| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120320222424.GL14269@moon> Date: Wed, 21 Mar 2012 02:24:24 +0400 From: Cyrill Gorcunov <gorcunov@...nvz.org> To: "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com> Cc: akpm@...ux-foundation.org, xemul@...allels.com, linux-man@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/2] prctl.2: Add PR_SET_MM option description On Wed, Mar 21, 2012 at 06:21:19AM +1300, Michael Kerrisk (man-pages) wrote: > Hello Cyrill, > > The PR_SET_MM operation adds a number of new error cases to prctl(2). > Could you extend you patch to add these under ERRORS? > Hi Michael, here is an update on previous patch. Please take a look and tell me what you think when you get time. Complains are welcome! Cyrill --- >From 10dbf8dc2e40426c56a6d2a2414bcb9d3a0f5ff3 Mon Sep 17 00:00:00 2001 From: Cyrill Gorcunov <gorcunov@...nvz.org> Date: Wed, 21 Mar 2012 02:20:11 +0400 Subject: [PATCH] prctl.2: Update description for PR_SET_MM option New feature PR_SET_MM_EXE_FILE added, also error codes updated. Signed-off-by: Cyrill Gorcunov <gorcunov@...nvz.org> --- man2/prctl.2 | 70 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 files changed, 69 insertions(+), 1 deletions(-) diff --git a/man2/prctl.2 b/man2/prctl.2 index 7a50ac1..de15426 100644 --- a/man2/prctl.2 +++ b/man2/prctl.2 @@ -481,6 +481,30 @@ argument should provide the address of the vector. The .I arg4 is the size of the vector. + +.BR PR_SET_MM_EXE_FILE +to supersede +.IR /proc/pid/exe +symbolic link with a new one pointing to a new executable file +which descriptor is provided provided in the +.I arg3 +argument. +The file descriptor should be obtaned with a regular +.BR open (2) +call. + +To change the symlink, one needs to unmap all existing +executable memory areas being created by the kernel itself +(for example the kernel usually creates at least one executable +memory area for Elf file +.IR \.text +section). + +The second limitation is that such transition can be done once +in a process life time. +Any furter attempts will be rejected. +This should help system administrators to monitor the unusual +symlinks transitions over all process running in a system. .\" .SH "RETURN VALUE" On success, @@ -515,7 +539,9 @@ is not recognized. is .BR PR_MCE_KILL or -.BR PR_MCE_KILL_GET , +.BR PR_MCE_KILL_GET +or +.BR PR_SET_MM , and unused .BR prctl () arguments were not specified as zero. @@ -563,6 +589,48 @@ is and the caller does not have the .B CAP_SETPCAP capability. +.TP +.B EPERM +.I option +is +.BR PR_SET_MM , +and the caller does not have the +.B CAP_SYS_RESOURCE +capability. +.TP +.B EACCES +.I option +is +.BR PR_SET_MM , +and the +.I arg3 +is +.BR PR_SET_MM_EXE_FILE , +the file is not executable one. +.TP +.B EBUSY +.I option +is +.BR PR_SET_MM , +and the +.I arg3 +is +.BR PR_SET_MM_EXE_FILE , +the second attempt to change +.I /proc/pid/exe +symlink is prohibited. +.TP +.B EBADF +.I option +is +.BR PR_SET_MM , +and the +.I arg3 +is +.BR PR_SET_MM_EXE_FILE , +the file descriptor passed in +.I arg4 +is not found. .\" The following can't actually happen, because prctl() in .\" seccomp mode will cause SIGKILL. .\" .TP -- 1.7.7.6 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists