]>
Commit | Line | Data |
---|---|---|
fea681da | 1 | .\" Copyright (C) 1998 Andries Brouwer (aeb@cwi.nl) |
73d3ac53 | 2 | .\" and Copyright (C) 2002, 2006, 2008, 2012, 2013 Michael Kerrisk <mtk.manpages@gmail.com> |
af5f9508 | 3 | .\" and Copyright Guillem Jover <guillem@hadrons.org> |
3cd5e983 | 4 | .\" and Copyright (C) 2014 Dave Hansen / Intel |
fea681da | 5 | .\" |
93015253 | 6 | .\" %%%LICENSE_START(VERBATIM) |
fea681da MK |
7 | .\" Permission is granted to make and distribute verbatim copies of this |
8 | .\" manual provided the copyright notice and this permission notice are | |
9 | .\" preserved on all copies. | |
10 | .\" | |
11 | .\" Permission is granted to copy and distribute modified versions of this | |
12 | .\" manual under the conditions for verbatim copying, provided that the | |
13 | .\" entire resulting derived work is distributed under the terms of a | |
14 | .\" permission notice identical to this one. | |
c13182ef | 15 | .\" |
fea681da MK |
16 | .\" Since the Linux kernel and libraries are constantly changing, this |
17 | .\" manual page may be incorrect or out-of-date. The author(s) assume no | |
18 | .\" responsibility for errors or omissions, or for damages resulting from | |
19 | .\" the use of the information contained herein. The author(s) may not | |
20 | .\" have taken the same level of care in the production of this manual, | |
21 | .\" which is licensed free of charge, as they might when working | |
22 | .\" professionally. | |
c13182ef | 23 | .\" |
fea681da MK |
24 | .\" Formatted or processed versions of this manual, if unaccompanied by |
25 | .\" the source, must acknowledge the copyright and authors of this work. | |
4b72fb64 | 26 | .\" %%%LICENSE_END |
fea681da MK |
27 | .\" |
28 | .\" Modified Thu Nov 11 04:19:42 MET 1999, aeb: added PR_GET_PDEATHSIG | |
29 | .\" Modified 27 Jun 02, Michael Kerrisk | |
c13182ef | 30 | .\" Added PR_SET_DUMPABLE, PR_GET_DUMPABLE, |
fea681da | 31 | .\" PR_SET_KEEPCAPS, PR_GET_KEEPCAPS |
e87fdd92 MK |
32 | .\" Modified 2006-08-30 Guillem Jover <guillem@hadrons.org> |
33 | .\" Updated Linux versions where the options where introduced. | |
34 | .\" Added PR_SET_TIMING, PR_GET_TIMING, PR_SET_NAME, PR_GET_NAME, | |
35 | .\" PR_SET_UNALIGN, PR_GET_UNALIGN, PR_SET_FPEMU, PR_GET_FPEMU, | |
36 | .\" PR_SET_FPEXC, PR_GET_FPEXC | |
8ab8b43f MK |
37 | .\" 2008-04-29 Serge Hallyn, Document PR_CAPBSET_READ and PR_CAPBSET_DROP |
38 | .\" 2008-06-13 Erik Bosman, <ejbosman@cs.vu.nl> | |
39 | .\" Document PR_GET_TSC and PR_SET_TSC. | |
40 | .\" 2008-06-15 mtk, Document PR_SET_SECCOMP, PR_GET_SECCOMP | |
bc02b3ea | 41 | .\" 2009-10-03 Andi Kleen, document PR_MCE_KILL |
06afe673 | 42 | .\" 2012-04 Cyrill Gorcunov, Document PR_SET_MM |
bc02b3ea MK |
43 | .\" 2012-04-25 Michael Kerrisk, Document PR_TASK_PERF_EVENTS_DISABLE and |
44 | .\" PR_TASK_PERF_EVENTS_ENABLE | |
34447828 | 45 | .\" 2012-09-20 Kees Cook, update PR_SET_SECCOMP for mode 2 |
f83fe154 | 46 | .\" 2012-09-20 Kees Cook, document PR_SET_NO_NEW_PRIVS, PR_GET_NO_NEW_PRIVS |
934487a0 MK |
47 | .\" 2012-10-25 Michael Kerrisk, Document PR_SET_TIMERSLACK and |
48 | .\" PR_GET_TIMERSLACK | |
491b2e75 | 49 | .\" 2013-01-10 Kees Cook, document PR_SET_PTRACER |
31cc8387 | 50 | .\" 2012-02-04 Michael Kerrisk, document PR_{SET,GET}_CHILD_SUBREAPER |
03979794 | 51 | .\" 2014-11-10 Dave Hansen, document PR_MPX_{EN,DIS}ABLE_MANAGEMENT |
fea681da | 52 | .\" |
e14baeeb | 53 | .\" |
e8426ca2 | 54 | .TH PRCTL 2 2020-04-11 "Linux" "Linux Programmer's Manual" |
fea681da | 55 | .SH NAME |
1e0d99b8 | 56 | prctl \- operations on a process or thread |
fea681da | 57 | .SH SYNOPSIS |
521bf584 | 58 | .nf |
fea681da | 59 | .B #include <sys/prctl.h> |
68e4db0a | 60 | .PP |
521bf584 MK |
61 | .BI "int prctl(int " option ", unsigned long " arg2 ", unsigned long " arg3 , |
62 | .BI " unsigned long " arg4 ", unsigned long " arg5 ); | |
63 | .fi | |
fea681da | 64 | .SH DESCRIPTION |
e511ffb6 | 65 | .BR prctl () |
1e0d99b8 DM |
66 | manipulates various aspects of the behavior |
67 | of the calling thread or process. | |
68 | .PP | |
cd41e08c | 69 | Note that careless use of some |
ec5cb536 | 70 | .BR prctl () |
cd41e08c MK |
71 | operations can confuse the user-space run-time environment, |
72 | so these operations should be used with care. | |
ec5cb536 | 73 | .PP |
1e0d99b8 | 74 | .BR prctl () |
fea681da | 75 | is called with a first argument describing what to do |
1a329b56 | 76 | (with values defined in \fI<linux/prctl.h>\fP), and further |
c4bb193f | 77 | arguments with a significance depending on the first one. |
fea681da | 78 | The first argument can be: |
03547431 | 79 | .\" |
667eb3ac | 80 | .\" prctl PR_CAP_AMBIENT |
03547431 MK |
81 | .TP |
82 | .BR PR_CAP_AMBIENT " (since Linux 4.3)" | |
83 | .\" commit 58319057b7847667f0c9585b9de0e8932b0fdb08 | |
1a52f4f6 MK |
84 | Reads or changes the ambient capability set of the calling thread, |
85 | according to the value of | |
03547431 MK |
86 | .IR arg2 , |
87 | which must be one of the following: | |
88 | .RS | |
89 | .\" | |
90 | .TP | |
91 | .B PR_CAP_AMBIENT_RAISE | |
92 | The capability specified in | |
93 | .I arg3 | |
94 | is added to the ambient set. | |
95 | The specified capability must already be present in | |
96 | both the permitted and the inheritable sets of the process. | |
97 | This operation is not permitted if the | |
98 | .B SECBIT_NO_CAP_AMBIENT_RAISE | |
99 | securebit is set. | |
100 | .TP | |
101 | .B PR_CAP_AMBIENT_LOWER | |
102 | The capability specified in | |
103 | .I arg3 | |
104 | is removed from the ambient set. | |
105 | .TP | |
106 | .B PR_CAP_AMBIENT_IS_SET | |
107 | The | |
bf7bc8b8 | 108 | .BR prctl () |
03547431 MK |
109 | call returns 1 if the capability in |
110 | .I arg3 | |
111 | is in the ambient set and 0 if it is not. | |
112 | .TP | |
113 | .BR PR_CAP_AMBIENT_CLEAR_ALL | |
114 | All capabilities will be removed from the ambient set. | |
115 | This operation requires setting | |
116 | .I arg3 | |
117 | to zero. | |
118 | .RE | |
269e3b97 MK |
119 | .IP |
120 | In all of the above operations, | |
121 | .I arg4 | |
122 | and | |
123 | .I arg5 | |
124 | must be specified as 0. | |
cf086650 MK |
125 | .IP |
126 | Higher-level interfaces layered on top of the above operations are | |
127 | provided in the | |
128 | .BR libcap (3) | |
129 | library in the form of | |
130 | .BR cap_get_ambient (3), | |
131 | .BR cap_set_ambient (3), | |
132 | and | |
133 | .BR cap_reset_ambient (3). | |
667eb3ac | 134 | .\" prctl PR_CAPBSET_READ |
fea681da | 135 | .TP |
2e781e20 | 136 | .BR PR_CAPBSET_READ " (since Linux 2.6.25)" |
8ab8b43f MK |
137 | Return (as the function result) 1 if the capability specified in |
138 | .I arg2 | |
139 | is in the calling thread's capability bounding set, | |
140 | or 0 if it is not. | |
141 | (The capability constants are defined in | |
142 | .IR <linux/capability.h> .) | |
143 | The capability bounding set dictates | |
144 | whether the process can receive the capability through a | |
2914a14d | 145 | file's permitted capability set on a subsequent call to |
8ab8b43f | 146 | .BR execve (2). |
efeece04 | 147 | .IP |
8ab8b43f MK |
148 | If the capability specified in |
149 | .I arg2 | |
150 | is not valid, then the call fails with the error | |
151 | .BR EINVAL . | |
d9a0d1d7 MK |
152 | .IP |
153 | A higher-level interface layered on top of this operation is provided in the | |
154 | .BR libcap (3) | |
155 | library in the form of | |
156 | .BR cap_get_bound (3). | |
667eb3ac | 157 | .\" prctl PR_CAPBSET_DROP |
8ab8b43f MK |
158 | .TP |
159 | .BR PR_CAPBSET_DROP " (since Linux 2.6.25)" | |
160 | If the calling thread has the | |
161 | .B CAP_SETPCAP | |
af53fcb5 | 162 | capability within its user namespace, then drop the capability specified by |
8ab8b43f MK |
163 | .I arg2 |
164 | from the calling thread's capability bounding set. | |
165 | Any children of the calling thread will inherit the newly | |
166 | reduced bounding set. | |
efeece04 | 167 | .IP |
8ab8b43f MK |
168 | The call fails with the error: |
169 | .B EPERM | |
2914a14d | 170 | if the calling thread does not have the |
8ab8b43f MK |
171 | .BR CAP_SETPCAP ; |
172 | .BR EINVAL | |
173 | if | |
174 | .I arg2 | |
175 | does not represent a valid capability; or | |
176 | .BR EINVAL | |
177 | if file capabilities are not enabled in the kernel, | |
178 | in which case bounding sets are not supported. | |
d9a0d1d7 MK |
179 | .IP |
180 | A higher-level interface layered on top of this operation is provided in the | |
181 | .BR libcap (3) | |
182 | library in the form of | |
183 | .BR cap_drop_bound (3). | |
667eb3ac | 184 | .\" prctl PR_SET_CHILD_SUBREAPER |
73d3ac53 MK |
185 | .TP |
186 | .BR PR_SET_CHILD_SUBREAPER " (since Linux 3.4)" | |
187 | .\" commit ebec18a6d3aa1e7d84aab16225e87fd25170ec2b | |
188 | If | |
189 | .I arg2 | |
190 | is nonzero, | |
191 | set the "child subreaper" attribute of the calling process; | |
192 | if | |
193 | .I arg2 | |
194 | is zero, unset the attribute. | |
efeece04 | 195 | .IP |
fbc63931 | 196 | A subreaper fulfills the role of |
73d3ac53 MK |
197 | .BR init (1) |
198 | for its descendant processes. | |
fbc63931 | 199 | When a process becomes orphaned |
b6088873 | 200 | (i.e., its immediate parent terminates), |
fbc63931 MK |
201 | then that process will be reparented to |
202 | the nearest still living ancestor subreaper. | |
203 | Subsequently, calls to | |
204 | .BR getppid () | |
205 | in the orphaned process will now return the PID of the subreaper process, | |
206 | and when the orphan terminates, it is the subreaper process that | |
73d3ac53 MK |
207 | will receive a |
208 | .BR SIGCHLD | |
1a8e1c2f | 209 | signal and will be able to |
73d3ac53 MK |
210 | .BR wait (2) |
211 | on the process to discover its termination status. | |
efeece04 | 212 | .IP |
4a5a783d | 213 | The setting of the "child subreaper" attribute |
300a9c78 | 214 | is not inherited by children created by |
d59a7572 MK |
215 | .BR fork (2) |
216 | and | |
217 | .BR clone (2). | |
218 | The setting is preserved across | |
219 | .BR execve (2). | |
efeece04 | 220 | .IP |
94e460d4 MK |
221 | Establishing a subreaper process is useful in session management frameworks |
222 | where a hierarchical group of processes is managed by a subreaper process | |
223 | that needs to be informed when one of the processes\(emfor example, | |
224 | a double-forked daemon\(emterminates | |
225 | (perhaps so that it can restart that process). | |
226 | Some | |
227 | .BR init (1) | |
228 | frameworks (e.g., | |
229 | .BR systemd (1)) | |
230 | employ a subreaper process for similar reasons. | |
667eb3ac | 231 | .\" prctl PR_GET_CHILD_SUBREAPER |
73d3ac53 MK |
232 | .TP |
233 | .BR PR_GET_CHILD_SUBREAPER " (since Linux 3.4)" | |
234 | Return the "child subreaper" setting of the caller, | |
235 | in the location pointed to by | |
236 | .IR "(int\ *) arg2" . | |
667eb3ac | 237 | .\" prctl PR_SET_DUMPABLE |
8ab8b43f | 238 | .TP |
88989295 | 239 | .BR PR_SET_DUMPABLE " (since Linux 2.3.20)" |
d4492caa | 240 | Set the state of the "dumpable" attribute, |
2d7fc98d MK |
241 | which determines whether core dumps are produced for the calling process |
242 | upon delivery of a signal whose default behavior is to produce a core dump. | |
efeece04 | 243 | .IP |
88989295 | 244 | In kernels up to and including 2.6.12, |
8ab8b43f | 245 | .I arg2 |
8aad30d7 MK |
246 | must be either 0 |
247 | .RB ( SUID_DUMP_DISABLE , | |
248 | process is not dumpable) or 1 | |
249 | .RB ( SUID_DUMP_USER , | |
250 | process is dumpable). | |
0de51ed1 MK |
251 | Between kernels 2.6.13 and 2.6.17, |
252 | .\" commit abf75a5033d4da7b8a7e92321d74021d1fcfb502 | |
253 | the value 2 was also permitted, | |
88989295 MK |
254 | which caused any binary which normally would not be dumped |
255 | to be dumped readable by root only; | |
256 | for security reasons, this feature has been removed. | |
257 | .\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2 | |
258 | .\" Subject: Fix prctl privilege escalation (CVE-2006-2451) | |
259 | .\" From: Marcel Holtmann <marcel () holtmann ! org> | |
260 | .\" Date: 2006-07-12 11:12:00 | |
261 | (See also the description of | |
2d7fc98d | 262 | .I /proc/sys/fs/\:suid_dumpable |
88989295 MK |
263 | in |
264 | .BR proc (5).) | |
efeece04 | 265 | .IP |
3076b3d9 | 266 | Normally, the "dumpable" attribute is set to 1. |
2d7fc98d MK |
267 | However, it is reset to the current value contained in the file |
268 | .IR /proc/sys/fs/\:suid_dumpable | |
269 | (which by default has the value 0), | |
a644bc48 | 270 | in the following circumstances: |
2d7fc98d MK |
271 | .\" See kernel/cred.c::commit_creds() (Linux 3.18 sources) |
272 | .RS | |
41f90bb7 | 273 | .IP * 3 |
a644bc48 | 274 | The process's effective user or group ID is changed. |
2d7fc98d | 275 | .IP * |
a644bc48 | 276 | The process's filesystem user or group ID is changed (see |
2d7fc98d MK |
277 | .BR credentials (7)). |
278 | .IP * | |
a644bc48 | 279 | The process executes |
2d7fc98d | 280 | .RB ( execve (2)) |
41f90bb7 MK |
281 | a set-user-ID or set-group-ID program, resulting in a change |
282 | of either the effective user ID or the effective group ID. | |
27ce08bf KF |
283 | .IP * |
284 | The process executes | |
285 | .RB ( execve (2)) | |
286 | a program that has file capabilities (see | |
287 | .BR capabilities (7)), | |
41f90bb7 | 288 | .\" See kernel/cred.c::commit_creds() |
27ce08bf | 289 | but only if the permitted capabilities |
41f90bb7 | 290 | gained exceed those already permitted for the process. |
5d28ea3e | 291 | .\" Also certain namespace operations; |
2d7fc98d MK |
292 | .RE |
293 | .IP | |
cadcf1b1 | 294 | Processes that are not dumpable can not be attached via |
6fdbc779 | 295 | .BR ptrace (2) |
982d8cf7 MK |
296 | .BR PTRACE_ATTACH ; |
297 | see | |
298 | .BR ptrace (2) | |
299 | for further details. | |
efeece04 | 300 | .IP |
161946a2 MK |
301 | If a process is not dumpable, |
302 | the ownership of files in the process's | |
303 | .IR /proc/[pid] | |
304 | directory is affected as described in | |
305 | .BR proc (5). | |
667eb3ac | 306 | .\" prctl PR_GET_DUMPABLE |
64536a1b | 307 | .TP |
88989295 MK |
308 | .BR PR_GET_DUMPABLE " (since Linux 2.3.20)" |
309 | Return (as the function result) the current state of the calling | |
d4492caa | 310 | process's dumpable attribute. |
88989295 MK |
311 | .\" Since Linux 2.6.13, the dumpable flag can have the value 2, |
312 | .\" but in 2.6.13 PR_GET_DUMPABLE simply returns 1 if the dumpable | |
c7094399 | 313 | .\" flags has a nonzero value. This was fixed in 2.6.14. |
667eb3ac | 314 | .\" prctl PR_SET_ENDIAN |
64536a1b | 315 | .TP |
8ab8b43f | 316 | .BR PR_SET_ENDIAN " (since Linux 2.6.18, PowerPC only)" |
c13182ef | 317 | Set the endian-ness of the calling process to the value given |
64536a1b | 318 | in \fIarg2\fP, which should be one of the following: |
8ab8b43f | 319 | .\" Respectively 0, 1, 2 |
64536a1b MK |
320 | .BR PR_ENDIAN_BIG , |
321 | .BR PR_ENDIAN_LITTLE , | |
322 | or | |
0daa9e92 | 323 | .B PR_ENDIAN_PPC_LITTLE |
64536a1b | 324 | (PowerPC pseudo little endian). |
667eb3ac | 325 | .\" prctl PR_GET_ENDIAN |
e87fdd92 | 326 | .TP |
8ab8b43f MK |
327 | .BR PR_GET_ENDIAN " (since Linux 2.6.18, PowerPC only)" |
328 | Return the endian-ness of the calling process, | |
329 | in the location pointed to by | |
330 | .IR "(int\ *) arg2" . | |
667eb3ac | 331 | .\" prctl PR_SET_FP_MODE |
64a53a67 ES |
332 | .TP |
333 | .BR PR_SET_FP_MODE " (since Linux 4.0, only on MIPS)" | |
89507305 MK |
334 | .\" commit 9791554b45a2acc28247f66a5fd5bbc212a6b8c8 |
335 | On the MIPS architecture, | |
336 | user-space code can be built using an ABI which permits linking | |
337 | with code that has more restrictive floating-point (FP) requirements. | |
338 | For example, user-space code may be built to target the O32 FPXX ABI | |
b3073df8 | 339 | and linked with code built for either one of the more restrictive |
89507305 | 340 | FP32 or FP64 ABIs. |
b3073df8 | 341 | When more restrictive code is linked in, |
89507305 MK |
342 | the overall requirement for the process is to use the more |
343 | restrictive floating-point mode. | |
efeece04 | 344 | .IP |
07d6076e | 345 | Because the kernel has no means of knowing in advance |
89507305 | 346 | which mode the process should be executed in, |
07d6076e MK |
347 | and because these restrictions can |
348 | change over the lifetime of the process, the | |
349 | .B PR_SET_FP_MODE | |
350 | operation is provided to allow control of the floating-point mode | |
351 | from user space. | |
efeece04 | 352 | .IP |
64a53a67 ES |
353 | .\" https://dmz-portal.mips.com/wiki/MIPS_O32_ABI_-_FR0_and_FR1_Interlinking |
354 | The | |
355 | .I (unsigned int) arg2 | |
89507305 | 356 | argument is a bit mask describing the floating-point mode used: |
64a53a67 ES |
357 | .RS |
358 | .TP | |
fb90e0c7 | 359 | .BR PR_FP_MODE_FR |
64a53a67 ES |
360 | When this bit is |
361 | .I unset | |
362 | (so called | |
363 | .BR FR=0 " or " FR0 | |
41a926bf MK |
364 | mode), the 32 floating-point registers are 32 bits wide, |
365 | and 64-bit registers are represented as a pair of registers | |
b3073df8 | 366 | (even- and odd- numbered, |
89507305 MK |
367 | with the even-numbered register containing the lower 32 bits, |
368 | and the odd-numbered register containing the higher 32 bits). | |
efeece04 | 369 | .IP |
64a53a67 ES |
370 | When this bit is |
371 | .I set | |
07d6076e | 372 | (on supported hardware), |
41a926bf | 373 | the 32 floating-point registers are 64 bits wide (so called |
64a53a67 | 374 | .BR FR=1 " or " FR1 |
89507305 | 375 | mode). |
b3073df8 | 376 | Note that modern MIPS implementations (MIPS R6 and newer) support |
64a53a67 ES |
377 | .B FR=1 |
378 | mode only. | |
efeece04 MK |
379 | .IP |
380 | .IP | |
89507305 | 381 | Applications that use the O32 FP32 ABI can operate only when this bit is |
64a53a67 ES |
382 | .I unset |
383 | .RB ( FR=0 ; | |
384 | or they can be used with FRE enabled, see below). | |
89507305 MK |
385 | Applications that use the O32 FP64 ABI |
386 | (and the O32 FP64A ABI, which exists to | |
387 | provide the ability to operate with existing FP32 code; see below) | |
388 | can operate only when this bit is | |
64a53a67 ES |
389 | .I set |
390 | .RB ( FR=1 ). | |
ffb0dafc | 391 | Applications that use the O32 FPXX ABI can operate with either |
07d6076e MK |
392 | .BR FR=0 |
393 | or | |
394 | .BR FR=1 . | |
64a53a67 | 395 | .TP |
fb90e0c7 | 396 | .BR PR_FP_MODE_FRE |
07d6076e | 397 | Enable emulation of 32-bit floating-point mode. |
b3073df8 | 398 | When this mode is enabled, |
07d6076e MK |
399 | it emulates 32-bit floating-point operations |
400 | by raising a reserved-instruction exception | |
b3073df8 | 401 | on every instruction that uses 32-bit formats and |
89507305 MK |
402 | the kernel then handles the instruction in software. |
403 | (The problem lies in the discrepancy of handling odd-numbered registers | |
404 | which are the high 32 bits of 64-bit registers with even numbers in | |
64a53a67 | 405 | .B FR=0 |
89507305 | 406 | mode and the lower 32-bit parts of odd-numbered 64-bit registers in |
64a53a67 | 407 | .B FR=1 |
89507305 MK |
408 | mode.) |
409 | Enabling this bit is necessary when code with the O32 FP32 ABI should operate | |
410 | with code with compatible the O32 FPXX or O32 FP64A ABIs (which require | |
64a53a67 | 411 | .B FR=1 |
b3073df8 MK |
412 | FPU mode) or when it is executed on newer hardware (MIPS R6 onwards) |
413 | which lacks | |
64a53a67 | 414 | .B FR=0 |
89507305 | 415 | mode support when a binary with the FP32 ABI is used. |
64a53a67 | 416 | .IP |
89507305 MK |
417 | Note that this mode makes sense only when the FPU is in 64-bit mode |
418 | .RB ( FR=1 ). | |
64a53a67 | 419 | .IP |
89507305 | 420 | Note that the use of emulation inherently has a significant performance hit |
b3073df8 | 421 | and should be avoided if possible. |
64a53a67 ES |
422 | .RE |
423 | .IP | |
07d6076e MK |
424 | In the N32/N64 ABI, 64-bit floating-point mode is always used, |
425 | so FPU emulation is not required and the FPU always operates in | |
64a53a67 ES |
426 | .B FR=1 |
427 | mode. | |
428 | .IP | |
07d6076e MK |
429 | This option is mainly intended for use by the dynamic linker |
430 | .RB ( ld.so (8)). | |
64a53a67 | 431 | .IP |
89507305 MK |
432 | The arguments |
433 | .IR arg3 , | |
434 | .IR arg4 , | |
435 | and | |
436 | .IR arg5 | |
64a53a67 | 437 | are ignored. |
667eb3ac | 438 | .\" prctl PR_GET_FP_MODE |
64a53a67 ES |
439 | .TP |
440 | .BR PR_GET_FP_MODE " (since Linux 4.0, only on MIPS)" | |
39466029 MK |
441 | Return (as the function result) |
442 | the current floating-point mode (see the description of | |
64a53a67 ES |
443 | .B PR_SET_FP_MODE |
444 | for details). | |
efeece04 | 445 | .IP |
89507305 | 446 | On success, |
07d6076e | 447 | the call returns a bit mask which represents the current floating-point mode. |
efeece04 | 448 | .IP |
89507305 MK |
449 | The arguments |
450 | .IR arg2 , | |
451 | .IR arg3 , | |
452 | .IR arg4 , | |
453 | and | |
454 | .IR arg5 | |
64a53a67 | 455 | are ignored. |
667eb3ac | 456 | .\" prctl PR_SET_FPEMU |
8ab8b43f | 457 | .TP |
8ab8b43f | 458 | .BR PR_SET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)" |
e87fdd92 | 459 | Set floating-point emulation control bits to \fIarg2\fP. |
7626d2ce MK |
460 | Pass |
461 | .B PR_FPEMU_NOPRINT | |
462 | to silently emulate floating-point operation accesses, or | |
463 | .B PR_FPEMU_SIGFPE | |
464 | to not emulate floating-point operations and send | |
8bd58774 MK |
465 | .B SIGFPE |
466 | instead. | |
667eb3ac | 467 | .\" prctl PR_GET_FPEMU |
e87fdd92 | 468 | .TP |
8ab8b43f MK |
469 | .BR PR_GET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)" |
470 | Return floating-point emulation control bits, | |
471 | in the location pointed to by | |
472 | .IR "(int\ *) arg2" . | |
667eb3ac | 473 | .\" prctl PR_SET_FPEXC |
e87fdd92 | 474 | .TP |
8ab8b43f | 475 | .BR PR_SET_FPEXC " (since Linux 2.4.21, 2.5.32, only on PowerPC)" |
1c44bd5b MK |
476 | Set floating-point exception mode to \fIarg2\fP. |
477 | Pass \fBPR_FP_EXC_SW_ENABLE\fP to use FPEXC for FP exception enables, | |
c45bd688 MK |
478 | \fBPR_FP_EXC_DIV\fP for floating-point divide by zero, |
479 | \fBPR_FP_EXC_OVF\fP for floating-point overflow, | |
480 | \fBPR_FP_EXC_UND\fP for floating-point underflow, | |
481 | \fBPR_FP_EXC_RES\fP for floating-point inexact result, | |
482 | \fBPR_FP_EXC_INV\fP for floating-point invalid operation, | |
e87fdd92 | 483 | \fBPR_FP_EXC_DISABLED\fP for FP exceptions disabled, |
b28f6e56 | 484 | \fBPR_FP_EXC_NONRECOV\fP for async nonrecoverable exception mode, |
e87fdd92 MK |
485 | \fBPR_FP_EXC_ASYNC\fP for async recoverable exception mode, |
486 | \fBPR_FP_EXC_PRECISE\fP for precise exception mode. | |
667eb3ac | 487 | .\" prctl PR_GET_FPEXC |
e87fdd92 | 488 | .TP |
8ab8b43f MK |
489 | .BR PR_GET_FPEXC " (since Linux 2.4.21, 2.5.32, only on PowerPC)" |
490 | Return floating-point exception mode, | |
491 | in the location pointed to by | |
492 | .IR "(int\ *) arg2" . | |
194ccff9 DM |
493 | .\" prctl PR_SET_IO_FLUSHER |
494 | .TP | |
495 | .BR PR_SET_IO_FLUSHER " (since Linux 5.6)" | |
496 | If a user process is involved in the block layer or filesystem I/O path, | |
497 | and can allocate memory while processing I/O requests it must set | |
498 | \fIarg2\fP to 1. | |
499 | This will put the process in the IO_FLUSHER state, | |
500 | which allows it special treatment to make progress when allocating memory. | |
501 | If \fIarg2\fP is 0, the process will clear the IO_FLUSHER state, and | |
502 | the default behavior will be used. | |
503 | .IP | |
504 | The calling process must have the | |
505 | .BR CAP_SYS_RESOURCE | |
506 | capability. | |
507 | .IP | |
508 | .IR arg3 , | |
509 | .IR arg4 , | |
510 | and | |
511 | .IR arg5 | |
512 | must be zero. | |
513 | .IP | |
514 | The IO_FLUSHER state is inherited by a child process created via | |
515 | .BR fork (2) | |
516 | and is preserved across | |
517 | .BR execve (2). | |
518 | .IP | |
519 | Examples of IO_FLUSHER applications are FUSE daemons, SCSI device | |
520 | emulation daemons, and daemons that perform error handling like multipath | |
521 | path recovery applications. | |
522 | .\" prctl PR_GET_IO_FLUSHER | |
523 | .TP | |
524 | .B PR_GET_IO_FLUSHER (Since Linux 5.6) | |
525 | Return (as the function result) the IO_FLUSHER state of the caller. | |
526 | A value of 1 indicates that the caller is in the IO_FLUSHER state; | |
527 | 0 indicates that the caller is not in the IO_FLUSHER state. | |
528 | .IP | |
529 | The calling process must have the | |
530 | .BR CAP_SYS_RESOURCE | |
531 | capability. | |
532 | .IP | |
533 | .IR arg2 , | |
534 | .IR arg3 , | |
535 | .IR arg4 , | |
536 | and | |
537 | .IR arg5 | |
538 | must be zero. | |
667eb3ac | 539 | .\" prctl PR_SET_KEEPCAPS |
8ab8b43f | 540 | .TP |
88989295 | 541 | .BR PR_SET_KEEPCAPS " (since Linux 2.2.18)" |
03361448 | 542 | Set the state of the calling thread's "keep capabilities" flag. |
cb7c96bf | 543 | The effect of this flag is described in |
03361448 | 544 | .BR capabilities (7). |
88989295 | 545 | .I arg2 |
03361448 MK |
546 | must be either 0 (clear the flag) |
547 | or 1 (set the flag). | |
028cb080 | 548 | The "keep capabilities" value will be reset to 0 on subsequent calls to |
88989295 | 549 | .BR execve (2). |
667eb3ac | 550 | .\" prctl PR_GET_KEEPCAPS |
88989295 MK |
551 | .TP |
552 | .BR PR_GET_KEEPCAPS " (since Linux 2.2.18)" | |
88ee5c1c | 553 | Return (as the function result) the current state of the calling thread's |
88989295 | 554 | "keep capabilities" flag. |
03361448 MK |
555 | See |
556 | .BR capabilities (7) | |
557 | for a description of this flag. | |
667eb3ac | 558 | .\" prctl PR_MCE_KILL |
88989295 | 559 | .TP |
03547431 | 560 | .BR PR_MCE_KILL " (since Linux 2.6.32)" |
eb359b3e | 561 | Set the machine check memory corruption kill policy for the calling thread. |
03547431 MK |
562 | If |
563 | .I arg2 | |
564 | is | |
565 | .BR PR_MCE_KILL_CLEAR , | |
566 | clear the thread memory corruption kill policy and use the system-wide default. | |
567 | (The system-wide default is defined by | |
568 | .IR /proc/sys/vm/memory_failure_early_kill ; | |
569 | see | |
570 | .BR proc (5).) | |
571 | If | |
572 | .I arg2 | |
573 | is | |
574 | .BR PR_MCE_KILL_SET , | |
575 | use a thread-specific memory corruption kill policy. | |
576 | In this case, | |
577 | .I arg3 | |
578 | defines whether the policy is | |
579 | .I early kill | |
580 | .RB ( PR_MCE_KILL_EARLY ), | |
581 | .I late kill | |
582 | .RB ( PR_MCE_KILL_LATE ), | |
583 | or the system-wide default | |
584 | .RB ( PR_MCE_KILL_DEFAULT ). | |
585 | Early kill means that the thread receives a | |
586 | .B SIGBUS | |
587 | signal as soon as hardware memory corruption is detected inside | |
588 | its address space. | |
589 | In late kill mode, the process is killed only when it accesses a corrupted page. | |
590 | See | |
591 | .BR sigaction (2) | |
592 | for more information on the | |
593 | .BR SIGBUS | |
594 | signal. | |
595 | The policy is inherited by children. | |
596 | The remaining unused | |
597 | .BR prctl () | |
598 | arguments must be zero for future compatibility. | |
667eb3ac | 599 | .\" prctl PR_MCE_KILL_GET |
88989295 | 600 | .TP |
03547431 | 601 | .BR PR_MCE_KILL_GET " (since Linux 2.6.32)" |
1ff5960b MK |
602 | Return (as the function result) |
603 | the current per-process machine check kill policy. | |
03547431 MK |
604 | All unused |
605 | .BR prctl () | |
606 | arguments must be zero. | |
667eb3ac | 607 | .\" prctl PR_SET_MM |
88989295 | 608 | .TP |
03547431 MK |
609 | .BR PR_SET_MM " (since Linux 3.3)" |
610 | .\" commit 028ee4be34a09a6d48bdf30ab991ae933a7bc036 | |
611 | Modify certain kernel memory map descriptor fields | |
612 | of the calling process. | |
613 | Usually these fields are set by the kernel and dynamic loader (see | |
614 | .BR ld.so (8) | |
615 | for more information) and a regular application should not use this feature. | |
616 | However, there are cases, such as self-modifying programs, | |
617 | where a program might find it useful to change its own memory map. | |
efeece04 | 618 | .IP |
03547431 MK |
619 | The calling process must have the |
620 | .BR CAP_SYS_RESOURCE | |
621 | capability. | |
622 | The value in | |
623 | .I arg2 | |
624 | is one of the options below, while | |
625 | .I arg3 | |
626 | provides a new value for the option. | |
a87d0921 MF |
627 | The |
628 | .I arg4 | |
629 | and | |
630 | .I arg5 | |
631 | arguments must be zero if unused. | |
efeece04 | 632 | .IP |
261c7e1d | 633 | Before Linux 3.10, |
d2eeb68f | 634 | .\" commit 52b3694157e3aa6df871e283115652ec6f2d31e0 |
261c7e1d MF |
635 | this feature is available only if the kernel is built with the |
636 | .BR CONFIG_CHECKPOINT_RESTORE | |
637 | option enabled. | |
03547431 MK |
638 | .RS |
639 | .TP | |
640 | .BR PR_SET_MM_START_CODE | |
641 | Set the address above which the program text can run. | |
642 | The corresponding memory area must be readable and executable, | |
997d21e1 | 643 | but not writable or shareable (see |
03547431 | 644 | .BR mprotect (2) |
0fcc276f | 645 | and |
03547431 MK |
646 | .BR mmap (2) |
647 | for more information). | |
f83fe154 | 648 | .TP |
03547431 MK |
649 | .BR PR_SET_MM_END_CODE |
650 | Set the address below which the program text can run. | |
651 | The corresponding memory area must be readable and executable, | |
997d21e1 | 652 | but not writable or shareable. |
f83fe154 | 653 | .TP |
03547431 MK |
654 | .BR PR_SET_MM_START_DATA |
655 | Set the address above which initialized and | |
656 | uninitialized (bss) data are placed. | |
657 | The corresponding memory area must be readable and writable, | |
997d21e1 | 658 | but not executable or shareable. |
88989295 | 659 | .TP |
03547431 MK |
660 | .B PR_SET_MM_END_DATA |
661 | Set the address below which initialized and | |
662 | uninitialized (bss) data are placed. | |
663 | The corresponding memory area must be readable and writable, | |
997d21e1 | 664 | but not executable or shareable. |
88989295 | 665 | .TP |
03547431 MK |
666 | .BR PR_SET_MM_START_STACK |
667 | Set the start address of the stack. | |
668 | The corresponding memory area must be readable and writable. | |
491b2e75 | 669 | .TP |
03547431 MK |
670 | .BR PR_SET_MM_START_BRK |
671 | Set the address above which the program heap can be expanded with | |
672 | .BR brk (2) | |
673 | call. | |
674 | The address must be greater than the ending address of | |
675 | the current program data segment. | |
676 | In addition, the combined size of the resulting heap and | |
677 | the size of the data segment can't exceed the | |
678 | .BR RLIMIT_DATA | |
679 | resource limit (see | |
680 | .BR setrlimit (2)). | |
681 | .TP | |
682 | .BR PR_SET_MM_BRK | |
683 | Set the current | |
684 | .BR brk (2) | |
685 | value. | |
686 | The requirements for the address are the same as for the | |
687 | .BR PR_SET_MM_START_BRK | |
688 | option. | |
11ac5b51 | 689 | .PP |
03547431 MK |
690 | The following options are available since Linux 3.5. |
691 | .\" commit fe8c7f5cbf91124987106faa3bdf0c8b955c4cf7 | |
692 | .TP | |
693 | .BR PR_SET_MM_ARG_START | |
694 | Set the address above which the program command line is placed. | |
695 | .TP | |
696 | .BR PR_SET_MM_ARG_END | |
697 | Set the address below which the program command line is placed. | |
698 | .TP | |
699 | .BR PR_SET_MM_ENV_START | |
700 | Set the address above which the program environment is placed. | |
701 | .TP | |
702 | .BR PR_SET_MM_ENV_END | |
703 | Set the address below which the program environment is placed. | |
704 | .IP | |
705 | The address passed with | |
706 | .BR PR_SET_MM_ARG_START , | |
707 | .BR PR_SET_MM_ARG_END , | |
708 | .BR PR_SET_MM_ENV_START , | |
709 | and | |
710 | .BR PR_SET_MM_ENV_END | |
711 | should belong to a process stack area. | |
712 | Thus, the corresponding memory area must be readable, writable, and | |
713 | (depending on the kernel configuration) have the | |
714 | .BR MAP_GROWSDOWN | |
715 | attribute set (see | |
716 | .BR mmap (2)). | |
717 | .TP | |
718 | .BR PR_SET_MM_AUXV | |
719 | Set a new auxiliary vector. | |
720 | The | |
721 | .I arg3 | |
722 | argument should provide the address of the vector. | |
723 | The | |
724 | .I arg4 | |
725 | is the size of the vector. | |
726 | .TP | |
727 | .BR PR_SET_MM_EXE_FILE | |
728 | .\" commit b32dfe377102ce668775f8b6b1461f7ad428f8b6 | |
729 | Supersede the | |
730 | .IR /proc/pid/exe | |
731 | symbolic link with a new one pointing to a new executable file | |
732 | identified by the file descriptor provided in | |
733 | .I arg3 | |
734 | argument. | |
735 | The file descriptor should be obtained with a regular | |
736 | .BR open (2) | |
737 | call. | |
738 | .IP | |
739 | To change the symbolic link, one needs to unmap all existing | |
740 | executable memory areas, including those created by the kernel itself | |
741 | (for example the kernel usually creates at least one executable | |
742 | memory area for the ELF | |
743 | .IR \.text | |
744 | section). | |
745 | .IP | |
642df17c | 746 | In Linux 4.9 and earlier, the |
47bc9cec | 747 | .\" commit 3fb4afd9a504c2386b8435028d43283216bf588e |
47bc9cec | 748 | .BR PR_SET_MM_EXE_FILE |
642df17c MK |
749 | operation can be performed only once in a process's lifetime; |
750 | attempting to perform the operation a second time results in the error | |
751 | .BR EPERM . | |
752 | This restriction was enforced for security reasons that were subsequently | |
753 | deemed specious, | |
754 | and the restriction was removed in Linux 4.10 because some | |
755 | user-space applications needed to perform this operation more than once. | |
11ac5b51 | 756 | .PP |
7e3236a5 MF |
757 | The following options are available since Linux 3.18. |
758 | .\" commit f606b77f1a9e362451aca8f81d8f36a3a112139e | |
759 | .TP | |
760 | .BR PR_SET_MM_MAP | |
761 | Provides one-shot access to all the addresses by passing in a | |
762 | .I struct prctl_mm_map | |
763 | (as defined in \fI<linux/prctl.h>\fP). | |
764 | The | |
765 | .I arg4 | |
766 | argument should provide the size of the struct. | |
efeece04 | 767 | .IP |
7e3236a5 MF |
768 | This feature is available only if the kernel is built with the |
769 | .BR CONFIG_CHECKPOINT_RESTORE | |
770 | option enabled. | |
771 | .TP | |
772 | .BR PR_SET_MM_MAP_SIZE | |
773 | Returns the size of the | |
774 | .I struct prctl_mm_map | |
775 | the kernel expects. | |
776 | This allows user space to find a compatible struct. | |
777 | The | |
778 | .I arg4 | |
779 | argument should be a pointer to an unsigned int. | |
efeece04 | 780 | .IP |
7e3236a5 MF |
781 | This feature is available only if the kernel is built with the |
782 | .BR CONFIG_CHECKPOINT_RESTORE | |
783 | option enabled. | |
03547431 | 784 | .RE |
667eb3ac | 785 | .\" prctl PR_MPX_ENABLE_MANAGEMENT |
03547431 | 786 | .TP |
2ab5fe26 | 787 | .BR PR_MPX_ENABLE_MANAGEMENT ", " PR_MPX_DISABLE_MANAGEMENT " (since Linux 3.19, removed in Linux 5.4; only on x86) " |
03547431 MK |
788 | .\" commit fe3d197f84319d3bce379a9c0dc17b1f48ad358c |
789 | .\" See also http://lwn.net/Articles/582712/ | |
790 | .\" See also https://gcc.gnu.org/wiki/Intel%20MPX%20support%20in%20the%20GCC%20compiler | |
791 | Enable or disable kernel management of Memory Protection eXtensions (MPX) | |
792 | bounds tables. | |
793 | The | |
794 | .IR arg2 , | |
795 | .IR arg3 , | |
796 | .IR arg4 , | |
797 | and | |
798 | .IR arg5 | |
799 | .\" commit e9d1b4f3c60997fe197bf0243cb4a41a44387a88 | |
800 | arguments must be zero. | |
efeece04 | 801 | .IP |
03547431 MK |
802 | MPX is a hardware-assisted mechanism for performing bounds checking on |
803 | pointers. | |
804 | It consists of a set of registers storing bounds information | |
805 | and a set of special instruction prefixes that tell the CPU on which | |
806 | instructions it should do bounds enforcement. | |
807 | There is a limited number of these registers and | |
808 | when there are more pointers than registers, | |
809 | their contents must be "spilled" into a set of tables. | |
810 | These tables are called "bounds tables" and the MPX | |
811 | .BR prctl () | |
812 | operations control | |
813 | whether the kernel manages their allocation and freeing. | |
efeece04 | 814 | .IP |
03547431 MK |
815 | When management is enabled, the kernel will take over allocation |
816 | and freeing of the bounds tables. | |
817 | It does this by trapping the #BR exceptions that result | |
818 | at first use of missing bounds tables and | |
819 | instead of delivering the exception to user space, | |
820 | it allocates the table and populates the bounds directory | |
821 | with the location of the new table. | |
822 | For freeing, the kernel checks to see if bounds tables are | |
823 | present for memory which is not allocated, and frees them if so. | |
efeece04 | 824 | .IP |
03547431 MK |
825 | Before enabling MPX management using |
826 | .BR PR_MPX_ENABLE_MANAGEMENT , | |
827 | the application must first have allocated a user-space buffer for | |
828 | the bounds directory and placed the location of that directory in the | |
829 | .I bndcfgu | |
830 | register. | |
efeece04 | 831 | .IP |
a23d8efa | 832 | These calls fail if the CPU or kernel does not support MPX. |
03547431 MK |
833 | Kernel support for MPX is enabled via the |
834 | .BR CONFIG_X86_INTEL_MPX | |
835 | configuration option. | |
836 | You can check whether the CPU supports MPX by looking for the 'mpx' | |
837 | CPUID bit, like with the following command: | |
efeece04 | 838 | .IP |
e256205a MK |
839 | .in +4n |
840 | .EX | |
841 | cat /proc/cpuinfo | grep ' mpx ' | |
842 | .EE | |
843 | .in | |
efeece04 | 844 | .IP |
03547431 MK |
845 | A thread may not switch in or out of long (64-bit) mode while MPX is |
846 | enabled. | |
efeece04 | 847 | .IP |
03547431 | 848 | All threads in a process are affected by these calls. |
efeece04 | 849 | .IP |
03547431 MK |
850 | The child of a |
851 | .BR fork (2) | |
852 | inherits the state of MPX management. | |
853 | During | |
854 | .BR execve (2), | |
855 | MPX management is reset to a state as if | |
856 | .BR PR_MPX_DISABLE_MANAGEMENT | |
857 | had been called. | |
efeece04 | 858 | .IP |
03547431 MK |
859 | For further information on Intel MPX, see the kernel source file |
860 | .IR Documentation/x86/intel_mpx.txt . | |
2ab5fe26 DM |
861 | .IP |
862 | .\" commit f240652b6032b48ad7fa35c5e701cc4c8d697c0b | |
863 | .\" See also https://lkml.kernel.org/r/20190705175321.DB42F0AD@viggo.jf.intel.com | |
864 | Due to a lack of toolchain support, | |
865 | .BR PR_MPX_ENABLE_MANAGEMENT " and " PR_MPX_DISABLE_MANAGEMENT | |
230dd8d0 | 866 | are not supported in Linux 5.4 and later. |
667eb3ac | 867 | .\" prctl PR_SET_NAME |
03547431 MK |
868 | .TP |
869 | .BR PR_SET_NAME " (since Linux 2.6.9)" | |
870 | Set the name of the calling thread, | |
871 | using the value in the location pointed to by | |
872 | .IR "(char\ *) arg2" . | |
873 | The name can be up to 16 bytes long, | |
874 | .\" TASK_COMM_LEN in include/linux/sched.h | |
875 | including the terminating null byte. | |
876 | (If the length of the string, including the terminating null byte, | |
877 | exceeds 16 bytes, the string is silently truncated.) | |
878 | This is the same attribute that can be set via | |
879 | .BR pthread_setname_np (3) | |
880 | and retrieved using | |
881 | .BR pthread_getname_np (3). | |
882 | The attribute is likewise accessible via | |
883 | .IR /proc/self/task/[tid]/comm , | |
884 | where | |
5aaf1385 DM |
885 | .I [tid] |
886 | is the the thread ID of the calling thread, as returned by | |
887 | .BR gettid (2). | |
888 | .\" prctl PR_GET_NAME | |
03547431 MK |
889 | .TP |
890 | .BR PR_GET_NAME " (since Linux 2.6.11)" | |
891 | Return the name of the calling thread, | |
892 | in the buffer pointed to by | |
893 | .IR "(char\ *) arg2" . | |
894 | The buffer should allow space for up to 16 bytes; | |
895 | the returned string will be null-terminated. | |
667eb3ac | 896 | .\" prctl PR_SET_NO_NEW_PRIVS |
03547431 MK |
897 | .TP |
898 | .BR PR_SET_NO_NEW_PRIVS " (since Linux 3.5)" | |
40dfb5ba | 899 | Set the calling thread's |
03547431 | 900 | .I no_new_privs |
fdda9363 | 901 | attribute to the value in |
03547431 MK |
902 | .IR arg2 . |
903 | With | |
904 | .I no_new_privs | |
905 | set to 1, | |
906 | .BR execve (2) | |
907 | promises not to grant privileges to do anything | |
908 | that could not have been done without the | |
909 | .BR execve (2) | |
910 | call (for example, | |
911 | rendering the set-user-ID and set-group-ID mode bits, | |
912 | and file capabilities non-functional). | |
97caa19c | 913 | Once set, the |
fdda9363 MK |
914 | .I no_new_privs |
915 | attribute cannot be unset. | |
916 | The setting of this attribute is inherited by children created by | |
03547431 MK |
917 | .BR fork (2) |
918 | and | |
919 | .BR clone (2), | |
920 | and preserved across | |
921 | .BR execve (2). | |
efeece04 | 922 | .IP |
c70fea6e MK |
923 | Since Linux 4.10, |
924 | the value of a thread's | |
925 | .I no_new_privs | |
fdda9363 | 926 | attribute can be viewed via the |
c70fea6e MK |
927 | .I NoNewPrivs |
928 | field in the | |
929 | .IR /proc/[pid]/status | |
930 | file. | |
efeece04 | 931 | .IP |
03547431 | 932 | For more information, see the kernel source file |
a84a5830 ES |
933 | .IR Documentation/userspace\-api/no_new_privs.rst |
934 | .\" commit 40fde647ccb0ae8c11d256d271e24d385eed595b | |
935 | (or | |
936 | .IR Documentation/prctl/no_new_privs.txt | |
937 | before Linux 4.13). | |
4d850396 MK |
938 | See also |
939 | .BR seccomp (2). | |
667eb3ac | 940 | .\" prctl PR_GET_NO_NEW_PRIVS |
03547431 MK |
941 | .TP |
942 | .BR PR_GET_NO_NEW_PRIVS " (since Linux 3.5)" | |
943 | Return (as the function result) the value of the | |
944 | .I no_new_privs | |
fdda9363 | 945 | attribute for the calling thread. |
03547431 MK |
946 | A value of 0 indicates the regular |
947 | .BR execve (2) | |
948 | behavior. | |
949 | A value of 1 indicates | |
950 | .BR execve (2) | |
951 | will operate in the privilege-restricting mode described above. | |
667eb3ac | 952 | .\" prctl PR_SET_PDEATHSIG |
03547431 MK |
953 | .TP |
954 | .BR PR_SET_PDEATHSIG " (since Linux 2.1.57)" | |
29b249db | 955 | Set the parent-death signal |
03547431 | 956 | of the calling process to \fIarg2\fP (either a signal value |
49a88f5d MK |
957 | in the range 1..\c |
958 | .BR NSIG "\-1" , | |
959 | or 0 to clear). | |
03547431 MK |
960 | This is the signal that the calling process will get when its |
961 | parent dies. | |
c5236575 | 962 | .IP |
03547431 MK |
963 | .IR Warning : |
964 | .\" https://bugzilla.kernel.org/show_bug.cgi?id=43300 | |
965 | the "parent" in this case is considered to be the | |
966 | .I thread | |
967 | that created this process. | |
968 | In other words, the signal will be sent when that thread terminates | |
969 | (via, for example, | |
970 | .BR pthread_exit (3)), | |
971 | rather than after all of the threads in the parent process terminate. | |
910b0689 | 972 | .IP |
a32c96b8 MK |
973 | The parent-death signal is sent upon subsequent termination of the parent |
974 | thread and also upon termination of each subreaper process | |
975 | (see the description of | |
976 | .B PR_SET_CHILD_SUBREAPER | |
977 | above) to which the caller is subsequently reparented. | |
978 | If the parent thread and all ancestor subreapers have already terminated | |
979 | by the time of the | |
980 | .BR PR_SET_PDEATHSIG | |
981 | operation, then no parent-death signal is sent to the caller. | |
982 | .IP | |
a09b5995 MK |
983 | The parent-death signal is process-directed (see |
984 | .BR signal (7)) | |
985 | and, if the child installs a handler using the | |
986 | .BR sigaction (2) | |
987 | .B SA_SIGINFO | |
988 | flag, the | |
989 | .I si_pid | |
990 | field of the | |
991 | .I siginfo_t | |
992 | argument of the handler contains the PID of the terminating parent process. | |
993 | .IP | |
29b249db | 994 | The parent-death signal setting is cleared for the child of a |
910b0689 MK |
995 | .BR fork (2). |
996 | It is also | |
997 | (since Linux 2.4.36 / 2.6.23) | |
998 | .\" commit d2d56c5f51028cb9f3d800882eb6f4cbd3f9099f | |
999 | cleared when executing a set-user-ID or set-group-ID binary, | |
1000 | or a binary that has associated capabilities (see | |
1001 | .BR capabilities (7)); | |
1002 | otherwise, this value is preserved across | |
1003 | .BR execve (2). | |
667eb3ac | 1004 | .\" prctl PR_GET_PDEATHSIG |
03547431 MK |
1005 | .TP |
1006 | .BR PR_GET_PDEATHSIG " (since Linux 2.3.15)" | |
1007 | Return the current value of the parent process death signal, | |
1008 | in the location pointed to by | |
1009 | .IR "(int\ *) arg2" . | |
667eb3ac | 1010 | .\" prctl PR_SET_PTRACER |
03547431 MK |
1011 | .TP |
1012 | .BR PR_SET_PTRACER " (since Linux 3.4)" | |
1013 | .\" commit 2d514487faf188938a4ee4fb3464eeecfbdcf8eb | |
1014 | .\" commit bf06189e4d14641c0148bea16e9dd24943862215 | |
1015 | This is meaningful only when the Yama LSM is enabled and in mode 1 | |
1016 | ("restricted ptrace", visible via | |
1017 | .IR /proc/sys/kernel/yama/ptrace_scope ). | |
1018 | When a "ptracer process ID" is passed in \fIarg2\fP, | |
1019 | the caller is declaring that the ptracer process can | |
1020 | .BR ptrace (2) | |
1021 | the calling process as if it were a direct process ancestor. | |
1022 | Each | |
1023 | .B PR_SET_PTRACER | |
1024 | operation replaces the previous "ptracer process ID". | |
1025 | Employing | |
1026 | .B PR_SET_PTRACER | |
1027 | with | |
1028 | .I arg2 | |
1029 | set to 0 clears the caller's "ptracer process ID". | |
1030 | If | |
1031 | .I arg2 | |
1032 | is | |
1033 | .BR PR_SET_PTRACER_ANY , | |
1034 | the ptrace restrictions introduced by Yama are effectively disabled for the | |
1035 | calling process. | |
efeece04 | 1036 | .IP |
03547431 | 1037 | For further information, see the kernel source file |
6744a500 ES |
1038 | .IR Documentation/admin\-guide/LSM/Yama.rst |
1039 | .\" commit 90bb766440f2147486a2acc3e793d7b8348b0c22 | |
1040 | (or | |
1041 | .IR Documentation/security/Yama.txt | |
1042 | before Linux 4.13). | |
667eb3ac | 1043 | .\" prctl PR_SET_SECCOMP |
03547431 MK |
1044 | .TP |
1045 | .BR PR_SET_SECCOMP " (since Linux 2.6.23)" | |
1046 | .\" See http://thread.gmane.org/gmane.linux.kernel/542632 | |
1047 | .\" [PATCH 0 of 2] seccomp updates | |
1048 | .\" andrea@cpushare.com | |
1049 | Set the secure computing (seccomp) mode for the calling thread, to limit | |
1050 | the available system calls. | |
1051 | The more recent | |
1052 | .BR seccomp (2) | |
1053 | system call provides a superset of the functionality of | |
1054 | .BR PR_SET_SECCOMP . | |
efeece04 | 1055 | .IP |
03547431 MK |
1056 | The seccomp mode is selected via |
1057 | .IR arg2 . | |
1058 | (The seccomp constants are defined in | |
1059 | .IR <linux/seccomp.h> .) | |
efeece04 | 1060 | .IP |
34447828 | 1061 | With |
8ab8b43f | 1062 | .IR arg2 |
34447828 | 1063 | set to |
b1248a9d | 1064 | .BR SECCOMP_MODE_STRICT , |
8ab8b43f MK |
1065 | the only system calls that the thread is permitted to make are |
1066 | .BR read (2), | |
1067 | .BR write (2), | |
85fbef74 MK |
1068 | .BR _exit (2) |
1069 | (but not | |
1070 | .BR exit_group (2)), | |
fea681da | 1071 | and |
8ab8b43f MK |
1072 | .BR sigreturn (2). |
1073 | Other system calls result in the delivery of a | |
1074 | .BR SIGKILL | |
1075 | signal. | |
34447828 | 1076 | Strict secure computing mode is useful for number-crunching applications |
8ab8b43f MK |
1077 | that may need to execute untrusted byte code, |
1078 | perhaps obtained by reading from a pipe or socket. | |
33a0ccb2 | 1079 | This operation is available only |
d6ef3d57 MK |
1080 | if the kernel is configured with |
1081 | .B CONFIG_SECCOMP | |
1082 | enabled. | |
efeece04 | 1083 | .IP |
34447828 KC |
1084 | With |
1085 | .IR arg2 | |
1086 | set to | |
b1248a9d | 1087 | .BR SECCOMP_MODE_FILTER " (since Linux 3.5)," |
6239dfb2 MK |
1088 | the system calls allowed are defined by a pointer |
1089 | to a Berkeley Packet Filter passed in | |
1090 | .IR arg3 . | |
1091 | This argument is a pointer to | |
1092 | .IR "struct sock_fprog" ; | |
1093 | it can be designed to filter | |
d6ef3d57 | 1094 | arbitrary system calls and system call arguments. |
33a0ccb2 | 1095 | This mode is available only if the kernel is configured with |
d6ef3d57 MK |
1096 | .B CONFIG_SECCOMP_FILTER |
1097 | enabled. | |
efeece04 | 1098 | .IP |
1733db35 MK |
1099 | If |
1100 | .BR SECCOMP_MODE_FILTER | |
1101 | filters permit | |
1102 | .BR fork (2), | |
990e3887 | 1103 | then the seccomp mode is inherited by children created by |
1733db35 MK |
1104 | .BR fork (2); |
1105 | if | |
1106 | .BR execve (2) | |
fa1d2749 | 1107 | is permitted, then the seccomp mode is preserved across |
1733db35 MK |
1108 | .BR execve (2). |
1109 | If the filters permit | |
a26ec136 | 1110 | .BR prctl () |
1733db35 MK |
1111 | calls, then additional filters can be added; |
1112 | they are run in order until the first non-allow result is seen. | |
efeece04 | 1113 | .IP |
6239dfb2 | 1114 | For further information, see the kernel source file |
28d96036 ES |
1115 | .IR Documentation/userspace\-api/seccomp_filter.rst |
1116 | .\" commit c061f33f35be0ccc80f4b8e0aea5dfd2ed7e01a3 | |
1117 | (or | |
1118 | .IR Documentation/prctl/seccomp_filter.txt | |
1119 | before Linux 4.13). | |
667eb3ac | 1120 | .\" prctl PR_GET_SECCOMP |
8ab8b43f MK |
1121 | .TP |
1122 | .BR PR_GET_SECCOMP " (since Linux 2.6.23)" | |
5e91816c MK |
1123 | Return (as the function result) |
1124 | the secure computing mode of the calling thread. | |
34447828 KC |
1125 | If the caller is not in secure computing mode, this operation returns 0; |
1126 | if the caller is in strict secure computing mode, then the | |
8ab8b43f MK |
1127 | .BR prctl () |
1128 | call will cause a | |
1129 | .B SIGKILL | |
1130 | signal to be sent to the process. | |
d6ef3d57 | 1131 | If the caller is in filter mode, and this system call is allowed by the |
8eeb062d MK |
1132 | seccomp filters, it returns 2; otherwise, the process is killed with a |
1133 | .BR SIGKILL | |
1134 | signal. | |
33a0ccb2 | 1135 | This operation is available only |
d6ef3d57 MK |
1136 | if the kernel is configured with |
1137 | .B CONFIG_SECCOMP | |
1138 | enabled. | |
efeece04 | 1139 | .IP |
787843e7 MK |
1140 | Since Linux 3.8, the |
1141 | .IR Seccomp | |
1142 | field of the | |
1143 | .IR /proc/[pid]/status | |
1144 | file provides a method of obtaining the same information, | |
1145 | without the risk that the process is killed; see | |
1146 | .BR proc (5). | |
667eb3ac | 1147 | .\" prctl PR_SET_SECUREBITS |
88989295 MK |
1148 | .TP |
1149 | .BR PR_SET_SECUREBITS " (since Linux 2.6.26)" | |
1150 | Set the "securebits" flags of the calling thread to the value supplied in | |
03547431 MK |
1151 | .IR arg2 . |
1152 | See | |
1153 | .BR capabilities (7). | |
667eb3ac | 1154 | .\" prctl PR_GET_SECUREBITS |
88989295 | 1155 | .TP |
03547431 MK |
1156 | .BR PR_GET_SECUREBITS " (since Linux 2.6.26)" |
1157 | Return (as the function result) | |
1158 | the "securebits" flags of the calling thread. | |
1159 | See | |
1160 | .BR capabilities (7). | |
667eb3ac | 1161 | .\" prctl PR_GET_SPECULATION_CTRL |
03547431 | 1162 | .TP |
dd08fcca | 1163 | .BR PR_GET_SPECULATION_CTRL " (since Linux 4.17)" |
1cea09b3 MK |
1164 | Return (as the function result) |
1165 | the state of the speculation misfeature specified in | |
a01c1cbc MK |
1166 | .IR arg2 . |
1167 | Currently, the only permitted value for this argument is | |
2feab5d3 MK |
1168 | .BR PR_SPEC_STORE_BYPASS |
1169 | (otherwise the call fails with the error | |
1170 | .BR ENODEV ). | |
1171 | .IP | |
1172 | The return value uses bits 0-3 with the following meaning: | |
e23acd79 KRW |
1173 | .RS |
1174 | .TP | |
1175 | .BR PR_SPEC_PRCTL | |
2feab5d3 | 1176 | Mitigation can be controlled per thread by |
e6935958 | 1177 | .BR PR_SET_SPECULATION_CTRL . |
e23acd79 KRW |
1178 | .TP |
1179 | .BR PR_SPEC_ENABLE | |
1180 | The speculation feature is enabled, mitigation is disabled. | |
1181 | .TP | |
1182 | .BR PR_SPEC_DISABLE | |
e6935958 | 1183 | The speculation feature is disabled, mitigation is enabled. |
e23acd79 KRW |
1184 | .TP |
1185 | .BR PR_SPEC_FORCE_DISABLE | |
1186 | Same as | |
1187 | .B PR_SPEC_DISABLE | |
1188 | but cannot be undone. | |
1189 | .RE | |
1190 | .IP | |
2feab5d3 | 1191 | If all bits are 0, |
e23acd79 KRW |
1192 | then the CPU is not affected by the speculation misfeature. |
1193 | .IP | |
1194 | If | |
1195 | .B PR_SPEC_PRCTL | |
2feab5d3 | 1196 | is set, then per-thread control of the mitigation is available. |
ac3756bc | 1197 | If not set, |
e36dfb81 | 1198 | .BR prctl () |
e23acd79 | 1199 | for the speculation misfeature will fail. |
a01c1cbc MK |
1200 | .IP |
1201 | The | |
e36dfb81 MK |
1202 | .IR arg3 , |
1203 | .IR arg4 , | |
e23acd79 KRW |
1204 | and |
1205 | .I arg5 | |
a01c1cbc | 1206 | arguments must be specified as 0; otherwise the call fails with the error |
e36dfb81 | 1207 | .BR EINVAL . |
667eb3ac | 1208 | .\" prctl PR_SET_SPECULATION_CTRL |
e23acd79 | 1209 | .TP |
dd08fcca MK |
1210 | .BR PR_SET_SPECULATION_CTRL " (since Linux 4.17)" |
1211 | .\" commit b617cfc858161140d69cc0b5cc211996b557a1c7 | |
1212 | .\" commit 356e4bfff2c5489e016fdb925adbf12a1e3950ee | |
a01c1cbc MK |
1213 | Sets the state of the speculation misfeature specified in |
1214 | .IR arg2 . | |
1215 | Currently, the only permitted value for this argument is | |
2feab5d3 MK |
1216 | .B PR_SPEC_STORE_BYPASS |
1217 | (otherwise the call fails with the error | |
1218 | .BR ENODEV ). | |
a01c1cbc | 1219 | This setting is a per-thread attribute. |
ac3756bc | 1220 | The |
e23acd79 | 1221 | .IR arg3 |
a01c1cbc MK |
1222 | argument is used to hand in the control value, |
1223 | which is one of the following: | |
e23acd79 KRW |
1224 | .RS |
1225 | .TP | |
1226 | .BR PR_SPEC_ENABLE | |
1227 | The speculation feature is enabled, mitigation is disabled. | |
1228 | .TP | |
1229 | .BR PR_SPEC_DISABLE | |
e6935958 | 1230 | The speculation feature is disabled, mitigation is enabled. |
e23acd79 KRW |
1231 | .TP |
1232 | .BR PR_SPEC_FORCE_DISABLE | |
1233 | Same as | |
e6935958 | 1234 | .BR PR_SPEC_DISABLE , |
ac3756bc MK |
1235 | but cannot be undone. |
1236 | A subsequent | |
e23acd79 KRW |
1237 | .B |
1238 | prctl(..., PR_SPEC_ENABLE) | |
2feab5d3 | 1239 | will fail with the error |
e36dfb81 | 1240 | .BR EPERM . |
e23acd79 KRW |
1241 | .RE |
1242 | .IP | |
1243 | Any other value in | |
1244 | .IR arg3 | |
2feab5d3 | 1245 | will result in the call failing with the error |
e23acd79 | 1246 | .BR ERANGE . |
a01c1cbc MK |
1247 | .IP |
1248 | The | |
2feab5d3 | 1249 | .I arg4 |
e23acd79 KRW |
1250 | and |
1251 | .I arg5 | |
a01c1cbc | 1252 | arguments must be specified as 0; otherwise the call fails with the error |
e36dfb81 | 1253 | .BR EINVAL . |
e23acd79 | 1254 | .IP |
a01c1cbc MK |
1255 | The speculation feature can also be controlled by the |
1256 | .B spec_store_bypass_disable | |
1257 | boot parameter. | |
1258 | This parameter may enforce a read-only policy which will result in the | |
549597a8 | 1259 | .BR prctl () |
a01c1cbc | 1260 | call failing with the error |
e23acd79 | 1261 | .BR ENXIO . |
a01c1cbc MK |
1262 | For further details, see the kernel source file |
1263 | .IR Documentation/admin-guide/kernel-parameters.txt . | |
03547431 | 1264 | .\" |
667eb3ac | 1265 | .\" prctl PR_TASK_PERF_EVENTS_DISABLE |
06afe673 MK |
1266 | .TP |
1267 | .BR PR_TASK_PERF_EVENTS_DISABLE " (since Linux 2.6.31)" | |
1268 | Disable all performance counters attached to the calling process, | |
1269 | regardless of whether the counters were created by | |
1270 | this process or another process. | |
1271 | Performance counters created by the calling process for other | |
1272 | processes are unaffected. | |
66a9882e | 1273 | For more information on performance counters, see the Linux kernel source file |
06afe673 MK |
1274 | .IR tools/perf/design.txt . |
1275 | .IP | |
03547431 MK |
1276 | Originally called |
1277 | .BR PR_TASK_PERF_COUNTERS_DISABLE ; | |
1278 | .\" commit 1d1c7ddbfab358445a542715551301b7fc363e28 | |
b0ea1ea3 | 1279 | renamed (retaining the same numerical value) |
03547431 MK |
1280 | in Linux 2.6.32. |
1281 | .\" | |
667eb3ac | 1282 | .\" prctl PR_TASK_PERF_EVENTS_ENABLE |
03979794 | 1283 | .TP |
03547431 MK |
1284 | .BR PR_TASK_PERF_EVENTS_ENABLE " (since Linux 2.6.31)" |
1285 | The converse of | |
1286 | .BR PR_TASK_PERF_EVENTS_DISABLE ; | |
1287 | enable performance counters attached to the calling process. | |
1288 | .IP | |
1289 | Originally called | |
1290 | .BR PR_TASK_PERF_COUNTERS_ENABLE ; | |
1291 | .\" commit 1d1c7ddbfab358445a542715551301b7fc363e28 | |
1292 | renamed | |
1293 | .\" commit cdd6c482c9ff9c55475ee7392ec8f672eddb7be6 | |
1294 | in Linux 2.6.32. | |
1295 | .\" | |
194ccff9 DM |
1296 | .\" prctl PR_SET_THP_DISABLE |
1297 | .TP | |
1298 | .BR PR_SET_THP_DISABLE " (since Linux 3.15)" | |
1299 | .\" commit a0715cc22601e8830ace98366c0c2bd8da52af52 | |
1300 | Set the state of the "THP disable" flag for the calling thread. | |
1301 | If | |
1302 | .I arg2 | |
1303 | has a nonzero value, the flag is set, otherwise it is cleared. | |
1304 | Setting this flag provides a method | |
1305 | for disabling transparent huge pages | |
1306 | for jobs where the code cannot be modified, and using a malloc hook with | |
1307 | .BR madvise (2) | |
1308 | is not an option (i.e., statically allocated data). | |
1309 | The setting of the "THP disable" flag is inherited by a child created via | |
1310 | .BR fork (2) | |
1311 | and is preserved across | |
1312 | .BR execve (2). | |
667eb3ac | 1313 | .\" prctl PR_GET_THP_DISABLE |
03547431 MK |
1314 | .TP |
1315 | .BR PR_GET_THP_DISABLE " (since Linux 3.15)" | |
035a7bf1 | 1316 | Return (as the function result) the current setting of the "THP disable" |
03547431 MK |
1317 | flag for the calling thread: |
1318 | either 1, if the flag is set, or 0, if it is not. | |
667eb3ac | 1319 | .\" prctl PR_GET_TID_ADDRESS |
03547431 MK |
1320 | .TP |
1321 | .BR PR_GET_TID_ADDRESS " (since Linux 3.5)" | |
1322 | .\" commit 300f786b2683f8bb1ec0afb6e1851183a479c86d | |
f1ba3ad2 | 1323 | Return the |
03547431 MK |
1324 | .I clear_child_tid |
1325 | address set by | |
1326 | .BR set_tid_address (2) | |
1327 | and the | |
1328 | .BR clone (2) | |
1329 | .B CLONE_CHILD_CLEARTID | |
1330 | flag, in the location pointed to by | |
1331 | .IR "(int\ **)\ arg2" . | |
1332 | This feature is available only if the kernel is built with the | |
1333 | .BR CONFIG_CHECKPOINT_RESTORE | |
c7f2f9ed MK |
1334 | option enabled. |
1335 | Note that since the | |
1336 | .BR prctl () | |
1337 | system call does not have a compat implementation for | |
1338 | the AMD64 x32 and MIPS n32 ABIs, | |
1339 | and the kernel writes out a pointer using the kernel's pointer size, | |
1340 | this operation expects a user-space buffer of 8 (not 4) bytes on these ABIs. | |
667eb3ac | 1341 | .\" prctl PR_SET_TIMERSLACK |
03547431 MK |
1342 | .TP |
1343 | .BR PR_SET_TIMERSLACK " (since Linux 2.6.28)" | |
1344 | .\" See https://lwn.net/Articles/369549/ | |
1345 | .\" commit 6976675d94042fbd446231d1bd8b7de71a980ada | |
3780f8a5 MK |
1346 | Each thread has two associated timer slack values: |
1347 | a "default" value, and a "current" value. | |
1348 | This operation sets the "current" timer slack value for the calling thread. | |
c14f7930 YX |
1349 | .I arg2 |
1350 | is an unsigned long value, then maximum "current" value is ULONG_MAX and | |
1351 | the minimum "current" value is 1. | |
3780f8a5 MK |
1352 | If the nanosecond value supplied in |
1353 | .IR arg2 | |
1354 | is greater than zero, then the "current" value is set to this value. | |
03547431 MK |
1355 | If |
1356 | .I arg2 | |
c14f7930 | 1357 | is equal to zero, |
3780f8a5 MK |
1358 | the "current" timer slack is reset to the |
1359 | thread's "default" timer slack value. | |
efeece04 | 1360 | .IP |
3780f8a5 | 1361 | The "current" timer slack is used by the kernel to group timer expirations |
03547431 MK |
1362 | for the calling thread that are close to one another; |
1363 | as a consequence, timer expirations for the thread may be | |
1364 | up to the specified number of nanoseconds late (but will never expire early). | |
1365 | Grouping timer expirations can help reduce system power consumption | |
1366 | by minimizing CPU wake-ups. | |
efeece04 | 1367 | .IP |
03547431 MK |
1368 | The timer expirations affected by timer slack are those set by |
1369 | .BR select (2), | |
1370 | .BR pselect (2), | |
1371 | .BR poll (2), | |
1372 | .BR ppoll (2), | |
1373 | .BR epoll_wait (2), | |
1374 | .BR epoll_pwait (2), | |
1375 | .BR clock_nanosleep (2), | |
1376 | .BR nanosleep (2), | |
1377 | and | |
1378 | .BR futex (2) | |
1379 | (and thus the library functions implemented via futexes, including | |
1380 | .\" List obtained by grepping for futex usage in glibc source | |
1381 | .BR pthread_cond_timedwait (3), | |
1382 | .BR pthread_mutex_timedlock (3), | |
1383 | .BR pthread_rwlock_timedrdlock (3), | |
1384 | .BR pthread_rwlock_timedwrlock (3), | |
1385 | and | |
1386 | .BR sem_timedwait (3)). | |
efeece04 | 1387 | .IP |
03547431 MK |
1388 | Timer slack is not applied to threads that are scheduled under |
1389 | a real-time scheduling policy (see | |
1390 | .BR sched_setscheduler (2)). | |
efeece04 | 1391 | .IP |
03547431 | 1392 | When a new thread is created, |
3780f8a5 | 1393 | the two timer slack values are made the same as the "current" value |
03547431 | 1394 | of the creating thread. |
3780f8a5 MK |
1395 | Thereafter, a thread can adjust its "current" timer slack value via |
1396 | .BR PR_SET_TIMERSLACK . | |
1397 | The "default" value can't be changed. | |
03547431 MK |
1398 | The timer slack values of |
1399 | .IR init | |
1400 | (PID 1), the ancestor of all processes, | |
1401 | are 50,000 nanoseconds (50 microseconds). | |
c14f7930 | 1402 | The timer slack value is inherited by a child created via |
0b9a7995 | 1403 | .BR fork (2), |
c14f7930 | 1404 | and is preserved across |
03547431 | 1405 | .BR execve (2). |
efeece04 | 1406 | .IP |
c1f78aba MK |
1407 | Since Linux 4.6, the "current" timer slack value of any process |
1408 | can be examined and changed via the file | |
1409 | .IR /proc/[pid]/timerslack_ns . | |
1410 | See | |
1411 | .BR proc (5). | |
667eb3ac | 1412 | .\" prctl PR_GET_TIMERSLACK |
e81a96ec | 1413 | .TP |
03547431 MK |
1414 | .BR PR_GET_TIMERSLACK " (since Linux 2.6.28)" |
1415 | Return (as the function result) | |
3780f8a5 | 1416 | the "current" timer slack value of the calling thread. |
667eb3ac | 1417 | .\" prctl PR_SET_TIMING |
4bf25b89 | 1418 | .TP |
d6bec36e MK |
1419 | .BR PR_SET_TIMING " (since Linux 2.6.0)" |
1420 | .\" Precisely: Linux 2.6.0-test4 | |
03547431 MK |
1421 | Set whether to use (normal, traditional) statistical process timing or |
1422 | accurate timestamp-based process timing, by passing | |
1423 | .B PR_TIMING_STATISTICAL | |
1424 | .\" 0 | |
1425 | or | |
1426 | .B PR_TIMING_TIMESTAMP | |
1427 | .\" 1 | |
1428 | to \fIarg2\fP. | |
1429 | .B PR_TIMING_TIMESTAMP | |
1430 | is not currently implemented | |
1431 | (attempting to set this mode will yield the error | |
1432 | .BR EINVAL ). | |
1433 | .\" PR_TIMING_TIMESTAMP doesn't do anything in 2.6.26-rc8, | |
1434 | .\" and looking at the patch history, it appears | |
1435 | .\" that it never did anything. | |
667eb3ac | 1436 | .\" prctl PR_GET_TIMING |
4bf25b89 | 1437 | .TP |
d6bec36e MK |
1438 | .BR PR_GET_TIMING " (since Linux 2.6.0)" |
1439 | .\" Precisely: Linux 2.6.0-test4 | |
03547431 MK |
1440 | Return (as the function result) which process timing method is currently |
1441 | in use. | |
667eb3ac | 1442 | .\" prctl PR_SET_TSC |
4bf25b89 | 1443 | .TP |
03547431 MK |
1444 | .BR PR_SET_TSC " (since Linux 2.6.26, x86 only)" |
1445 | Set the state of the flag determining whether the timestamp counter | |
1446 | can be read by the process. | |
1447 | Pass | |
1448 | .B PR_TSC_ENABLE | |
1449 | to | |
1450 | .I arg2 | |
1451 | to allow it to be read, or | |
1452 | .B PR_TSC_SIGSEGV | |
1453 | to generate a | |
1454 | .B SIGSEGV | |
1455 | when the process tries to read the timestamp counter. | |
667eb3ac | 1456 | .\" prctl PR_GET_TSC |
4bf25b89 | 1457 | .TP |
03547431 MK |
1458 | .BR PR_GET_TSC " (since Linux 2.6.26, x86 only)" |
1459 | Return the state of the flag determining whether the timestamp counter | |
1460 | can be read, | |
1461 | in the location pointed to by | |
1462 | .IR "(int\ *) arg2" . | |
667eb3ac | 1463 | .\" prctl PR_SET_UNALIGN |
03547431 MK |
1464 | .TP |
1465 | .B PR_SET_UNALIGN | |
1466 | (Only on: ia64, since Linux 2.3.48; parisc, since Linux 2.6.15; | |
0e2c6b8c ES |
1467 | PowerPC, since Linux 2.6.18; Alpha, since Linux 2.6.22; |
1468 | .\" sh: 94ea5e449ae834af058ef005d16a8ad44fcf13d6 | |
1469 | .\" tile: 2f9ac29eec71a696cb0dcc5fb82c0f8d4dac28c9 | |
1470 | sh, since Linux 2.6.34; tile, since Linux 3.12) | |
03547431 MK |
1471 | Set unaligned access control bits to \fIarg2\fP. |
1472 | Pass | |
1473 | \fBPR_UNALIGN_NOPRINT\fP to silently fix up unaligned user accesses, | |
1474 | or \fBPR_UNALIGN_SIGBUS\fP to generate | |
1475 | .B SIGBUS | |
2da72a43 MK |
1476 | on unaligned user access. |
1477 | Alpha also supports an additional flag with the value | |
1478 | of 4 and no corresponding named constant, | |
1479 | which instructs kernel to not fix up | |
0e2c6b8c | 1480 | unaligned accesses (it is analogous to providing the |
2da72a43 MK |
1481 | .BR UAC_NOFIX |
1482 | flag in | |
1483 | .BR SSI_NVPAIRS | |
1484 | operation of the | |
1485 | .BR setsysinfo () | |
1486 | system call on Tru64). | |
667eb3ac | 1487 | .\" prctl PR_GET_UNALIGN |
03547431 MK |
1488 | .TP |
1489 | .B PR_GET_UNALIGN | |
f1bb5798 | 1490 | (See |
03547431 | 1491 | .B PR_SET_UNALIGN |
f1bb5798 | 1492 | for information on versions and architectures.) |
03547431 | 1493 | Return unaligned access control bits, in the location pointed to by |
0e2c6b8c | 1494 | .IR "(unsigned int\ *) arg2" . |
47297adb | 1495 | .SH RETURN VALUE |
8ab8b43f | 1496 | On success, |
194ccff9 DM |
1497 | .BR PR_CAP_AMBIENT + PR_CAP_AMBIENT_IS_SET , |
1498 | .BR PR_CAPBSET_READ , | |
8ab8b43f | 1499 | .BR PR_GET_DUMPABLE , |
7f5d8442 | 1500 | .BR PR_GET_FP_MODE , |
194ccff9 | 1501 | .BR PR_GET_IO_FLUSHER , |
8ab8b43f | 1502 | .BR PR_GET_KEEPCAPS , |
194ccff9 | 1503 | .BR PR_MCE_KILL_GET , |
f83fe154 | 1504 | .BR PR_GET_NO_NEW_PRIVS , |
194ccff9 DM |
1505 | .BR PR_GET_SECUREBITS , |
1506 | .BR PR_GET_SPECULATION_CTRL , | |
5745985f | 1507 | .BR PR_GET_THP_DISABLE , |
8ab8b43f | 1508 | .BR PR_GET_TIMING , |
c42db321 | 1509 | .BR PR_GET_TIMERSLACK , |
8ab8b43f MK |
1510 | and (if it returns) |
1511 | .BR PR_GET_SECCOMP | |
2fda57bd | 1512 | return the nonnegative values described above. |
fea681da MK |
1513 | All other |
1514 | .I option | |
1515 | values return 0 on success. | |
1516 | On error, \-1 is returned, and | |
1517 | .I errno | |
1518 | is set appropriately. | |
1519 | .SH ERRORS | |
1520 | .TP | |
0478944d MK |
1521 | .B EACCES |
1522 | .I option | |
1523 | is | |
4ab9f1db MK |
1524 | .BR PR_SET_SECCOMP |
1525 | and | |
1526 | .I arg2 | |
1527 | is | |
1528 | .BR SECCOMP_MODE_FILTER , | |
1529 | but the process does not have the | |
1530 | .BR CAP_SYS_ADMIN | |
1531 | capability or has not set the | |
1532 | .IR no_new_privs | |
1533 | attribute (see the discussion of | |
1534 | .BR PR_SET_NO_NEW_PRIVS | |
1535 | above). | |
1536 | .TP | |
1537 | .B EACCES | |
1538 | .I option | |
1539 | is | |
0478944d MK |
1540 | .BR PR_SET_MM , |
1541 | and | |
1542 | .I arg3 | |
1543 | is | |
1544 | .BR PR_SET_MM_EXE_FILE , | |
1545 | the file is not executable. | |
1546 | .TP | |
1547 | .B EBADF | |
1548 | .I option | |
1549 | is | |
1550 | .BR PR_SET_MM , | |
1551 | .I arg3 | |
1552 | is | |
1553 | .BR PR_SET_MM_EXE_FILE , | |
1554 | and the file descriptor passed in | |
1555 | .I arg4 | |
1556 | is not valid. | |
1557 | .TP | |
1558 | .B EBUSY | |
1559 | .I option | |
1560 | is | |
1561 | .BR PR_SET_MM , | |
1562 | .I arg3 | |
1563 | is | |
1564 | .BR PR_SET_MM_EXE_FILE , | |
1565 | and this the second attempt to change the | |
1566 | .I /proc/pid/exe | |
1567 | symbolic link, which is prohibited. | |
1568 | .TP | |
8ab8b43f MK |
1569 | .B EFAULT |
1570 | .I arg2 | |
1571 | is an invalid address. | |
1572 | .TP | |
e35a0512 KC |
1573 | .B EFAULT |
1574 | .I option | |
1575 | is | |
1576 | .BR PR_SET_SECCOMP , | |
1577 | .I arg2 | |
1578 | is | |
1579 | .BR SECCOMP_MODE_FILTER , | |
1580 | the system was built with | |
64c626f7 | 1581 | .BR CONFIG_SECCOMP_FILTER , |
e35a0512 KC |
1582 | and |
1583 | .I arg3 | |
1584 | is an invalid address. | |
1585 | .TP | |
fea681da MK |
1586 | .B EINVAL |
1587 | The value of | |
1588 | .I option | |
f7abc99c DM |
1589 | is not recognized, |
1590 | or not supported on this system. | |