Received: by 10.223.164.202 with SMTP id h10csp2364515wrb; Sat, 18 Nov 2017 20:20:16 -0800 (PST) X-Google-Smtp-Source: AGs4zMbsiZyRmvZ0B+NE2auWFWT5pPa/o4YzfpO9DVs2d19Egzczcr9rNkPeNrR+ckyxXrAlJkOa X-Received: by 10.101.64.133 with SMTP id t5mr9368362pgp.299.1511065216099; Sat, 18 Nov 2017 20:20:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1511065216; cv=none; d=google.com; s=arc-20160816; b=xYzewpH5zw2kKwG3o8YV5Jaqm0ZkaSrAS1fWIf8vqTHqpYmZ+Qms9T7TBkdHePpP9S 7MKAMvpbbzBZqvaspkkPdM1YXDo7hXy702DxVD+MhLX0AvxRFvbPWqHRNeVpakMb7E4N +SjK7lRjR5hmYFrB3aI5VlbXyWkP/Ll8cnIg7p1Lf4jTYvzR0QUd7ciSE8fSICiycZfw BprCMQoQkSAoBfuOpNs1fgywEN3pxR/WZCkQ9E6mAaMc1ScEFuwSY9VKPvjYU0t3hXO1 Nub0dXbXLn95pW/YzwJfU7aha8qa8vuMpxwZ1kpJxaPOXu9yLW2zOOdXUZhWOOyObdQ7 Nc9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:mime-version:user-agent:date:message-id:subject :from:to:cc:dkim-signature:arc-authentication-results; bh=ktWz/ooSzVFWOtjXN9oNvi3XX5H2AN7UUFAmGlnBRng=; b=jBUYcVPTGPVCYBYzjzwE40UMYek6sMSeUfQ2FCihMJMG5aa+qbEAdt7dEzGwr6GGzN z/dPKmguSduGBfLzyE/5FRn1r9enSrownPiHieS2vgYZJJFsNowd9YifcAlVDFuo57PF GC9AABmT3L/LJ3UNPuC3diyAKL+r9fyHAqILjhhoYFhHgwHVesAY9W24nTIvLTuc22VS LeNZeFf/LOqYizOr5J/n5okM0ZanWWqTr/Lq+n9v1A5oqOZsvyi7xEe7IJ/F9z/hlXGc 269OIAwUvOOtj1s8YYo9ukWqXWYnN7oJZkLvRJdcqY25dQOQpJOW/bkFP1JkBPQDY4Kc swIw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OZJYDtpn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v17si5446491pgb.484.2017.11.18.20.20.03; Sat, 18 Nov 2017 20:20:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OZJYDtpn; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1763158AbdKRUEr (ORCPT + 92 others); Sat, 18 Nov 2017 15:04:47 -0500 Received: from mail-wm0-f54.google.com ([74.125.82.54]:39409 "EHLO mail-wm0-f54.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1763125AbdKRUEj (ORCPT ); Sat, 18 Nov 2017 15:04:39 -0500 Received: by mail-wm0-f54.google.com with SMTP id l8so12006090wmg.4; Sat, 18 Nov 2017 12:04:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=cc:to:from:subject:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=ktWz/ooSzVFWOtjXN9oNvi3XX5H2AN7UUFAmGlnBRng=; b=OZJYDtpnno+D7VGTijTp8dB7CN/TXwpCXrZoqP9pcXCoRF6vujv5csEDuw1T8FAuET zI56pYxVHqSzkuSxI2xC/LVZwjqM0AicLYhWikBqqA7zUjZlvnvOIJ/qSGBs3/VKnVqF X/PgDg87zj17TFdNFMhJjjk7ZqF3fgdBYilDOhCHtJs6rIQV6gpold2V2qB9fQXQG4OF IpcUSGLt/6CHakIIbbT9oWc7dCDYsJIgRWsLfL97qLA/a9jHjU3olxOgGdCXqylzEoUM fwc2+oy2GieexebFWx3gyrlgelO39N1+mMN3P9QNLjPLerpcnoXDn6FBDgeBnsFsSYoy Mhrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:cc:to:from:subject:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=ktWz/ooSzVFWOtjXN9oNvi3XX5H2AN7UUFAmGlnBRng=; b=UVoCM55MQsfhtJfDOU77MKtHN6+d73qOx1pFyuXNeUgS7wleQsq7naZNK1WG0D4IAw BLIjO8gpsZXgxomi1kuqcmdICPtDULXqNl/yuaKDi3zo3JiqGMhM0xF3UsbyjdkNEDKi tNvQsttf7FTa8/4iecKEdL4ZAbCp1R6lYEvVQdNRLJt6IO+yGqXsgPQW2CLwo70W9WEL 4MPATe/igEzvf/Oj/kRSjmok245g/sYRj26qz+gmCshqz00wo2Jb14iM0U4b/ECEeSHC t1gkM/BwrKdW/UrHxdUYcZ40PWZ/KzddF54qGfPPSQN74yCXxnzEkNkDGYzLOUQRIAOq RlqA== X-Gm-Message-State: AJaThX5znVzGglkCT1rwHY6ooEEsILMOScdmKzNNOPxW50PxuVjtSEys bNZzL2bJduMdUjxwIoZBjGWvkOpv X-Received: by 10.28.91.65 with SMTP id p62mr6228641wmb.126.1511035478536; Sat, 18 Nov 2017 12:04:38 -0800 (PST) Received: from ?IPv6:2001:a61:2451:4200:7ee9:d3ff:fef5:1a91? ([2001:a61:2451:4200:7ee9:d3ff:fef5:1a91]) by smtp.gmail.com with ESMTPSA id f6sm2278197wre.66.2017.11.18.12.04.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 18 Nov 2017 12:04:36 -0800 (PST) Cc: mtk.manpages@gmail.com, Tyler Hicks , linux-man , lkml To: Kees Cook From: "Michael Kerrisk (man-pages)" Subject: seccomp() SECCOMP_RET_KILL_PROCESS text for man page Message-ID: Date: Sat, 18 Nov 2017 21:04:32 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Kees, I came up with the following text (patch below) to describe the SECCOMP_RET_KILL_PROCESS action that you added in 4.14. Does it look okay? SECCOMP_RET_KILL_PROCESS (since Linux 4.14) This value results in immediate termination of the process, with a core dump. The system call is not executed. By contrast with SECCOMP_RET_KILL_THREAD below, all threads in the thread group are terminated. (For a discussion of thread groups, see the description of the CLONE_THREAD flag in clone(2).) The process terminates as though killed by a SIGSYS signal. Even if a signal handler has been registered for SIGSYS, the handler will be ignored in this case and the process always terminates. To a parent process that is waiting on this process (using waitpid(2) or similar), the returned wstatus will indicate that its child was terminated as though by a SIGSYS signal. Cheers, Michael diff --git a/man2/seccomp.2 b/man2/seccomp.2 index 2e912940e..1b6bb2e51 100644 --- a/man2/seccomp.2 +++ b/man2/seccomp.2 @@ -399,6 +399,36 @@ returned by execution of all of the filters. In decreasing order of precedence, the values that may be returned by a seccomp filter are: .TP +.BR SECCOMP_RET_KILL_PROCESS " (since Linux 4.14)" +.\" commit 4d3b0b05aae9ee9ce0970dc4cc0fb3fad5e85945 +.\" commit 0466bdb99e8744bc9befa8d62a317f0fd7fd7421 +This value results in immediate termination of the process, +with a core dump. +The system call is not executed. +By contrast with +.BR SECCOMP_RET_KILL_THREAD +below, all threads in the thread group are terminated. +(For a discussion of thread groups, see the description of the +.BR CLONE_THREAD +flag in +.BR clone (2).) +.IP +The process terminates +.I "as though" +killed by a +.B SIGSYS +signal. +Even if a signal handler has been registered for +.BR SIGSYS , +the handler will be ignored in this case and the process always terminates. +To a parent process that is waiting on this process (using +.BR waitpid (2) +or similar), the returned +.I wstatus +will indicate that its child was terminated as though by a +.BR SIGSYS +signal. +.TP .BR SECCOMP_RET_KILL_THREAD " (or " SECCOMP_RET_KILL ) This value results in immediate termination of the thread that made the system call. -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/ From 1584464038556992446@xxx Sun Nov 19 03:37:38 +0000 2017 X-GM-THRID: 1580973953266633080 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread