-If the caller is in filter mode, and this system call is allowed by the
-seccomp filters, it returns 2; otherwise, the process is killed with a
-.B SIGKILL
-signal.
-.IP
-This operation is available only
-if the kernel is configured with
-.B CONFIG_SECCOMP
-enabled.
-.IP
-Since Linux 3.8, the
-.I Seccomp
-field of the
-.IR /proc/ pid /status
-file provides a method of obtaining the same information,
-without the risk that the process is killed; see
-.BR proc (5).
-.\" prctl PR_SET_SECUREBITS
-.TP
-.BR PR_SET_SECUREBITS " (since Linux 2.6.26)"
-Set the "securebits" flags of the calling thread to the value supplied in
-.IR arg2 .
-See
-.BR capabilities (7).
-.\" prctl PR_GET_SECUREBITS
-.TP
-.BR PR_GET_SECUREBITS " (since Linux 2.6.26)"
-Return (as the function result)
-the "securebits" flags of the calling thread.
-See
-.BR capabilities (7).
-.\" prctl PR_GET_SPECULATION_CTRL
-.TP
-.BR PR_GET_SPECULATION_CTRL " (since Linux 4.17)"
-Return (as the function result)
-the state of the speculation misfeature specified in
-.IR arg2 .
-Currently, the only permitted value for this argument is
-.B PR_SPEC_STORE_BYPASS
-(otherwise the call fails with the error
-.BR ENODEV ).
-.IP
-The return value uses bits 0-3 with the following meaning:
-.RS
-.TP
-.B PR_SPEC_PRCTL
-Mitigation can be controlled per thread by
-.BR PR_SET_SPECULATION_CTRL .
-.TP
-.B PR_SPEC_ENABLE
-The speculation feature is enabled, mitigation is disabled.
-.TP
-.B PR_SPEC_DISABLE
-The speculation feature is disabled, mitigation is enabled.
-.TP
-.B PR_SPEC_FORCE_DISABLE
-Same as
-.B PR_SPEC_DISABLE
-but cannot be undone.
-.TP
-.BR PR_SPEC_DISABLE_NOEXEC " (since Linux 5.1)"
-Same as
-.BR PR_SPEC_DISABLE ,
-but the state will be cleared on
-.BR execve (2).
-.RE
-.IP
-If all bits are 0,
-then the CPU is not affected by the speculation misfeature.
-.IP
-If
-.B PR_SPEC_PRCTL
-is set, then per-thread control of the mitigation is available.
-If not set,
-.BR prctl ()
-for the speculation misfeature will fail.
-.IP
-The
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-arguments must be specified as 0; otherwise the call fails with the error
-.BR EINVAL .
-.\" prctl PR_SET_SPECULATION_CTRL
-.TP
-.BR PR_SET_SPECULATION_CTRL " (since Linux 4.17)"
-.\" commit b617cfc858161140d69cc0b5cc211996b557a1c7
-.\" commit 356e4bfff2c5489e016fdb925adbf12a1e3950ee
-Sets the state of the speculation misfeature specified in
-.IR arg2 .
-The speculation-misfeature settings are per-thread attributes.
-.IP
-Currently,
-.I arg2
-must be one of:
-.RS
-.TP
-.B PR_SPEC_STORE_BYPASS
-Set the state of the speculative store bypass misfeature.
-.\" commit 9137bb27e60e554dab694eafa4cca241fa3a694f
-.TP
-.BR PR_SPEC_INDIRECT_BRANCH " (since Linux 4.20)"
-Set the state of the indirect branch speculation misfeature.
-.RE
-.IP
-If
-.I arg2
-does not have one of the above values,
-then the call fails with the error
-.BR ENODEV .
-.IP
-The
-.I arg3
-argument is used to hand in the control value,
-which is one of the following:
-.RS
-.TP
-.B PR_SPEC_ENABLE
-The speculation feature is enabled, mitigation is disabled.
-.TP
-.B PR_SPEC_DISABLE
-The speculation feature is disabled, mitigation is enabled.
-.TP
-.B PR_SPEC_FORCE_DISABLE
-Same as
-.BR PR_SPEC_DISABLE ,
-but cannot be undone.
-A subsequent
-.BR prctl (\c
-.IR arg2 ,
-.BR PR_SPEC_ENABLE )
-with the same value for
-.I arg2
-will fail with the error
-.BR EPERM .
-.\" commit 71368af9027f18fe5d1c6f372cfdff7e4bde8b48
-.TP
-.BR PR_SPEC_DISABLE_NOEXEC " (since Linux 5.1)"
-Same as
-.BR PR_SPEC_DISABLE ,
-but the state will be cleared on
-.BR execve (2).
-Currently only supported for
-.I arg2
-equal to
-.B PR_SPEC_STORE_BYPASS.
-.RE
-.IP
-Any unsupported value in
-.I arg3
-will result in the call failing with the error
-.BR ERANGE .
-.IP
-The
-.I arg4
-and
-.I arg5
-arguments must be specified as 0; otherwise the call fails with the error
-.BR EINVAL .
-.IP
-The speculation feature can also be controlled by the
-.B spec_store_bypass_disable
-boot parameter.
-This parameter may enforce a read-only policy which will result in the
-.BR prctl ()
-call failing with the error
-.BR ENXIO .
-For further details, see the kernel source file
-.IR Documentation/admin\-guide/kernel\-parameters.txt .
-.\" prctl PR_SVE_SET_VL
-.\" commit 2d2123bc7c7f843aa9db87720de159a049839862
-.\" linux-5.6/Documentation/arm64/sve.rst
-.TP
-.BR PR_SVE_SET_VL " (since Linux 4.15, only on arm64)"
-Configure the thread's SVE vector length,
-as specified by
-.IR "(int) arg2" .
-Arguments
-.IR arg3 ,
-.IR arg4 ,
-and
-.I arg5
-are ignored.
-.IP
-The bits of
-.I arg2
-corresponding to
-.B PR_SVE_VL_LEN_MASK
-must be set to the desired vector length in bytes.
-This is interpreted as an upper bound:
-the kernel will select the greatest available vector length
-that does not exceed the value specified.
-In particular, specifying
-.B SVE_VL_MAX
-(defined in
-.I <asm/sigcontext.h>)
-for the
-.B PR_SVE_VL_LEN_MASK
-bits requests the maximum supported vector length.
-.IP
-In addition, the other bits of
-.I arg2
-must be set to one of the following combinations of flags:
-.RS
-.TP
-.B 0
-Perform the change immediately.
-At the next
-.BR execve (2)
-in the thread,
-the vector length will be reset to the value configured in
-.IR /proc/sys/abi/sve_default_vector_length .
-.TP
-.B PR_SVE_VL_INHERIT
-Perform the change immediately.
-Subsequent
-.BR execve (2)
-calls will preserve the new vector length.
-.TP
-.B PR_SVE_SET_VL_ONEXEC
-Defer the change, so that it is performed at the next
-.BR execve (2)
-in the thread.
-Further
-.BR execve (2)
-calls will reset the vector length to the value configured in
-.IR /proc/sys/abi/sve_default_vector_length .
-.TP
-.B "PR_SVE_SET_VL_ONEXEC | PR_SVE_VL_INHERIT"
-Defer the change, so that it is performed at the next
-.BR execve (2)
-in the thread.
-Further
-.BR execve (2)
-calls will preserve the new vector length.
-.RE
-.IP
-In all cases,
-any previously pending deferred change is canceled.
-.IP
-The call fails with error
-.B EINVAL
-if SVE is not supported on the platform, if
-.I arg2
-is unrecognized or invalid, or the value in the bits of
-.I arg2
-corresponding to
-.B PR_SVE_VL_LEN_MASK
-is outside the range
-.BR SVE_VL_MIN .. SVE_VL_MAX
-or is not a multiple of 16.
-.IP
-On success,
-a nonnegative value is returned that describes the
-.I selected
-configuration.
-If
-.B PR_SVE_SET_VL_ONEXEC
-was included in
-.IR arg2 ,
-then the configuration described by the return value
-will take effect at the next
-.BR execve (2).
-Otherwise, the configuration is already in effect when the
-.B PR_SVE_SET_VL
-call returns.
-In either case, the value is encoded in the same way as the return value of
-.BR PR_SVE_GET_VL .
-Note that there is no explicit flag in the return value
-corresponding to
-.BR PR_SVE_SET_VL_ONEXEC .
-.IP
-The configuration (including any pending deferred change)
-is inherited across
-.BR fork (2)
-and
-.BR clone (2).
-.IP
-For more information, see the kernel source file
-.I Documentation/arm64/sve.rst
-.\"commit b693d0b372afb39432e1c49ad7b3454855bc6bed
-(or
-.I Documentation/arm64/sve.txt
-before Linux 5.3).
-.IP
-.B Warning:
-Because the compiler or run-time environment
-may be using SVE, using this call without the
-.B PR_SVE_SET_VL_ONEXEC
-flag may crash the calling process.
-The conditions for using it safely are complex and system-dependent.
-Don't use it unless you really know what you are doing.
-.\" prctl PR_SVE_GET_VL
-.TP
-.BR PR_SVE_GET_VL " (since Linux 4.15, only on arm64)"
-Get the thread's current SVE vector length configuration.
-.IP
-Arguments
-.IR arg2 ", " arg3 ", " arg4 ", and " arg5
-are ignored.
-.IP
-Provided that the kernel and platform support SVE,
-this operation always succeeds,
-returning a nonnegative value that describes the
-.I current
-configuration.
-The bits corresponding to
-.B PR_SVE_VL_LEN_MASK
-contain the currently configured vector length in bytes.
-The bit corresponding to
-.B PR_SVE_VL_INHERIT
-indicates whether the vector length will be inherited
-across
-.BR execve (2).
-.IP
-Note that there is no way to determine whether there is
-a pending vector length change that has not yet taken effect.
-.IP
-For more information, see the kernel source file
-.I Documentation/arm64/sve.rst
-.\"commit b693d0b372afb39432e1c49ad7b3454855bc6bed
-(or
-.I Documentation/arm64/sve.txt
-before Linux 5.3).
-.TP
-.\" prctl PR_SET_SYSCALL_USER_DISPATCH
-.\" commit 1446e1df9eb183fdf81c3f0715402f1d7595d4
-.BR PR_SET_SYSCALL_USER_DISPATCH " (since Linux 5.11, x86 only)"
-Configure the Syscall User Dispatch mechanism
-for the calling thread.
-This mechanism allows an application
-to selectively intercept system calls
-so that they can be handled within the application itself.
-Interception takes the form of a thread-directed
-.B SIGSYS
-signal that is delivered to the thread
-when it makes a system call.
-If intercepted,
-the system call is not executed by the kernel.
-.IP
-To enable this mechanism,
-.I arg2
-should be set to
-.BR PR_SYS_DISPATCH_ON .
-Once enabled, further system calls will be selectively intercepted,
-depending on a control variable provided by user space.
-In this case,
-.I arg3
-and
-.I arg4
-respectively identify the
-.I offset
-and
-.I length
-of a single contiguous memory region in the process address space
-from where system calls are always allowed to be executed,
-regardless of the control variable.
-(Typically, this area would include the area of memory
-containing the C library.)
-.IP
-.I arg5
-points to a char-sized variable
-that is a fast switch to allow/block system call execution
-without the overhead of doing another system call
-to re-configure Syscall User Dispatch.
-This control variable can either be set to
-.B SYSCALL_DISPATCH_FILTER_BLOCK
-to block system calls from executing
-or to
-.B SYSCALL_DISPATCH_FILTER_ALLOW
-to temporarily allow them to be executed.
-This value is checked by the kernel
-on every system call entry,
-and any unexpected value will raise
-an uncatchable
-.B SIGSYS
-at that time,
-killing the application.
-.IP
-When a system call is intercepted,
-the kernel sends a thread-directed
-.B SIGSYS
-signal to the triggering thread.
-Various fields will be set in the
-.I siginfo_t
-structure (see
-.BR sigaction (2))
-associated with the signal:
-.RS
-.IP \[bu] 3
-.I si_signo
-will contain
-.BR SIGSYS .
-.IP \[bu]
-.I si_call_addr
-will show the address of the system call instruction.
-.IP \[bu]
-.I si_syscall
-and
-.I si_arch
-will indicate which system call was attempted.
-.IP \[bu]
-.I si_code
-will contain
-.BR SYS_USER_DISPATCH .
-.IP \[bu]
-.I si_errno
-will be set to 0.
-.RE
-.IP
-The program counter will be as though the system call happened
-(i.e., the program counter will not point to the system call instruction).
-.IP
-When the signal handler returns to the kernel,
-the system call completes immediately
-and returns to the calling thread,
-without actually being executed.
-If necessary
-(i.e., when emulating the system call on user space.),
-the signal handler should set the system call return value
-to a sane value,
-by modifying the register context stored in the
-.I ucontext
-argument of the signal handler.
-See
-.BR sigaction (2),
-.BR sigreturn (2),
-and
-.BR getcontext (3)
-for more information.
-.IP
-If
-.I arg2
-is set to
-.BR PR_SYS_DISPATCH_OFF ,
-Syscall User Dispatch is disabled for that thread.
-the remaining arguments must be set to 0.
-.IP
-The setting is not preserved across
-.BR fork (2),
-.BR clone (2),
-or
-.BR execve (2).
-.IP
-For more information,
-see the kernel source file
-.I Documentation/admin\-guide/syscall\-user\-dispatch.rst
-.\" prctl PR_SET_TAGGED_ADDR_CTRL
-.\" commit 63f0c60379650d82250f22e4cf4137ef3dc4f43d
-.TP
-.BR PR_SET_TAGGED_ADDR_CTRL " (since Linux 5.4, only on arm64)"
-Controls support for passing tagged user-space addresses to the kernel
-(i.e., addresses where bits 56\[em]63 are not all zero).
-.IP
-The level of support is selected by
-.IR "arg2" ,
-which can be one of the following:
-.RS
-.TP
-.B 0
-Addresses that are passed
-for the purpose of being dereferenced by the kernel
-must be untagged.
-.TP
-.B PR_TAGGED_ADDR_ENABLE
-Addresses that are passed
-for the purpose of being dereferenced by the kernel
-may be tagged, with the exceptions summarized below.
-.RE
-.IP
-The remaining arguments
-.IR arg3 ", " arg4 ", and " arg5
-must all be zero.
-.\" Enforcement added in
-.\" commit 3e91ec89f527b9870fe42dcbdb74fd389d123a95
-.IP
-On success, the mode specified in
-.I arg2
-is set for the calling thread and the return value is 0.
-If the arguments are invalid,
-the mode specified in
-.I arg2
-is unrecognized,
-or if this feature is unsupported by the kernel
-or disabled via
-.IR /proc/sys/abi/tagged_addr_disabled ,
-the call fails with the error
-.BR EINVAL .
-.IP
-In particular, if
-.BR prctl ( PR_SET_TAGGED_ADDR_CTRL ,
-0, 0, 0, 0)
-fails with
-.BR EINVAL ,
-then all addresses passed to the kernel must be untagged.
-.IP
-Irrespective of which mode is set,
-addresses passed to certain interfaces
-must always be untagged:
-.RS
-.IP \[bu] 3
-.BR brk (2),
-.BR mmap (2),
-.BR shmat (2),
-.BR shmdt (2),
-and the
-.I new_address
-argument of
-.BR mremap (2).
-.IP
-(Prior to Linux 5.6 these accepted tagged addresses,
-but the behaviour may not be what you expect.
-Don't rely on it.)
-.IP \[bu]
-\[oq]polymorphic\[cq] interfaces
-that accept pointers to arbitrary types cast to a
-.I void *
-or other generic type, specifically
-.BR prctl (),
-.BR ioctl (2),
-and in general
-.BR setsockopt (2)
-(only certain specific
-.BR setsockopt (2)
-options allow tagged addresses).
-.RE
-.IP
-This list of exclusions may shrink
-when moving from one kernel version to a later kernel version.
-While the kernel may make some guarantees
-for backwards compatibility reasons,
-for the purposes of new software
-the effect of passing tagged addresses to these interfaces
-is unspecified.
-.IP
-The mode set by this call is inherited across
-.BR fork (2)
-and
-.BR clone (2).
-The mode is reset by
-.BR execve (2)
-to 0
-(i.e., tagged addresses not permitted in the user/kernel ABI).
-.IP
-For more information, see the kernel source file
-.IR Documentation/arm64/tagged\-address\-abi.rst .
-.IP
-.B Warning:
-This call is primarily intended for use by the run-time environment.
-A successful
-.B PR_SET_TAGGED_ADDR_CTRL
-call elsewhere may crash the calling process.
-The conditions for using it safely are complex and system-dependent.
-Don't use it unless you know what you are doing.
-.\" prctl PR_GET_TAGGED_ADDR_CTRL
-.\" commit 63f0c60379650d82250f22e4cf4137ef3dc4f43d
-.TP
-.BR PR_GET_TAGGED_ADDR_CTRL " (since Linux 5.4, only on arm64)"
-Returns the current tagged address mode
-for the calling thread.
-.IP
-Arguments
-.IR arg2 ", " arg3 ", " arg4 ", and " arg5
-must all be zero.
-.IP
-If the arguments are invalid
-or this feature is disabled or unsupported by the kernel,
-the call fails with
-.BR EINVAL .
-In particular, if
-.BR prctl ( PR_GET_TAGGED_ADDR_CTRL ,
-0, 0, 0, 0)
-fails with
-.BR EINVAL ,
-then this feature is definitely either unsupported,
-or disabled via
-.IR /proc/sys/abi/tagged_addr_disabled .
-In this case,
-all addresses passed to the kernel must be untagged.
-.IP
-Otherwise, the call returns a nonnegative value
-describing the current tagged address mode,
-encoded in the same way as the
-.I arg2
-argument of
-.BR PR_SET_TAGGED_ADDR_CTRL .
-.IP
-For more information, see the kernel source file
-.IR Documentation/arm64/tagged\-address\-abi.rst .
-.\"
-.\" prctl PR_TASK_PERF_EVENTS_DISABLE
-.TP
-.BR PR_TASK_PERF_EVENTS_DISABLE " (since Linux 2.6.31)"
-Disable all performance counters attached to the calling process,
-regardless of whether the counters were created by
-this process or another process.
-Performance counters created by the calling process for other
-processes are unaffected.
-For more information on performance counters, see the Linux kernel source file
-.IR tools/perf/design.txt .
-.IP
-Originally called
-.BR PR_TASK_PERF_COUNTERS_DISABLE ;
-.\" commit 1d1c7ddbfab358445a542715551301b7fc363e28
-renamed (retaining the same numerical value)
-in Linux 2.6.32.
-.\"
-.\" prctl PR_TASK_PERF_EVENTS_ENABLE
-.TP
-.BR PR_TASK_PERF_EVENTS_ENABLE " (since Linux 2.6.31)"
-The converse of
-.BR PR_TASK_PERF_EVENTS_DISABLE ;
-enable performance counters attached to the calling process.
-.IP
-Originally called
-.BR PR_TASK_PERF_COUNTERS_ENABLE ;
-.\" commit 1d1c7ddbfab358445a542715551301b7fc363e28
-renamed
-.\" commit cdd6c482c9ff9c55475ee7392ec8f672eddb7be6
-in Linux 2.6.32.
-.\"
-.\" prctl PR_SET_THP_DISABLE
-.TP
-.BR PR_SET_THP_DISABLE " (since Linux 3.15)"
-.\" commit a0715cc22601e8830ace98366c0c2bd8da52af52
-Set the state of the "THP disable" flag for the calling thread.
-If
-.I arg2
-has a nonzero value, the flag is set, otherwise it is cleared.
-Setting this flag provides a method
-for disabling transparent huge pages
-for jobs where the code cannot be modified, and using a malloc hook with
-.BR madvise (2)
-is not an option (i.e., statically allocated data).
-The setting of the "THP disable" flag is inherited by a child created via
-.BR fork (2)
-and is preserved across
-.BR execve (2).
-.\" prctl PR_GET_THP_DISABLE
-.TP
-.BR PR_GET_THP_DISABLE " (since Linux 3.15)"
-Return (as the function result) the current setting of the "THP disable"
-flag for the calling thread:
-either 1, if the flag is set, or 0, if it is not.
-.\" prctl PR_GET_TID_ADDRESS
-.TP
-.BR PR_GET_TID_ADDRESS " (since Linux 3.5)"
-.\" commit 300f786b2683f8bb1ec0afb6e1851183a479c86d
-Return the
-.I clear_child_tid
-address set by
-.BR set_tid_address (2)
-and the
-.BR clone (2)
-.B CLONE_CHILD_CLEARTID
-flag, in the location pointed to by
-.IR "(int\~**)\~arg2" .
-This feature is available only if the kernel is built with the
-.B CONFIG_CHECKPOINT_RESTORE
-option enabled.
-Note that since the
-.BR prctl ()
-system call does not have a compat implementation for
-the AMD64 x32 and MIPS n32 ABIs,
-and the kernel writes out a pointer using the kernel's pointer size,
-this operation expects a user-space buffer of 8 (not 4) bytes on these ABIs.
-.\" prctl PR_SET_TIMERSLACK
-.TP
-.BR PR_SET_TIMERSLACK " (since Linux 2.6.28)"
-.\" See https://lwn.net/Articles/369549/
-.\" commit 6976675d94042fbd446231d1bd8b7de71a980ada
-Each thread has two associated timer slack values:
-a "default" value, and a "current" value.
-This operation sets the "current" timer slack value for the calling thread.
-.I arg2
-is an unsigned long value, then maximum "current" value is ULONG_MAX and
-the minimum "current" value is 1.
-If the nanosecond value supplied in
-.I arg2
-is greater than zero, then the "current" value is set to this value.
-If
-.I arg2
-is equal to zero,
-the "current" timer slack is reset to the
-thread's "default" timer slack value.
-.IP
-The "current" timer slack is used by the kernel to group timer expirations
-for the calling thread that are close to one another;
-as a consequence, timer expirations for the thread may be
-up to the specified number of nanoseconds late (but will never expire early).
-Grouping timer expirations can help reduce system power consumption
-by minimizing CPU wake-ups.
-.IP
-The timer expirations affected by timer slack are those set by
-.BR select (2),
-.BR pselect (2),
-.BR poll (2),
-.BR ppoll (2),
-.BR epoll_wait (2),
-.BR epoll_pwait (2),
-.BR clock_nanosleep (2),
-.BR nanosleep (2),
-and
-.BR futex (2)
-(and thus the library functions implemented via futexes, including
-.\" List obtained by grepping for futex usage in glibc source
-.BR pthread_cond_timedwait (3),
-.BR pthread_mutex_timedlock (3),
-.BR pthread_rwlock_timedrdlock (3),
-.BR pthread_rwlock_timedwrlock (3),
-and
-.BR sem_timedwait (3)).
-.IP
-Timer slack is not applied to threads that are scheduled under
-a real-time scheduling policy (see
-.BR sched_setscheduler (2)).
-.IP
-When a new thread is created,
-the two timer slack values are made the same as the "current" value
-of the creating thread.
-Thereafter, a thread can adjust its "current" timer slack value via
-.BR PR_SET_TIMERSLACK .
-The "default" value can't be changed.
-The timer slack values of
-.I init
-(PID 1), the ancestor of all processes,
-are 50,000 nanoseconds (50 microseconds).
-The timer slack value is inherited by a child created via
-.BR fork (2),
-and is preserved across
-.BR execve (2).
-.IP
-Since Linux 4.6, the "current" timer slack value of any process
-can be examined and changed via the file
-.IR /proc/ pid /timerslack_ns .
-See
-.BR proc (5).
-.\" prctl PR_GET_TIMERSLACK
-.TP
-.BR PR_GET_TIMERSLACK " (since Linux 2.6.28)"
-Return (as the function result)
-the "current" timer slack value of the calling thread.
-.\" prctl PR_SET_TIMING
-.TP
-.BR PR_SET_TIMING " (since Linux 2.6.0)"
-.\" Precisely: Linux 2.6.0-test4
-Set whether to use (normal, traditional) statistical process timing or
-accurate timestamp-based process timing, by passing
-.B PR_TIMING_STATISTICAL
-.\" 0
-or
-.B PR_TIMING_TIMESTAMP
-.\" 1
-to \fIarg2\fP.
-.B PR_TIMING_TIMESTAMP
-is not currently implemented
-(attempting to set this mode will yield the error
-.BR EINVAL ).
-.\" PR_TIMING_TIMESTAMP doesn't do anything in Linux 2.6.26-rc8,
-.\" and looking at the patch history, it appears
-.\" that it never did anything.
-.\" prctl PR_GET_TIMING
-.TP
-.BR PR_GET_TIMING " (since Linux 2.6.0)"
-.\" Precisely: Linux 2.6.0-test4
-Return (as the function result) which process timing method is currently
-in use.
-.\" prctl PR_SET_TSC
-.TP
-.BR PR_SET_TSC " (since Linux 2.6.26, x86 only)"
-Set the state of the flag determining whether the timestamp counter
-can be read by the process.
-Pass
-.B PR_TSC_ENABLE
-to
-.I arg2
-to allow it to be read, or
-.B PR_TSC_SIGSEGV
-to generate a
-.B SIGSEGV
-when the process tries to read the timestamp counter.
-.\" prctl PR_GET_TSC
-.TP
-.BR PR_GET_TSC " (since Linux 2.6.26, x86 only)"
-Return the state of the flag determining whether the timestamp counter
-can be read,
-in the location pointed to by
-.IR "(int\~*) arg2" .
-.\" prctl PR_SET_UNALIGN
-.TP
-.B PR_SET_UNALIGN
-(Only on: ia64, since Linux 2.3.48; parisc, since Linux 2.6.15;
-PowerPC, since Linux 2.6.18; Alpha, since Linux 2.6.22;
-.\" sh: 94ea5e449ae834af058ef005d16a8ad44fcf13d6
-.\" tile: 2f9ac29eec71a696cb0dcc5fb82c0f8d4dac28c9
-sh, since Linux 2.6.34; tile, since Linux 3.12)
-Set unaligned access control bits to \fIarg2\fP.
-Pass
-\fBPR_UNALIGN_NOPRINT\fP to silently fix up unaligned user accesses,
-or \fBPR_UNALIGN_SIGBUS\fP to generate
-.B SIGBUS
-on unaligned user access.
-Alpha also supports an additional flag with the value
-of 4 and no corresponding named constant,
-which instructs kernel to not fix up
-unaligned accesses (it is analogous to providing the
-.B UAC_NOFIX
-flag in
-.B SSI_NVPAIRS
-operation of the
-.BR setsysinfo ()
-system call on Tru64).
-.\" prctl PR_GET_UNALIGN
-.TP
-.B PR_GET_UNALIGN
-(See
-.B PR_SET_UNALIGN
-for information on versions and architectures.)
-Return unaligned access control bits, in the location pointed to by
-.IR "(unsigned int\~*) arg2" .
-.\" prctl PR_GET_AUXV
-.TP
-.BR PR_GET_AUXV " (since Linux 6.4)"
-Get the auxiliary vector (auxv) into the buffer pointed to by
-.IR "(void\~*) arg2" ,
-whose length is given by \fIarg3\fP.
-If the buffer is not long enough for the full auxiliary vector,
-the copy will be truncated.
-Return (as the function result)
-the full length of the auxiliary vector.
-\fIarg4\fP and \fIarg5\fP must be 0.
-.TP
-.BR PR_SET_MDWE " (since Linux 6.3)"
-.\" commit b507808ebce23561d4ff8c2aa1fb949fe402bc61
-Set the calling process' Memory-Deny-Write-Execute protection mask.
-Once protection bits are set,
-they can not be changed.
-.I arg2
-must be a bit mask of:
-.RS
-.TP
-.B PR_MDWE_REFUSE_EXEC_GAIN
-New memory mapping protections can't be writable and executable.
-Non-executable mappings can't become executable.
-.TP
-.B PR_MDWE_NO_INHERIT " (since Linux 6.6)"
-.\" commit 2a87e5520554034e8c423479740f95bea4a086a0
-Do not propagate MDWE protection to child processes on
-.BR fork (2).
-Setting this bit requires setting
-.B PR_MDWE_REFUSE_EXEC_GAIN
-too.
-.RE
-.TP
-.BR PR_GET_MDWE " (since Linux 6.3)"
-.\" commit b507808ebce23561d4ff8c2aa1fb949fe402bc61
-Return (as the function result) the Memory-Deny-Write-Execute protection mask
-of the calling process.
-(See
-.B PR_SET_MDWE
-for information on the protection mask bits.)
-.SH RETURN VALUE
-On success,
-.BR PR_CAP_AMBIENT + PR_CAP_AMBIENT_IS_SET ,
-.BR PR_CAPBSET_READ ,
-.BR PR_GET_DUMPABLE ,
-.BR PR_GET_FP_MODE ,
-.BR PR_GET_IO_FLUSHER ,
-.BR PR_GET_KEEPCAPS ,
-.BR PR_MCE_KILL_GET ,
-.BR PR_GET_NO_NEW_PRIVS ,
-.BR PR_GET_SECUREBITS ,
-.BR PR_GET_SPECULATION_CTRL ,
-.BR PR_SVE_GET_VL ,
-.BR PR_SVE_SET_VL ,
-.BR PR_GET_TAGGED_ADDR_CTRL ,
-.BR PR_GET_THP_DISABLE ,
-.BR PR_GET_TIMING ,
-.BR PR_GET_TIMERSLACK ,
-.BR PR_GET_AUXV ,
-and (if it returns)
-.B PR_GET_SECCOMP
-return the nonnegative values described above.
-All other
-.I op
-values return 0 on success.
-On error, \-1 is returned, and
-.I errno
-is set to indicate the error.
-.SH ERRORS
-.TP
-.B EACCES
-.I op
-is
-.B PR_SET_SECCOMP
-and
-.I arg2
-is
-.BR SECCOMP_MODE_FILTER ,
-but the process does not have the
-.B CAP_SYS_ADMIN
-capability or has not set the
-.I no_new_privs
-attribute (see the discussion of
-.B PR_SET_NO_NEW_PRIVS
-above).
-.TP
-.B EACCES
-.I op
-is
-.BR PR_SET_MM ,
-and
-.I arg3
-is
-.BR PR_SET_MM_EXE_FILE ,
-the file is not executable.
-.TP
-.B EBADF
-.I op
-is
-.BR PR_SET_MM ,
-.I arg3
-is
-.BR PR_SET_MM_EXE_FILE ,
-and the file descriptor passed in
-.I arg4
-is not valid.
-.TP
-.B EBUSY
-.I op
-is
-.BR PR_SET_MM ,
-.I arg3
-is
-.BR PR_SET_MM_EXE_FILE ,
-and this the second attempt to change the
-.IR /proc/ pid /exe
-symbolic link, which is prohibited.
-.TP
-.B EFAULT
-.I arg2
-is an invalid address.
-.TP
-.B EFAULT
-.I op
-is
-.BR PR_SET_SECCOMP ,
-.I arg2
-is
-.BR SECCOMP_MODE_FILTER ,
-the system was built with
-.BR CONFIG_SECCOMP_FILTER ,
-and
-.I arg3
-is an invalid address.
-.TP
-.B EFAULT
-.I op
-is
-.B PR_SET_SYSCALL_USER_DISPATCH
-and
-.I arg5
-has an invalid address.
-.TP
-.B EINVAL
-The value of
-.I op
-is not recognized,
-or not supported on this system.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_MCE_KILL
-or
-.B PR_MCE_KILL_GET
-or
-.BR PR_SET_MM ,
-and unused
-.BR prctl ()
-arguments were not specified as zero.
-.TP
-.B EINVAL
-.I arg2
-is not valid value for this
-.IR op .
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_SECCOMP
-or
-.BR PR_GET_SECCOMP ,
-and the kernel was not configured with
-.BR CONFIG_SECCOMP .
-.TP
-.B EINVAL
-.I op
-is
-.BR PR_SET_SECCOMP ,
-.I arg2
-is
-.BR SECCOMP_MODE_FILTER ,
-and the kernel was not configured with
-.BR CONFIG_SECCOMP_FILTER .
-.TP
-.B EINVAL
-.I op
-is
-.BR PR_SET_MM ,
-and one of the following is true
-.RS
-.IP \[bu] 3
-.I arg4
-or
-.I arg5
-is nonzero;
-.IP \[bu]
-.I arg3
-is greater than
-.B TASK_SIZE
-(the limit on the size of the user address space for this architecture);
-.IP \[bu]
-.I arg2
-is
-.BR PR_SET_MM_START_CODE ,
-.BR PR_SET_MM_END_CODE ,
-.BR PR_SET_MM_START_DATA ,
-.BR PR_SET_MM_END_DATA ,
-or
-.BR PR_SET_MM_START_STACK ,
-and the permissions of the corresponding memory area are not as required;
-.IP \[bu]
-.I arg2
-is
-.B PR_SET_MM_START_BRK
-or
-.BR PR_SET_MM_BRK ,
-and
-.I arg3
-is less than or equal to the end of the data segment
-or specifies a value that would cause the
-.B RLIMIT_DATA
-resource limit to be exceeded.
-.RE
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_PTRACER
-and
-.I arg2
-is not 0,
-.BR PR_SET_PTRACER_ANY ,
-or the PID of an existing process.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_PDEATHSIG
-and
-.I arg2
-is not a valid signal number.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_DUMPABLE
-and
-.I arg2
-is neither
-.B SUID_DUMP_DISABLE
-nor
-.BR SUID_DUMP_USER .
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_TIMING
-and
-.I arg2
-is not
-.BR PR_TIMING_STATISTICAL .
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_NO_NEW_PRIVS
-and
-.I arg2
-is not equal to 1
-or
-.IR arg3 ,
-.IR arg4 ,
-or
-.I arg5
-is nonzero.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_GET_NO_NEW_PRIVS
-and
-.IR arg2 ,
-.IR arg3 ,
-.IR arg4 ,
-or
-.I arg5
-is nonzero.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_THP_DISABLE
-and
-.IR arg3 ,
-.IR arg4 ,
-or
-.I arg5
-is nonzero.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_GET_THP_DISABLE
-and
-.IR arg2 ,
-.IR arg3 ,
-.IR arg4 ,
-or
-.I arg5
-is nonzero.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_CAP_AMBIENT
-and an unused argument
-.RI ( arg4 ,
-.IR arg5 ,
-or,
-in the case of
-.BR PR_CAP_AMBIENT_CLEAR_ALL ,
-.IR arg3 )
-is nonzero; or
-.I arg2
-has an invalid value;
-or
-.I arg2
-is
-.BR PR_CAP_AMBIENT_LOWER ,
-.BR PR_CAP_AMBIENT_RAISE ,
-or
-.B PR_CAP_AMBIENT_IS_SET
-and
-.I arg3
-does not specify a valid capability.
-.TP
-.B EINVAL
-.I op
-was
-.B PR_GET_SPECULATION_CTRL
-or
-.B PR_SET_SPECULATION_CTRL
-and unused arguments to
-.BR prctl ()
-are not 0.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_PAC_RESET_KEYS
-and the arguments are invalid or unsupported.
-See the description of
-.B PR_PAC_RESET_KEYS
-above for details.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SVE_SET_VL
-and the arguments are invalid or unsupported,
-or SVE is not available on this platform.
-See the description of
-.B PR_SVE_SET_VL
-above for details.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SVE_GET_VL
-and SVE is not available on this platform.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_SYSCALL_USER_DISPATCH
-and one of the following is true:
-.RS
-.IP \[bu] 3
-.I arg2
-is
-.B PR_SYS_DISPATCH_OFF
-and the remaining arguments are not 0;
-.IP \[bu]
-.I arg2
-is
-.B PR_SYS_DISPATCH_ON
-and the memory range specified is outside the
-address space of the process.
-.IP \[bu]
-.I arg2
-is invalid.
-.RE
-.TP
-.B EINVAL
-.I op
-is
-.B PR_SET_TAGGED_ADDR_CTRL
-and the arguments are invalid or unsupported.
-See the description of
-.B PR_SET_TAGGED_ADDR_CTRL
-above for details.
-.TP
-.B EINVAL
-.I op
-is
-.B PR_GET_TAGGED_ADDR_CTRL
-and the arguments are invalid or unsupported.
-See the description of
-.B PR_GET_TAGGED_ADDR_CTRL
-above for details.
-.TP
-.B ENODEV
-.I op
-was
-.B PR_SET_SPECULATION_CTRL
-the kernel or CPU does not support the requested speculation misfeature.
-.TP
-.B ENXIO
-.I op
-was
-.B PR_MPX_ENABLE_MANAGEMENT
-or
-.B PR_MPX_DISABLE_MANAGEMENT
-and the kernel or the CPU does not support MPX management.
-Check that the kernel and processor have MPX support.
-.TP
-.B ENXIO
-.I op
-was
-.B PR_SET_SPECULATION_CTRL
-implies that the control of the selected speculation misfeature is not possible.
-See
-.B PR_GET_SPECULATION_CTRL
-for the bit fields to determine which option is available.
-.TP
-.B EOPNOTSUPP
-.I op
-is
-.B PR_SET_FP_MODE
-and
-.I arg2
-has an invalid or unsupported value.
-.TP
-.B EPERM
-.I op
-is
-.BR PR_SET_SECUREBITS ,
-and the caller does not have the
-.B CAP_SETPCAP
-capability,
-or tried to unset a "locked" flag,
-or tried to set a flag whose corresponding locked flag was set
-(see
-.BR capabilities (7)).
-.TP
-.B EPERM
-.I op
-is
-.B PR_SET_SPECULATION_CTRL
-wherein the speculation was disabled with
-.B PR_SPEC_FORCE_DISABLE
-and caller tried to enable it again.
-.TP
-.B EPERM
-.I op
-is
-.BR PR_SET_KEEPCAPS ,
-and the caller's
-.B SECBIT_KEEP_CAPS_LOCKED
-flag is set
-(see
-.BR capabilities (7)).
-.TP
-.B EPERM
-.I op
-is
-.BR PR_CAPBSET_DROP ,
-and the caller does not have the
-.B CAP_SETPCAP
-capability.
-.TP
-.B EPERM
-.I op
-is
-.BR PR_SET_MM ,
-and the caller does not have the
-.B CAP_SYS_RESOURCE
-capability.
-.TP
-.B EPERM
-.I op
-is
-.B PR_CAP_AMBIENT
-and
-.I arg2
-is
-.BR PR_CAP_AMBIENT_RAISE ,
-but either the capability specified in
-.I arg3
-is not present in the process's permitted and inheritable capability sets,
-or the
-.B PR_CAP_AMBIENT_LOWER
-securebit has been set.
-.TP
-.B ERANGE
-.I op
-was
-.B PR_SET_SPECULATION_CTRL
-and
-.I arg3
-is not
-.BR PR_SPEC_ENABLE ,
-.BR PR_SPEC_DISABLE ,
-.BR PR_SPEC_FORCE_DISABLE ,
-nor
-.BR PR_SPEC_DISABLE_NOEXEC .
-.SH VERSIONS
-IRIX has a
-.BR prctl ()
-system call (also introduced in Linux 2.1.44
-as irix_prctl on the MIPS architecture),
-with prototype
-.P
-.in +4n
-.EX
-.BI "ptrdiff_t prctl(int " op ", int " arg2 ", int " arg3 );
-.EE
-.in
-.P
-and operations to get the maximum number of processes per user,
-get the maximum number of processors the calling process can use,
-find out whether a specified process is currently blocked,
-get or set the maximum stack size, and so on.
-.SH STANDARDS
-Linux.
-.SH HISTORY
-Linux 2.1.57,
-glibc 2.0.6
-.SH SEE ALSO
-.BR signal (2),
-.BR core (5)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 19:10:08 +0000