lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <b81690dc-4300-9663-0488-d7208d5ddff4@gmail.com>
Date:   Sat, 8 Oct 2016 14:25:14 +0200
From:   "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>
To:     lkml <linux-kernel@...r.kernel.org>
Cc:     mtk.manpages@...il.com
Subject: man-pages-4.08 is released

The Linux man-pages maintainer proudly announces:

    man-pages-4.08 - man pages for Linux

This release includes input and contributions from
around 40 people. Nearly 200 pages saw changes, ranging
from typo fixes through to page rewrites and 1 new page.

Tarball download:
    http://www.kernel.org/doc/man-pages/download.html
Git repository:
    https://git.kernel.org/cgit/docs/man-pages/man-pages.git/
Online changelog:
    http://man7.org/linux/man-pages/changelog.html#release_4.08

A short summary of the release is blogged at:
http://linux-man-pages.blogspot.com/2016/10/man-pages-408-is-released.html

The current version of the pages is browsable at:
http://man7.org/linux/man-pages/

 A selection of changes in this release that may be of interest
to readers on LKML is shown below.

Cheers,

Michael

==================== Changes in man-pages-4.08 ====================

Released: 2016-10-08, Munich


New and rewritten pages
-----------------------

quotactl.2
    Eugene Syromyatnikov  [Michael Kerrisk]
        Updated information regarding disk quota flags
            Added information regarding DQF_SYS_FILE flag; updated definition
            of V1_DQF_RSQUASH, which has been defined privately and defined
            publicly as DQF_ROOT_SQUASH.
    Eugene Syromyatnikov
        Updated information regarding XFS-specific quotactl subcommands
            Added information regarding structure definitions used for
            XFS-specific subcommands, updated flag constants, added
            information regarding ignored syscall arguments, added notes on
            usage of kernel UAPI header.
    Eugene Syromyatnikov
        Additions regarding project quotas
            Added information regarding presence of project quotas.

bswap.3
    Michael Kerrisk
        New page documenting bswap_16(), bswap_32(), and bswap_64()

cgroups.7
    Michael Kerrisk
       Substantial rewrites, additions, and corrections.


Newly documented interfaces in existing pages
---------------------------------------------

readv.2
    Michael Kerrisk
        Document the pwritev2() RWF_SYNC  and RWF_DSYNC flags

proc.5
    Michael Kerrisk
        Document /proc/PID/seccomp
    Jann Horn
        Document /proc/[pid]/task/[tid]/children
            Document the /proc/[pid]/task/[tid]/children interface from
            CRIU, and more importantly, document why it's usually not
            a good interface.


Changes to individual pages
---------------------------

chroot.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SYS_CHROOT

clone.2
    Keno Fischer  [Josh Triplett]
        Adjust syscall prototype and expand CLONE_SETTLS description
    Michael Kerrisk  [Josh Triplett, Josh Triplett]
        Document raw syscall interfaces on various other architectures
    Michael Kerrisk
        Change types for 'ptid' and 'ctid' in syscall prototypes
            These types changed from 'void *' to 'int *' back in Linux 3.8.
    Michael Kerrisk
        EINVAL is generated by glibc wrapper for NULL 'fn' or 'child_stack'
            Clarify that this error is produced by the wrapper function, not
            the underlying system call. In particular, the point is that the
            raw system call can accommodate a NULL pointer for 'child_stack'.
    Michael Kerrisk  [Elliott Hughes]
        Make the implications of CLONE_FILES more explicit
            If CLONE_FILES is not set, the duplicated FDs nevertheless share
            file offset and status flags via the open file description.

epoll_wait.2
    Mike Crowe
        Clarify that the timeout is measured against CLOCK_MONOTONIC

fcntl.2
    Michael Kerrisk
        Note an important detail of F_SETOWN permission rules for signals
            F_SETOWN records the caller's credentials at the time of
            the fcntl() call, and it is these saved credentials that
            are used for subsequent permission checks.

getdomainname.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SYS_ADMIN

getgroups.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SETGID

gethostname.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SYS_ADMIN

getrlimit.2
    Michael Kerrisk
        Note user namespace semantics for CAP_SYS_RESOURCE

kcmp.2
    Michael Kerrisk
        Add an example program

kill.2
    Michael Kerrisk
        Note the user namespace requirement for CAP_KILL

mlock.2
    Sebastian Andrzej Siewior
        Document that fork() after mlock() may be a bad idea in a RT process

mmap.2
    Jann Horn
        Describe treatment of 'offset' for MAP_ANONYMOUS

msgctl.2
msgget.2
msgop.2
semctl.2
semget.2
semop.2
shmctl.2
shmget.2
shmop.2
    Michael Kerrisk
        Note the user namespace requirements for CAP_IPC_OWNER

open.2
    Michael Kerrisk
        Clarify user namespace capability requirements for O_NOATIME
    Michael Kerrisk
        F2FS support for O_TMPFILE was added in Linux 3.16
    Michael Kerrisk
        Clarify the rules about how the group ID of a new file is determined

prctl.2
    Michael Kerrisk
        Simplify list of cases where "dumpable" attribute is reset
    Michael Kerrisk
        Note user namespace requirements for PR_CAPBSET_DROP CAP_SETPCAP

readlink.2
    Michael Kerrisk  [Ursache Vladimir]
        Make example program handle links that report a size of zero
            Some "magic" symlinks created by the kernel (e.g., those under
            /proc and /sys) report 'st_size' as zero. Modify the example
            program to handle that possibility.

readv.2
    Michael Kerrisk  [Christoph Hellwig]
        Clarify that RWF_DSYNC and RWF_SYNC apply only to data being written

reboot.2
    Michael Kerrisk
        Note user namespace requirements around CAP_SYS_BOOT

sched_setaffinity.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SYS_NICE

seccomp.2
    Michael Kerrisk
        CAP_SYS_ADMIN is required only in caller's user namespace

seteuid.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SETUID and CAP_SETGID

setgid.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SETGID

setresuid.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SETUID

setreuid.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SETUID and CAP_SETGID

setuid.2
    Michael Kerrisk
        Note user namespace requirements for CAP_SETUID

sigprocmask.2
    Keno Fischer
        Expand/clarify libc/kernel sigset_t difference

bindresvport.3
rcmd.3
ip.7
    Michael Kerrisk
        Note user namespace requirements for CAP_NET_BIND_SERVICE

core.5
    Mike Frysinger  [Michael Kerrisk]
       Add more details for output paths and the crash handler
            People sometimes assume that the crash handler runs in the same
            context as the crashing process.  They would be incorrect :).

proc.5
    Mike Frysinger
        Clarify the root symlink and mount namespaces
            If the target process is in a different mount namespace, the root
            symlink actually shows that view of the filesystem.
    Michael Kerrisk  [Mike Frysinger]
        Expand discussion of /proc/[pid]/root
            Add a shell example showing that /proc/[pid]/root is more
            than a symlink. Based on an example provided by Mike Frysinger
            in an earlier commit message.
    Michael Kerrisk
        Explain rules determining ownership of /proc/PID/* files
            Describe the effect of the "dumpable" attribute on ownership
            of /proc/PID files.
    Michael Kerrisk
        Note effect of 'suid_dumpable' on ownership of /proc/PID files
    Michael Kerrisk
        Note that 'suid_dumpable' mode 1 is insecure
    Michael Kerrisk
        Document /proc/meminfo '+ShmemHugePages' and 'ShmemPmdMapped' fields
    Michael Kerrisk
        Document /proc/PID/status 'RssAnon', 'RssFile', and 'RssShmem' fields
    Michael Kerrisk
        Document /proc/PID/status 'HugetlbPages' field
    Michael Kerrisk  [Zefram]
        Clarify that /proc/PID/statm 'shared' field counts *resident* pages
            See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741360
    Michael Kerrisk
        Clarify user namespace requirements for /proc/sys/fs/protected_hardlinks
    Michael Kerrisk
        Clarify description of /proc/PID/statm 'lib' and 'dt' fields
            These fields are always zero since Linux 2.6.
    Namhyung Kim  [Petr Cermak]
        Add description of CLEAR_REFS_MM_HIWATER_RSS

capabilities.7
    Michael Kerrisk
        Add note about nosuid to file capabilities section

packet.7
    Michael Kerrisk
        Clarify user namespace requirements for CAP_NET_RAW

pipe.7
    Michael Kerrisk  [Patrick McLean]
        Document FIONREAD

raw.7
    Michael Kerrisk
        Clarify user namespace requirements for CAP_NET_RAW
            Also remove mention of UID 0 as a method or creating
            a raw socket. As far as I can tell from reading the
            kernel source (net/ipv4/af_inet.c), this is not true.

ld.so.8
    Michael Kerrisk
        Expand description of LD_DEBUG
            Provide a list of the categories, and note that multiple
            categories can be specified.
    Michael Kerrisk
        Clarify text describing whether secure-mode programs preload libraries

-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ