Denys Vlasenko [Wed, 11 Feb 2015 13:20:35 +0000 (14:20 +0100)]
ptrace.2: Add information on PTRACE_SEIZE versus PTRACE_ATTACH differences
Extend description of PTRACE_SEIZE with the short summary of its
differences from PTRACE_ATTACH.
The following paragraph:
PTRACE_EVENT_STOP
Stop induced by PTRACE_INTERRUPT command, or group-stop, or ini-
tial ptrace-stop when a new child is attached (only if attached
using PTRACE_SEIZE), or PTRACE_EVENT_STOP if PTRACE_SEIZE was used.
has an editing error (the part after last comma makes no sense).
Removing it.
Mention that legacy post-execve SIGTRAP is disabled by PTRACE_SEIZE.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Tobias Herzke [Sat, 11 Oct 2014 19:04:12 +0000 (21:04 +0200)]
pthread_attr_setschedparam.3: Describe EINVAL in ERRORS
The following example proves that the man page
pthread_attr_setschedparam.3 is incorrect when it claims that the
pthread_attr_setschedparam function always succeeds on linux:
int main() {
pthread_attr_t attr;
struct sched_param p = {-1}; /* invalid priority */
if (pthread_attr_init(&attr) == 0)
if (pthread_attr_setschedpolicy(&attr, SCHED_OTHER) == 0)
if (pthread_attr_setschedparam(&attr, &p) == EINVAL)
return 1;
return 0;
}
The program exits with exit code 1, therefore
pthread_attr_setschedparam() has returned error code EINVAL.
I could evoke this error on ubuntu 14.04, and verify it by
examining the eglibc-2.19 source code. The function is
implemented in file fbtl/pthread_attr_setschedparam.c. For
error checking, it calls the helper function
check_sched_priority_attr which is implemented inline in
file ./fbtl/pthreadP.h. This function returns EINVAL if a
range check fails.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Eric Wong [Wed, 16 Jul 2014 22:50:50 +0000 (22:50 +0000)]
sendfile.2: Caution against modifying sent pages
The following program illustrates the difference between TCP
and Unix stream sockets doing sendfile. Since TCP implements
zero-copy, the new modifications to the file transferred is
seen upon reading despite the modifications happening after
sendfile was last called.
Unix stream sockets do not implement zero-copy (as of
Linux 3.15), so readers continue to see the contents of the
file at the time it was sent, not as they are at the time of
reading.
static void tcp_socketpair(int sv[2])
{
struct sockaddr_in addr;
socklen_t addrlen = sizeof(addr);
int l = socket(PF_INET, SOCK_STREAM, 0);
int c = socket(PF_INET, SOCK_STREAM, 0);
int a;
int val = 1;
/* fill up the socket buffer */
for (;;) {
w = sendfile(pair[1], tfd, &off, n);
if (w > 0)
continue;
if (w < 0 && errno == EAGAIN)
break;
assert(0 && "unhandled error" && w && errno);
}
printf("wrote off=%lld\n", (long long)off);
/* rewrite the tempfile */
memset(buf, 'A', sizeof(buf));
assert(0 == lseek(tfd, 0, SEEK_SET));
for (i = 0; i < n; i++)
assert(sizeof(buf) == write(tfd, buf, sizeof(buf)));
/* we should be reading 'a's, not 'A's */
memset(expect, 'a', sizeof(expect));
do {
r = read(pair[0], buf, sizeof(expect));
/* TCP fails here since it is zero copy (on Linux 3.15.5) */
if (r > 0)
assert(memcmp(buf, expect, r) == 0);
} while (r > 0);
return 0;
}
Signed-off-by: Eric Wong <normalperson@yhbt.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Jan Stancek [Thu, 5 Feb 2015 12:24:50 +0000 (13:24 +0100)]
migrate_pages.2: Document EFAULT and EINVAL errors
I encountered these errors while writing testcase for migrate_pages
syscall for LTP (Linux test project).
I checked stable kernel tree 3.5 to see which paths return these.
Both can be returned from get_nodes(), which is called from:
SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode,
const unsigned long __user *, old_nodes,
const unsigned long __user *, new_nodes)
The testcase does following:
EFAULT
a) old_nodes/new_nodes is area mmaped with PROT_NONE
b) old_nodes/new_nodes is area not mmapped in process address
space, -1 or area that has been just munmmaped
EINVAL
a) maxnodes overflows kernel limit
b) new_nodes contain node, which has no memory or does not exist
or is not returned for get_mempolicy(MPOL_F_MEMS_ALLOWED).
Signed-off-by: Jan Stancek <jstancek@redhat.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Rob Somers [Thu, 5 Feb 2015 12:14:28 +0000 (13:14 +0100)]
encrypt.3: Improve code example
I (and some others) found that the original example code
did not seem to work as advertised. The new code (used by
permission of the original author, Jens Thoms Toerring)
was found on comp.os.linux.development.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Mark Seaborn [Fri, 23 Apr 2010 16:31:01 +0000 (17:31 +0100)]
mprotect.2: mention effect of READ_IMPLIES_EXEC personality flag
I puzzled over mprotect()'s effect on /proc/*/maps for a while
yesterday -- it was setting "x" without PROT_EXEC being specified.
Here is a patch to add some explanation.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
access.2: Explain how access() check treats capabilities
We have users who are terribly confused why their binaries
with CAP_DAC_OVERRIDE capability see EACCESS from access() calls,
but are able to read the file.
The reason is access() isn't the "can I read/write/execute this
file?" question, it is the "(assuming that I'm a setuid binary,)
can *the user who invoked me* read/write/execute this file?"
question.
That's why it uses real UIDs as documented, and why it ignores
capabilities when capability-endorsed binaries are run by non-root
(this patch adds this information).
To make users more likely to notice this less-known detail,
the patch expands the explanation with rationale for this logic
into a separate paragraph.
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> CC: linux-man@vger.kernel.org Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Jan Chaloupka [Sat, 18 Oct 2014 15:36:00 +0000 (17:36 +0200)]
unix.7: Mention SOCK_STREAM socket for ioctl_type of ioctl()
from https://bugzilla.redhat.com/show_bug.cgi?id=1110401.
unix.7 is not clear about socket type of ioctl_type argument of
ioctl() function. The description of SIOCINQ is applicable only
for SOCK_STREAM socket. For SOCK_DGRAM, udp(7) man page gives
correct description of SIOCINQ
Signed-off-by: Jan Chaloupka <jchaloup@redhat.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Michal Hocko [Tue, 3 Feb 2015 15:48:37 +0000 (16:48 +0100)]
fork.2: EAGAIN is not reported when task allocation fails
I am not sure why we have:
"EAGAIN fork() cannot allocate sufficient memory to copy
the parent's page tables and allocate a task structure
or the child."
The text seems to be there from the time when man-pages
were moved to git so there is no history for it.
And it doesn't reflect reality: the kernel reports both
dup_task_struct and dup_mm failures as ENOMEM to the
userspace. This seems to be the case from early 2.x times
so let's simply remove this part.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Heavily based on Stephen Smalley's text in
https://lwn.net/Articles/28222/
From: Stephen Smalley <sds@epoch.ncsc.mil>
To: LKML and others
Subject: [RFC][PATCH] Process Attribute API for Security Modules
Date: 08 Apr 2003 16:17:52 -0400
Cowritten-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>