1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
==================== Changes in man-pages-3.77 ====================
Released: ????-??-??, Munich
Contributors
------------
The following people contributed patches/fixes or (noted in brackets
in the changelog below) reports, notes, and ideas that have been
incorporated in changes in this release:
Akihiro Motoki <amotoki@gmail.com>
Alexandre Bique <bique.alexandre@gmail.com>
Andre Majorel <aym-xunil@teaser.fr>
Andy Lutomirski <luto@amacapital.net>
Daniel Borkmann <dborkman@redhat.com>
Dave Hansen <dave.hansen@intel.com>
Elie De Brauwer <eliedebrauwer@gmail.com>
Heinrich Schuchardt <xypron.glpk@gmx.de>
Ignat Loskutov <ignat.loskutov@gmail.com>
Jeff Epler <jepler@unpythonic.net>
Jérôme Pouiller <jezz@sysmic.org>
Kees Cook <keescook@chromium.org>
Laurent Georget <laurent.georget@supelec.fr>
Masanari Iida <standby24x7@gmail.com>
Michael Haardt <michael@moria.de>
Michael Kerrisk <mtk.manpages@gmail.com>
Mike Frysinger <vapier@gentoo.org>
Richard Cochran <richardcochran@gmail.com>
Stephan Mueller <stephan.mueller@atsec.com>
Troy Davis <troy@yort.com>
Vince Weaver <vincent.weaver@maine.edu>
Will Drewry <wad@chromium.org>
Apologies if I missed anyone!
New and rewritten pages
-----------------------
seccomp.2
Kees Cook, Michael Kerrisk, Will Drewry [Andy Lutomirski]
New page documenting seccomp(2)
Combines documentation from prctl, in-kernel seccomp_filter.txt
and dropper.c, along with details specific to the new system call.
Newly documented interfaces in existing pages
---------------------------------------------
netlink.7
Stephan Mueller [Michael Kerrisk]
Add NETLINK_CRYPTO
Changes to individual pages
---------------------------
adjtimex.2
Laurent Georget [Richard Cochran, Jeff Epler]
Clarify the 'ppm scaling' used in struct timex
This patch makes explicit and clarifies the unit used for
the fields "freq", "ppsfreq" and "stabil" in struct timex.
Michael Kerrisk [Masanari Iida]
Note that TIME_ERROR is the modern synonym for TIME_BAD
perf_event_open.2
Vince Weaver
Clarify the PERF_FLAG_FD_* flags
This change clarifies the behavior of the PERF_FLAG_FD_OUTPUT and
PERF_FLAG_FD_NO_GROUP flags to perf_event_open(), and removes
the related FIXME comments.
While writing tests to validate the behavior of these flags I
discovered that PERF_FLAG_FD_OUTPUT has been broken since the
2.6.35 kernel release.
prctl.2
Dave Hansen [Michael Kerrisk]
Add description of Intel MPX calls
The 3.19 kernel will have support for Intel MPX, including
a pair of new prctl() calls (PR_MPX_ENABLE_MANAGEMENT and
PR_MPX_DISABLE_MANAGEMENT) for enabling and disabling the
kernel's management of the "bounds tables". Add a
descriptions of the interface.
Michael Kerrisk
Add mention of seccomp(2) under PR_SET_SECCOMP
Michael Kerrisk
Suggest /proc/PID/status "Seccomp" as alternative to PRCTL_GET_SECCOMP
Michael Kerrisk
SIGKILL can also occur PRCTL_GET_SECCOMP in SECCOMP_MODE_FILTER mode
Kees Cook [Andy Lutomirski]
Document SECCOMP_MODE_FILTER vs EFAULT
This notes the distinction made between EINVAL and EFAULT when
attempting to use SECCOMP_MODE_FILTER with PR_SET_SECCOMP.
setns.2
pid_namespaces.7
Mike Frysinger
Elaborate discussion of the PID namespace descendant limitation
The setns(2) man page already mentions that CLONE_NEWPID may only
be used with descendant namespaces, but this nuance could be
listed in a few more places so it is not missed.
shmget.2
Michael Kerrisk [Akihiro Motoki]
Make wording of SHMALL description a little clearer
sigaction.2
Michael Kerrisk
Add siginfo_t fields for SECCOMP_RET_TRAP
memchr.3
strstr.3
Alexandre Bique
Reference memmem(3) in SEE ALSO section
memcmp.3
Michael Kerrisk [Michael Haardt]
NOTES: add some detail on avoiding memcmp() of cryptographic data
Wording largely based on comments from Michael Haardt.
pthread_tryjoin_np.3
Jérôme Pouiller [Michael Kerrisk]
Document EINVAL error for pthread_timedjoin_np()
mem.4
Elie De Brauwer
/dev/kmem depends on CONFIG_DEVKMEM
Elie De Brauwer
Correct /dev/port group in example
mem.4 mentions that group for /dev/port should be set to 'mem'
However, all other files (/dev/mem and /dev/kmem) use the kmem
group in their examples and on my system /dev/port belongs to
kmem. Hence the 'mem' group was probably a typo:
Elie De Brauwer
Add CONFIG_STRICT_DEVMEM
Since 2.6.26 the CONFIG_NONPROMISC_DEVMEM options limits the
physical addresses which can be accessed through /dev/mem.
random.4
Heinrich Schuchardt
Describe handling of O_NONBLOCK
/dev/random and /dev/urandom treat O_NONBLOCK differently.
This should be described in the manpage.
Heinrich Schuchardt
Mention PRNG used by urandom
/dev/urandom uses a pseudo-random number generator to replace
missing entropy.
proc.5
Michael Kerrisk
Document "Seccomp" field of /proc/PID/status
epoll.7
Michael Kerrisk [Ignat Loskutov]
Use epoll_create1() rather than epoll_create() in the code example
epoll_create1() is more or less the preferred API for new
applications, since it allows for some flags and avoids the
misdesigned epoll_create() argument, and so it seems sensible
to use that in the example, rather than epoll_create().
tcp.7
Troy Davis
Clarify tcp_tw_recycle on Internet-facing hosts
Clarify that tcp_tw_recycle will break communication with many
general-purpose remote Internet hosts (namely, remote NAT devices)
even when the Linux device itself is not behind NAT.
|