Changeset View
Standalone View
lib/libc/sys/procctl.2
Show All 23 Lines | |||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||||
.\" SUCH DAMAGE. | .\" SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" $FreeBSD$ | .\" $FreeBSD$ | ||||
.\" | .\" | ||||
.Dd April 9, 2019 | .Dd August 31, 2019 | ||||
.Dt PROCCTL 2 | .Dt PROCCTL 2 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm procctl | .Nm procctl | ||||
.Nd control processes | .Nd control processes | ||||
.Sh LIBRARY | .Sh LIBRARY | ||||
.Lb libc | .Lb libc | ||||
.Sh SYNOPSIS | .Sh SYNOPSIS | ||||
▲ Show 20 Lines • Show All 457 Lines • ▼ Show 20 Lines | |||||
and | and | ||||
.Fa id | .Fa id | ||||
must be the either caller's pid or zero, with no difference in effect. | must be the either caller's pid or zero, with no difference in effect. | ||||
.Fa arg | .Fa arg | ||||
must point to a memory location that can hold a value of type | must point to a memory location that can hold a value of type | ||||
.Vt int . | .Vt int . | ||||
If signal delivery has not been requested, it will contain zero | If signal delivery has not been requested, it will contain zero | ||||
on return. | on return. | ||||
.It Dv PROC_STACKGAP_CTL | |||||
Controls the stack gaps in the specified process. | |||||
A stack gap is the part of the growth area for a | |||||
alc: "A stack gap ... area for a | |||||
Done Inline Actions"growing area" -> "growth area" alc: "growing area" -> "growth area" | |||||
.Dv MAP_STACK | |||||
mapped region that is reserved and never filled by memory. | |||||
Done Inline Actions"filled by memory. alc: "filled by memory. | |||||
Done Inline ActionsI would replace ", which" by "that". See, for example, which-vs-that. alc: I would replace ", which" by "that". See, for example, [[ https://www.grammarly.com/blog/which… | |||||
Done Inline ActionsThe comma should be deleted. alc: The comma should be deleted. | |||||
Instead, the process is guaranteed to receive a | |||||
Done Inline Actions"Instead, the process ... to receive a alc: "Instead, the process ... to receive a | |||||
Done Inline ActionsI would start a new sentence here. alc: I would start a new sentence here. | |||||
Done Inline ActionsThe comma got deleted from the wrong place. This line and the previous one should be: "mapped region that is reserved and never filled by memory. alc: The comma got deleted from the wrong place. This line and the previous one should be:
"mapped… | |||||
.Dv SIGSEGV | |||||
signal on accessing pages in the gap. | |||||
Done Inline Actions"... accessing pages in ... alc: "... accessing pages in ... | |||||
Gaps protect against stack overflow corrupting memory adjacent | |||||
Done Inline Actions"... corrupting memory adjacent alc: "... corrupting memory adjacent | |||||
to the stack. | |||||
.Pp | |||||
The | |||||
.Fa data | |||||
argument must point to an integer variable containing flags. | |||||
Done Inline Actions"... integer variable containing flags. alc: "... integer variable containing flags. | |||||
The following flags are allowed: | |||||
.Bl -tag -width PROC_STACKGAP_DISABLE_EXEC | |||||
Done Inline ActionsShouldn't this be: "containing either the PROC_STACKGAP_ENABLE or PROC_STACKGAP_DISABLE flag." alc: Shouldn't this be: "containing either the PROC_STACKGAP_ENABLE or PROC_STACKGAP_DISABLE flag." | |||||
.It Dv PROC_STACKGAP_ENABLE | |||||
Done Inline Actions"... enabled for programs alc: "... enabled for programs | |||||
Done Inline Actions"If the PROC_STACKGAP_ENABLE flag is passed, ... alc: "If the PROC_STACKGAP_ENABLE flag is passed, ... | |||||
This flag is only accepted for consistency with | |||||
Done Inline Actions"started after an alc: "started after an | |||||
Done Inline Actions"This flag is only accepted ... alc: "This flag is only accepted ... | |||||
.Dv PROC_STACKGAP_STATUS . | |||||
If stack gaps are enabled, the flag is ignored. | |||||
Done Inline Actions"by the ... alc: "by the ... | |||||
If disabled, the flag causes an | |||||
Done Inline Actions"If the PROC_STACKGAP_DISABLE flag is passed, ... alc: "If the PROC_STACKGAP_DISABLE flag is passed, ... | |||||
Done Inline Actions"... flag causes an alc: "... flag causes an | |||||
.Ev EINVAL | |||||
Done Inline Actions"..., the gap becomes part of the normal growth area alc: "..., the gap becomes part of the normal growth area | |||||
error to be returned. | |||||
Done Inline Actions"For existing stacks, the ... alc: "For existing stacks, the ... | |||||
Done Inline Actions"error to be returned. alc: "error to be returned. | |||||
After gaps are disabled in a process, they can only be re-enabled when an | |||||
Done Inline ActionsI would mention execve here: "After gaps are disabled in a process, they can only be re-enabled when an execve is performed. alc: I would mention execve here: "After gaps are disabled in a process, they can only be re-enabled… | |||||
Done Inline ActionsThere is an extra space: "... in a ... alc: There is an extra space: "... in a ... | |||||
.Xr execve 2 | |||||
Done Inline Actions"... after they are alc: "... after they are | |||||
is performed. | |||||
.It Dv PROC_STACKGAP_DISABLE | |||||
Disable stack gaps for the process. | |||||
For existing stacks, the gap is no longer a reserved part of the growth | |||||
Done Inline Actions"Returns the current stack gap state ... alc: "Returns the current stack gap state ... | |||||
area and can be filled by memory on access. | |||||
Done Inline ActionsDrop the "The" here. alc: Drop the "The" here. | |||||
Done Inline ActionsInstead of the word "normal", the meaning of which may not be clear, consider saying, "For existing stacks, the gap is no longer a reserved part of the growth area and can be filled by memory on access." I'm trying to reuse the same terms that are used in the sentence defining what a gap is. alc: Instead of the word "normal", the meaning of which may not be clear, consider saying, "For… | |||||
.It Dv PROC_STACKGAP_ENABLE_EXEC | |||||
Enable stack gaps for programs started after an | |||||
.Xr execve 2 | |||||
Done Inline Actions"... to an integer ..., which is used to return a bitmask consisting alc: "... to an integer ..., which is used to return a bitmask consisting | |||||
Done Inline Actionsspelling: "constisting" alc: spelling: "constisting" | |||||
by the specified process. | |||||
.It Dv PROC_STACKGAP_DISABLE_EXEC | |||||
Inherit disabled stack gaps state after | |||||
.Xr execve 2 . | |||||
Done Inline ActionsThis sentence is not entirely consistent with the code. I would characterize this flags as allowing the current value of PROC_STACKGAP_{DIS,EN}ABLE to be inherited. In other words, the code won't disable gaps after an execve unless gaps were disabled in the process before the execve. alc: This sentence is not entirely consistent with the code. I would characterize this flags as… | |||||
In other words, if currently executed program has stack gaps disabled, | |||||
alcUnsubmitted Done Inline Actions"..., if the currently executing program has ... alc: "..., if the currently executing program has ... | |||||
they are kept disabled on exec. | |||||
If gaps were enabled, they are kept enabled after exec regardless of the flag. | |||||
alcUnsubmitted Done Inline ActionsI think that the phrase "regardless of the flag" will be confusing, because it's not entirely obvious which flag it refers to. It would be okay just to delete the phrase. I think that the sentence is clear without it. alc: I think that the phrase "regardless of the flag" will be confusing, because it's not entirely… | |||||
.El | |||||
.Pp | |||||
The stack gap state is inherited from the parent on | |||||
.Xr fork 2 . | |||||
.It Dv PROC_STACKGAP_STATUS | |||||
Returns the current stack gap state for the specified process. | |||||
.Fa data | |||||
must point to an integer variable, which is used to return a bitmask | |||||
consisting of the following flags: | |||||
.Bl -tag -width PROC_STACKGAP_DISABLE_EXEC | |||||
.It Dv PROC_STACKGAP_ENABLE | |||||
Stack gaps are enabled. | |||||
.It Dv PROC_STACKGAP_DISABLE | |||||
Stack gaps are disabled. | |||||
.It Dv PROC_STACKGAP_ENABLE_EXEC | |||||
Stack gaps are enabled in the process after | |||||
.Xr execve 2 . | |||||
.It Dv PROC_STACKGAP_DISABLE_EXEC | |||||
Stack gaps are disabled in the process after | |||||
.Xr execve 2 . | |||||
.El | |||||
.El | .El | ||||
.Sh NOTES | .Sh NOTES | ||||
Disabling tracing on a process should not be considered a security | Disabling tracing on a process should not be considered a security | ||||
feature, as it is bypassable both by the kernel and privileged processes, | feature, as it is bypassable both by the kernel and privileged processes, | ||||
and via other system mechanisms. | and via other system mechanisms. | ||||
As such, it should not be utilized to reliably protect cryptographic | As such, it should not be utilized to reliably protect cryptographic | ||||
keying material or other confidential data. | keying material or other confidential data. | ||||
.Sh RETURN VALUES | .Sh RETURN VALUES | ||||
▲ Show 20 Lines • Show All 130 Lines • Show Last 20 Lines |
"A stack gap ... area for a