1 ==================== Changes in man-pages-3.77 ====================
3 Released: 2015-01-10, Munich
9 The following people contributed patches/fixes or (noted in brackets
10 in the changelog below) reports, notes, and ideas that have been
11 incorporated in changes in this release:
13 Akihiro Motoki <amotoki@gmail.com>
14 Alexandre Bique <bique.alexandre@gmail.com>
15 Andre Majorel <aym-xunil@teaser.fr>
16 Andy Lutomirski <luto@amacapital.net>
17 Daniel Borkmann <dborkman@redhat.com>
18 Dave Hansen <dave.hansen@intel.com>
19 Elie De Brauwer <eliedebrauwer@gmail.com>
20 Heinrich Schuchardt <xypron.glpk@gmx.de>
21 Ignat Loskutov <ignat.loskutov@gmail.com>
22 Jeff Epler <jepler@unpythonic.net>
23 Jérôme Pouiller <jezz@sysmic.org>
24 Kees Cook <keescook@chromium.org>
25 Laurent Georget <laurent.georget@supelec.fr>
26 Masanari Iida <standby24x7@gmail.com>
27 Michael Haardt <michael@moria.de>
28 Michael Kerrisk <mtk.manpages@gmail.com>
29 Mike Frysinger <vapier@gentoo.org>
30 Richard Cochran <richardcochran@gmail.com>
31 Stephan Mueller <stephan.mueller@atsec.com>
32 Troy Davis <troy@yort.com>
33 Vince Weaver <vincent.weaver@maine.edu>
34 Will Drewry <wad@chromium.org>
36 Apologies if I missed anyone!
39 New and rewritten pages
40 -----------------------
43 Kees Cook, Michael Kerrisk, Will Drewry [Andy Lutomirski]
44 New page documenting seccomp(2)
45 Combines documentation from prctl, in-kernel seccomp_filter.txt
46 and dropper.c, along with details specific to the new system call.
49 Newly documented interfaces in existing pages
50 ---------------------------------------------
53 Stephan Mueller [Michael Kerrisk]
57 Changes to individual pages
58 ---------------------------
61 Laurent Georget [Richard Cochran, Jeff Epler]
62 Clarify the 'ppm scaling' used in struct timex
63 This patch makes explicit and clarifies the unit used for
64 the fields "freq", "ppsfreq" and "stabil" in struct timex.
65 Michael Kerrisk [Masanari Iida]
66 Note that TIME_ERROR is the modern synonym for TIME_BAD
70 Clarify the PERF_FLAG_FD_* flags
71 This change clarifies the behavior of the PERF_FLAG_FD_OUTPUT and
72 PERF_FLAG_FD_NO_GROUP flags to perf_event_open(), and removes
73 the related FIXME comments.
75 While writing tests to validate the behavior of these flags I
76 discovered that PERF_FLAG_FD_OUTPUT has been broken since the
77 2.6.35 kernel release.
80 Dave Hansen [Michael Kerrisk]
81 Add description of Intel MPX calls
82 The 3.19 kernel will have support for Intel MPX, including
83 a pair of new prctl() calls (PR_MPX_ENABLE_MANAGEMENT and
84 PR_MPX_DISABLE_MANAGEMENT) for enabling and disabling the
85 kernel's management of the "bounds tables". Add a
86 descriptions of the interface.
88 Add mention of seccomp(2) under PR_SET_SECCOMP
90 Suggest /proc/PID/status "Seccomp" as alternative to PRCTL_GET_SECCOMP
92 SIGKILL can also occur PRCTL_GET_SECCOMP in SECCOMP_MODE_FILTER mode
93 Kees Cook [Andy Lutomirski]
94 Document SECCOMP_MODE_FILTER vs EFAULT
95 This notes the distinction made between EINVAL and EFAULT when
96 attempting to use SECCOMP_MODE_FILTER with PR_SET_SECCOMP.
101 Elaborate discussion of the PID namespace descendant limitation
102 The setns(2) man page already mentions that CLONE_NEWPID may only
103 be used with descendant namespaces, but this nuance could be
104 listed in a few more places so it is not missed.
107 Michael Kerrisk [Akihiro Motoki]
108 Make wording of SHMALL description a little clearer
112 Add siginfo_t fields for SECCOMP_RET_TRAP
117 Reference memmem(3) in SEE ALSO section
120 Michael Kerrisk [Michael Haardt]
121 NOTES: add some detail on avoiding memcmp() of cryptographic data
122 Wording largely based on comments from Michael Haardt.
125 Jérôme Pouiller [Michael Kerrisk]
126 Document EINVAL error for pthread_timedjoin_np()
130 /dev/kmem depends on CONFIG_DEVKMEM
132 Correct /dev/port group in example
133 mem.4 mentions that group for /dev/port should be set to 'mem'
134 However, all other files (/dev/mem and /dev/kmem) use the kmem
135 group in their examples and on my system /dev/port belongs to
136 kmem. Hence the 'mem' group was probably a typo:
138 Add CONFIG_STRICT_DEVMEM
139 Since 2.6.26 the CONFIG_NONPROMISC_DEVMEM options limits the
140 physical addresses which can be accessed through /dev/mem.
144 Describe handling of O_NONBLOCK
145 /dev/random and /dev/urandom treat O_NONBLOCK differently.
146 This should be described in the manpage.
148 Mention PRNG used by urandom
149 /dev/urandom uses a pseudo-random number generator to replace
154 Document "Seccomp" field of /proc/PID/status
157 Michael Kerrisk [Ignat Loskutov]
158 Use epoll_create1() rather than epoll_create() in the code example
159 epoll_create1() is more or less the preferred API for new
160 applications, since it allows for some flags and avoids the
161 misdesigned epoll_create() argument, and so it seems sensible
162 to use that in the example, rather than epoll_create().
166 Clarify tcp_tw_recycle on Internet-facing hosts
167 Clarify that tcp_tw_recycle will break communication with many
168 general-purpose remote Internet hosts (namely, remote NAT devices)
169 even when the Linux device itself is not behind NAT.