1 .\" Copyright (C) 1998 Andries Brouwer (aeb@cwi.nl)
2 .\" and Copyright (C) 2002, 2006, 2008, 2012, 2013 Michael Kerrisk <mtk.manpages@gmail.com>
3 .\" and Copyright Guillem Jover <guillem@hadrons.org>
5 .\" %%%LICENSE_START(VERBATIM)
6 .\" Permission is granted to make and distribute verbatim copies of this
7 .\" manual provided the copyright notice and this permission notice are
8 .\" preserved on all copies.
10 .\" Permission is granted to copy and distribute modified versions of this
11 .\" manual under the conditions for verbatim copying, provided that the
12 .\" entire resulting derived work is distributed under the terms of a
13 .\" permission notice identical to this one.
15 .\" Since the Linux kernel and libraries are constantly changing, this
16 .\" manual page may be incorrect or out-of-date. The author(s) assume no
17 .\" responsibility for errors or omissions, or for damages resulting from
18 .\" the use of the information contained herein. The author(s) may not
19 .\" have taken the same level of care in the production of this manual,
20 .\" which is licensed free of charge, as they might when working
23 .\" Formatted or processed versions of this manual, if unaccompanied by
24 .\" the source, must acknowledge the copyright and authors of this work.
27 .\" Modified Thu Nov 11 04:19:42 MET 1999, aeb: added PR_GET_PDEATHSIG
28 .\" Modified 27 Jun 02, Michael Kerrisk
29 .\" Added PR_SET_DUMPABLE, PR_GET_DUMPABLE,
30 .\" PR_SET_KEEPCAPS, PR_GET_KEEPCAPS
31 .\" Modified 2006-08-30 Guillem Jover <guillem@hadrons.org>
32 .\" Updated Linux versions where the options where introduced.
33 .\" Added PR_SET_TIMING, PR_GET_TIMING, PR_SET_NAME, PR_GET_NAME,
34 .\" PR_SET_UNALIGN, PR_GET_UNALIGN, PR_SET_FPEMU, PR_GET_FPEMU,
35 .\" PR_SET_FPEXC, PR_GET_FPEXC
36 .\" 2008-04-29 Serge Hallyn, Document PR_CAPBSET_READ and PR_CAPBSET_DROP
37 .\" 2008-06-13 Erik Bosman, <ejbosman@cs.vu.nl>
38 .\" Document PR_GET_TSC and PR_SET_TSC.
39 .\" 2008-06-15 mtk, Document PR_SET_SECCOMP, PR_GET_SECCOMP
40 .\" 2009-10-03 Andi Kleen, document PR_MCE_KILL
41 .\" 2012-04 Cyrill Gorcunov, Document PR_SET_MM
42 .\" 2012-04-25 Michael Kerrisk, Document PR_TASK_PERF_EVENTS_DISABLE and
43 .\" PR_TASK_PERF_EVENTS_ENABLE
44 .\" 2012-09-20 Kees Cook, update PR_SET_SECCOMP for mode 2
45 .\" 2012-09-20 Kees Cook, document PR_SET_NO_NEW_PRIVS, PR_GET_NO_NEW_PRIVS
46 .\" 2012-10-25 Michael Kerrisk, Document PR_SET_TIMERSLACK and
48 .\" 2013-01-10 Kees Cook, document PR_SET_PTRACER
49 .\" 2012-02-04 Michael kerrisk, document PR_{SET,GET}_CHILD_SUBREAPER
52 .TH PRCTL 2 2014-04-14 "Linux" "Linux Programmer's Manual"
54 prctl \- operations on a process
57 .B #include <sys/prctl.h>
59 .BI "int prctl(int " option ", unsigned long " arg2 ", unsigned long " arg3 ,
60 .BI " unsigned long " arg4 ", unsigned long " arg5 );
64 is called with a first argument describing what to do
65 (with values defined in \fI<linux/prctl.h>\fP), and further
66 arguments with a significance depending on the first one.
67 The first argument can be:
69 .BR PR_CAPBSET_READ " (since Linux 2.6.25)"
70 Return (as the function result) 1 if the capability specified in
72 is in the calling thread's capability bounding set,
74 (The capability constants are defined in
75 .IR <linux/capability.h> .)
76 The capability bounding set dictates
77 whether the process can receive the capability through a
78 file's permitted capability set on a subsequent call to
81 If the capability specified in
83 is not valid, then the call fails with the error
86 .BR PR_CAPBSET_DROP " (since Linux 2.6.25)"
87 If the calling thread has the
89 capability, then drop the capability specified by
91 from the calling thread's capability bounding set.
92 Any children of the calling thread will inherit the newly
95 The call fails with the error:
97 if the calling thread does not have the
102 does not represent a valid capability; or
104 if file capabilities are not enabled in the kernel,
105 in which case bounding sets are not supported.
107 .BR PR_SET_CHILD_SUBREAPER " (since Linux 3.4)"
108 .\" commit ebec18a6d3aa1e7d84aab16225e87fd25170ec2b
112 set the "child subreaper" attribute of the calling process;
115 is zero, unset the attribute.
116 When a process is marked as a child subreaper,
117 all of the children that it creates, and their descendants,
118 will be marked as having a subreaper.
119 In effect, a subreaper fulfills the role of
121 for its descendant processes.
122 Upon termination of a process
123 that is orphaned (i.e., its immediate parent has already terminated)
124 and marked as having a subreaper,
125 the nearest still living ancestor subreaper
128 signal and be able to
130 on the process to discover its termination status.
132 .BR PR_GET_CHILD_SUBREAPER " (since Linux 3.4)"
133 Return the "child subreaper" setting of the caller,
134 in the location pointed to by
135 .IR "(int\ *) arg2" .
137 .BR PR_SET_DUMPABLE " (since Linux 2.3.20)"
138 Set the state of the flag determining whether core dumps are produced
139 for the calling process upon delivery of a signal whose default behavior is
140 to produce a core dump.
141 (Normally, this flag is set for a process by default, but it is cleared
142 when a set-user-ID or set-group-ID program is executed and also by
143 various system calls that manipulate process UIDs and GIDs).
144 In kernels up to and including 2.6.12,
146 must be either 0 (process is not dumpable) or 1 (process is dumpable).
147 Between kernels 2.6.13 and 2.6.17, the value 2 was also permitted,
148 which caused any binary which normally would not be dumped
149 to be dumped readable by root only;
150 for security reasons, this feature has been removed.
151 .\" See http://marc.theaimsgroup.com/?l=linux-kernel&m=115270289030630&w=2
152 .\" Subject: Fix prctl privilege escalation (CVE-2006-2451)
153 .\" From: Marcel Holtmann <marcel () holtmann ! org>
154 .\" Date: 2006-07-12 11:12:00
155 (See also the description of
156 .I /proc/sys/fs/suid_dumpable
159 Processes that are not dumpable can not be attached via
163 .BR PR_GET_DUMPABLE " (since Linux 2.3.20)"
164 Return (as the function result) the current state of the calling
165 process's dumpable flag.
166 .\" Since Linux 2.6.13, the dumpable flag can have the value 2,
167 .\" but in 2.6.13 PR_GET_DUMPABLE simply returns 1 if the dumpable
168 .\" flags has a nonzero value. This was fixed in 2.6.14.
170 .BR PR_SET_ENDIAN " (since Linux 2.6.18, PowerPC only)"
171 Set the endian-ness of the calling process to the value given
172 in \fIarg2\fP, which should be one of the following:
173 .\" Respectively 0, 1, 2
175 .BR PR_ENDIAN_LITTLE ,
177 .B PR_ENDIAN_PPC_LITTLE
178 (PowerPC pseudo little endian).
180 .BR PR_GET_ENDIAN " (since Linux 2.6.18, PowerPC only)"
181 Return the endian-ness of the calling process,
182 in the location pointed to by
183 .IR "(int\ *) arg2" .
185 .BR PR_SET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)"
186 Set floating-point emulation control bits to \fIarg2\fP.
187 Pass \fBPR_FPEMU_NOPRINT\fP to silently emulate fp operations accesses, or
188 \fBPR_FPEMU_SIGFPE\fP to not emulate fp operations and send
192 .BR PR_GET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)"
193 Return floating-point emulation control bits,
194 in the location pointed to by
195 .IR "(int\ *) arg2" .
197 .BR PR_SET_FPEXC " (since Linux 2.4.21, 2.5.32, only on PowerPC)"
198 Set floating-point exception mode to \fIarg2\fP.
199 Pass \fBPR_FP_EXC_SW_ENABLE\fP to use FPEXC for FP exception enables,
200 \fBPR_FP_EXC_DIV\fP for floating-point divide by zero,
201 \fBPR_FP_EXC_OVF\fP for floating-point overflow,
202 \fBPR_FP_EXC_UND\fP for floating-point underflow,
203 \fBPR_FP_EXC_RES\fP for floating-point inexact result,
204 \fBPR_FP_EXC_INV\fP for floating-point invalid operation,
205 \fBPR_FP_EXC_DISABLED\fP for FP exceptions disabled,
206 \fBPR_FP_EXC_NONRECOV\fP for async nonrecoverable exception mode,
207 \fBPR_FP_EXC_ASYNC\fP for async recoverable exception mode,
208 \fBPR_FP_EXC_PRECISE\fP for precise exception mode.
210 .BR PR_GET_FPEXC " (since Linux 2.4.21, 2.5.32, only on PowerPC)"
211 Return floating-point exception mode,
212 in the location pointed to by
213 .IR "(int\ *) arg2" .
215 .BR PR_SET_KEEPCAPS " (since Linux 2.2.18)"
216 Set the state of the thread's "keep capabilities" flag,
217 which determines whether the threads's permitted
218 capability set is cleared when a change is made to the threads's user IDs
219 such that the threads's real UID, effective UID, and saved set-user-ID
220 all become nonzero when at least one of them previously had the value 0.
221 By default, the permitted capability set is cleared when such a change is made;
222 setting the "keep capabilities" flag prevents it from being cleared.
224 must be either 0 (permitted capabilities are cleared)
225 or 1 (permitted capabilities are kept).
228 capability set is always cleared when such a credential change is made,
229 regardless of the setting of the "keep capabilities" flag.)
230 The "keep capabilities" value will be reset to 0 on subsequent calls to
233 .BR PR_GET_KEEPCAPS " (since Linux 2.2.18)"
234 Return (as the function result) the current state of the calling threads's
235 "keep capabilities" flag.
237 .BR PR_SET_NAME " (since Linux 2.6.9)"
238 Set the name of the calling thread,
239 using the value in the location pointed to by
240 .IR "(char\ *) arg2" .
241 The name can be up to 16 bytes long,
242 .\" TASK_COMM_LEN in include/linux/sched.h
243 and should be null-terminated if it contains fewer bytes.
244 This is the same attribute that can be set via
245 .BR pthread_setname_np (3)
247 .BR pthread_getname_np (3).
248 The attribute is likewise accessible via
249 .IR /proc/self/task/[tid]/comm ,
252 is the name of the calling thread.
254 .BR PR_GET_NAME " (since Linux 2.6.11)"
255 Return the name of the calling thread,
256 in the buffer pointed to by
257 .IR "(char\ *) arg2" .
258 The buffer should allow space for up to 16 bytes;
259 the returned string will be null-terminated if it is shorter than that.
261 .BR PR_SET_NO_NEW_PRIVS " (since Linux 3.5)"
262 Set the calling process's
270 promises not to grant privileges to do anything
271 that could not have been done without the
274 rendering the set-user-ID and set-group-ID permission bits,
275 and file capabilities non-functional).
276 Once set, this bit cannot be unset.
277 The setting of this bit is inherited by children created by
284 For more information, see the kernel source file
285 .IR Documentation/prctl/no_new_privs.txt .
287 .BR PR_GET_NO_NEW_PRIVS " (since Linux 3.5)"
288 Return (as the function result) the value of the
290 bit for the current process.
291 A value of 0 indicates the regular
294 A value of 1 indicates
296 will operate in the privilege-restricting mode described above.
298 .BR PR_SET_PDEATHSIG " (since Linux 2.1.57)"
299 Set the parent process death signal
300 of the calling process to \fIarg2\fP (either a signal value
301 in the range 1..maxsig, or 0 to clear).
302 This is the signal that the calling process will get when its
304 This value is cleared for the child of a
306 and (since Linux 2.4.36 / 2.6.23)
307 when executing a set-user-ID or set-group-ID binary.
308 This value is preserved across
311 .BR PR_GET_PDEATHSIG " (since Linux 2.3.15)"
312 Return the current value of the parent process death signal,
313 in the location pointed to by
314 .IR "(int\ *) arg2" .
316 .BR PR_SET_PTRACER " (since Linux 3.4)"
317 .\" commit 2d514487faf188938a4ee4fb3464eeecfbdcf8eb
318 .\" commit bf06189e4d14641c0148bea16e9dd24943862215
319 This is meaningful only when the Yama LSM is enabled and in mode 1
320 ("restricted ptrace", visible via
321 .IR /proc/sys/kernel/yama/ptrace_scope ).
322 When a "ptracer process ID" is passed in \fIarg2\fP,
323 the caller is declaring that the ptracer process can
325 the calling process as if it were a direct process ancestor.
328 operation replaces the previous "ptracer process ID".
333 set to 0 clears the caller's "ptracer process ID".
337 .BR PR_SET_PTRACER_ANY ,
338 the ptrace restrictions introduced by Yama are effectively disabled for the
341 For further information, see the kernel source file
342 .IR Documentation/security/Yama.txt .
344 .BR PR_SET_SECCOMP " (since Linux 2.6.23)"
345 .\" See http://thread.gmane.org/gmane.linux.kernel/542632
346 .\" [PATCH 0 of 2] seccomp updates
347 .\" andrea@cpushare.com
348 Set the secure computing (seccomp) mode for the calling thread, to limit
349 the available system calls.
350 The seccomp mode is selected via
352 (The seccomp constants are defined in
353 .IR <linux/seccomp.h> .)
358 .BR SECCOMP_MODE_STRICT
359 the only system calls that the thread is permitted to make are
365 Other system calls result in the delivery of a
368 Strict secure computing mode is useful for number-crunching applications
369 that may need to execute untrusted byte code,
370 perhaps obtained by reading from a pipe or socket.
371 This operation is available only
372 if the kernel is configured with
379 .BR SECCOMP_MODE_FILTER " (since Linux 3.5)"
380 the system calls allowed are defined by a pointer
381 to a Berkeley Packet Filter passed in
383 This argument is a pointer to
384 .IR "struct sock_fprog" ;
385 it can be designed to filter
386 arbitrary system calls and system call arguments.
387 This mode is available only if the kernel is configured with
388 .B CONFIG_SECCOMP_FILTER
392 .BR SECCOMP_MODE_FILTER
395 then the seccomp mode is inherited by children created by
399 is permitted, then the seccomp mode is preserved across
401 If the filters permit
403 calls, then additional filters can be added;
404 they are run in order until the first non-allow result is seen.
406 For further information, see the kernel source file
407 .IR Documentation/prctl/seccomp_filter.txt .
409 .BR PR_GET_SECCOMP " (since Linux 2.6.23)"
410 Return (as the function result)
411 the secure computing mode of the calling thread.
412 If the caller is not in secure computing mode, this operation returns 0;
413 if the caller is in strict secure computing mode, then the
417 signal to be sent to the process.
418 If the caller is in filter mode, and this system call is allowed by the
419 seccomp filters, it returns 2.
420 This operation is available only
421 if the kernel is configured with
425 .BR PR_SET_SECUREBITS " (since Linux 2.6.26)"
426 Set the "securebits" flags of the calling thread to the value supplied in
429 .BR capabilities (7).
431 .BR PR_GET_SECUREBITS " (since Linux 2.6.26)"
432 Return (as the function result)
433 the "securebits" flags of the calling thread.
435 .BR capabilities (7).
437 .BR PR_SET_THP_DISABLE " (since Linux 3.15)"
438 .\" commit a0715cc22601e8830ace98366c0c2bd8da52af52
439 Set the state of the "THP disable" flag for the calling thread.
442 has a nonzero value, the flag is set, otherwise it is cleared.
443 Setting this flag provides a method
444 for disabling transparent huge pages
445 for jobs where the code cannot be modified, and using a malloc hook with
447 is not an option (i.e., statically allocated data).
448 The setting of the "THP disable" flag is inherited by a child created via
450 and is preserved across
453 .BR PR_GET_THP_DISABLE " (since Linux 3.15)"
454 Return (via the function result) the current setting of the "THP disable"
455 flag for the calling thread:
456 either 1, if the flag is set, or 0, if it is not.
458 .BR PR_GET_TID_ADDRESS " (since Linux 3.5)"
459 .\" commit 300f786b2683f8bb1ec0afb6e1851183a479c86d
463 .BR set_tid_address (2)
466 .B CLONE_CHILD_CLEARTID
467 flag, in the location pointed to by
468 .IR "(int\ **)\ arg2" .
469 This feature is available only if the kernel is built with the
470 .BR CONFIG_CHECKPOINT_RESTORE
473 .BR PR_SET_TIMERSLACK " (since Linux 2.6.28)"
474 .\" See https://lwn.net/Articles/369549/
475 .\" commit 6976675d94042fbd446231d1bd8b7de71a980ada
476 Set the current timer slack for the calling thread to the nanosecond value
481 is less than or equal to zero,
482 .\" It seems that it's not possible to set the timer slack to zero;
483 .\" The minimum value is 1? Seems a little strange.
484 reset the current timer slack to the thread's default timer slack value.
485 The timer slack is used by the kernel to group timer expirations
486 for the calling thread that are close to one another;
487 as a consequence, timer expirations for the thread may be
488 up to the specified number of nanoseconds late (but will never expire early).
489 Grouping timer expirations can help reduce system power consumption
490 by minimizing CPU wake-ups.
492 The timer expirations affected by timer slack are those set by
499 .BR clock_nanosleep (2),
503 (and thus the library functions implemented via futexes, including
504 .\" List obtained by grepping for futex usage in glibc source
505 .BR pthread_cond_timedwait (3),
506 .BR pthread_mutex_timedlock (3),
507 .BR pthread_rwlock_timedrdlock (3),
508 .BR pthread_rwlock_timedwrlock (3),
510 .BR sem_timedwait (3)).
512 Timer slack is not applied to threads that are scheduled under
513 a real-time scheduling policy (see
514 .BR sched_setscheduler (2)).
516 Each thread has two associated timer slack values:
517 a "default" value, and a "current" value.
518 The current value is the one that governs grouping
519 of timer expirations.
520 When a new thread is created,
521 the two timer slack values are made the same as the current value
522 of the creating thread.
523 Thereafter, a thread can adjust its current timer slack value via
524 .BR PR_SET_TIMERSLACK
525 (the default value can't be changed).
526 The timer slack values of
528 (PID 1), the ancestor of all processes,
529 are 50,000 nanoseconds (50 microseconds).
530 The timer slack values are preserved across
533 .BR PR_GET_TIMERSLACK " (since Linux 2.6.28)"
534 Return (as the function result)
535 the current timer slack value of the calling thread.
537 .BR PR_SET_TIMING " (since Linux 2.6.0-test4)"
538 Set whether to use (normal, traditional) statistical process timing or
539 accurate timestamp-based process timing, by passing
540 .B PR_TIMING_STATISTICAL
543 .B PR_TIMING_TIMESTAMP
546 .B PR_TIMING_TIMESTAMP
547 is not currently implemented
548 (attempting to set this mode will yield the error
550 .\" PR_TIMING_TIMESTAMP doesn't do anything in 2.6.26-rc8,
551 .\" and looking at the patch history, it appears
552 .\" that it never did anything.
554 .BR PR_GET_TIMING " (since Linux 2.6.0-test4)"
555 Return (as the function result) which process timing method is currently
558 .BR PR_TASK_PERF_EVENTS_DISABLE " (since Linux 2.6.31)"
559 Disable all performance counters attached to the calling process,
560 regardless of whether the counters were created by
561 this process or another process.
562 Performance counters created by the calling process for other
563 processes are unaffected.
564 For more information on performance counters, see the Linux kernel source file
565 .IR tools/perf/design.txt .
568 .BR PR_TASK_PERF_COUNTERS_DISABLE ;
569 .\" commit 1d1c7ddbfab358445a542715551301b7fc363e28
570 renamed (with same numerical value)
573 .BR PR_TASK_PERF_EVENTS_ENABLE " (since Linux 2.6.31)"
575 .BR PR_TASK_PERF_EVENTS_DISABLE ;
576 enable performance counters attached to the calling process.
579 .BR PR_TASK_PERF_COUNTERS_ENABLE ;
580 .\" commit 1d1c7ddbfab358445a542715551301b7fc363e28
582 .\" commit cdd6c482c9ff9c55475ee7392ec8f672eddb7be6
585 .BR PR_SET_TSC " (since Linux 2.6.26, x86 only)"
586 Set the state of the flag determining whether the timestamp counter
587 can be read by the process.
592 to allow it to be read, or
596 when the process tries to read the timestamp counter.
598 .BR PR_GET_TSC " (since Linux 2.6.26, x86 only)"
599 Return the state of the flag determining whether the timestamp counter
601 in the location pointed to by
602 .IR "(int\ *) arg2" .
605 (Only on: ia64, since Linux 2.3.48; parisc, since Linux 2.6.15;
606 PowerPC, since Linux 2.6.18; Alpha, since Linux 2.6.22)
607 Set unaligned access control bits to \fIarg2\fP.
609 \fBPR_UNALIGN_NOPRINT\fP to silently fix up unaligned user accesses,
610 or \fBPR_UNALIGN_SIGBUS\fP to generate
612 on unaligned user access.
617 for information on versions and architectures)
618 Return unaligned access control bits, in the location pointed to by
619 .IR "(int\ *) arg2" .
621 .BR PR_MCE_KILL " (since Linux 2.6.32)"
622 Set the machine check memory corruption kill policy for the current thread.
626 .BR PR_MCE_KILL_CLEAR ,
627 clear the thread memory corruption kill policy and use the system-wide default.
628 (The system-wide default is defined by
629 .IR /proc/sys/vm/memory_failure_early_kill ;
635 .BR PR_MCE_KILL_SET ,
636 use a thread-specific memory corruption kill policy.
639 defines whether the policy is
641 .RB ( PR_MCE_KILL_EARLY ),
643 .RB ( PR_MCE_KILL_LATE ),
644 or the system-wide default
645 .RB ( PR_MCE_KILL_DEFAULT ).
646 Early kill means that the thread receives a
648 signal as soon as hardware memory corruption is detected inside
650 In late kill mode, the process is killed only when it accesses a corrupted page.
653 for more information on the
656 The policy is inherited by children.
659 arguments must be zero for future compatibility.
661 .BR PR_MCE_KILL_GET " (since Linux 2.6.32)"
662 Return the current per-process machine check kill policy.
665 arguments must be zero.
667 .BR PR_SET_MM " (since Linux 3.3)"
668 .\" commit 028ee4be34a09a6d48bdf30ab991ae933a7bc036
669 Modify certain kernel memory map descriptor fields
670 of the calling process.
671 Usually these fields are set by the kernel and dynamic loader (see
673 for more information) and a regular application should not use this feature.
674 However, there are cases, such as self-modifying programs,
675 where a program might find it useful to change its own memory map.
676 This feature is available only if the kernel is built with the
677 .BR CONFIG_CHECKPOINT_RESTORE
679 The calling process must have the
684 is one of the options below, while
686 provides a new value for the option.
689 .BR PR_SET_MM_START_CODE
690 Set the address above which the program text can run.
691 The corresponding memory area must be readable and executable,
692 but not writable or sharable (see
696 for more information).
698 .BR PR_SET_MM_END_CODE
699 Set the address below which the program text can run.
700 The corresponding memory area must be readable and executable,
701 but not writable or sharable.
703 .BR PR_SET_MM_START_DATA
704 Set the address above which initialized and
705 uninitialized (bss) data are placed.
706 The corresponding memory area must be readable and writable,
707 but not executable or sharable.
709 .B PR_SET_MM_END_DATA
710 Set the address below which initialized and
711 uninitialized (bss) data are placed.
712 The corresponding memory area must be readable and writable,
713 but not executable or sharable.
715 .BR PR_SET_MM_START_STACK
716 Set the start address of the stack.
717 The corresponding memory area must be readable and writable.
719 .BR PR_SET_MM_START_BRK
720 Set the address above which the program heap can be expanded with
723 The address must be greater than the ending address of
724 the current program data segment.
725 In addition, the combined size of the resulting heap and
726 the size of the data segment can't exceed the
735 The requirements for the address are the same as for the
736 .BR PR_SET_MM_START_BRK
739 The following options are available since Linux 3.5.
740 .\" commit fe8c7f5cbf91124987106faa3bdf0c8b955c4cf7
742 .BR PR_SET_MM_ARG_START
743 Set the address above which the program command line is placed.
745 .BR PR_SET_MM_ARG_END
746 Set the address below which the program command line is placed.
748 .BR PR_SET_MM_ENV_START
749 Set the address above which the program environment is placed.
751 .BR PR_SET_MM_ENV_END
752 Set the address below which the program environment is placed.
754 The address passed with
755 .BR PR_SET_MM_ARG_START ,
756 .BR PR_SET_MM_ARG_END ,
757 .BR PR_SET_MM_ENV_START ,
759 .BR PR_SET_MM_ENV_END
760 should belong to a process stack area.
761 Thus, the corresponding memory area must be readable, writable, and
762 (depending on the kernel configuration) have the
768 Set a new auxiliary vector.
771 argument should provide the address of the vector.
774 is the size of the vector.
776 .BR PR_SET_MM_EXE_FILE
777 .\" commit b32dfe377102ce668775f8b6b1461f7ad428f8b6
780 symbolic link with a new one pointing to a new executable file
781 identified by the file descriptor provided in
784 The file descriptor should be obtained with a regular
788 To change the symbolic link, one needs to unmap all existing
789 executable memory areas, including those created by the kernel itself
790 (for example the kernel usually creates at least one executable
791 memory area for the ELF
795 The second limitation is that such transitions can be done only once
796 in a process life time.
797 Any further attempts will be rejected.
798 This should help system administrators monitor unusual
799 symbolic-link transitions over all processes running on a system.
804 .BR PR_GET_DUMPABLE ,
805 .BR PR_GET_KEEPCAPS ,
806 .BR PR_GET_NO_NEW_PRIVS ,
807 .BR PR_GET_THP_DISABLE ,
808 .BR PR_CAPBSET_READ ,
810 .BR PR_GET_TIMERSLACK ,
811 .BR PR_GET_SECUREBITS ,
812 .BR PR_MCE_KILL_GET ,
815 return the nonnegative values described above.
818 values return 0 on success.
819 On error, \-1 is returned, and
821 is set appropriately.
826 is an invalid address.
843 arguments were not specified as zero.
847 is not valid value for this
856 and the kernel was not configured with
863 and one of the following is true
874 (the limit on the size of the user address space for this architecture);
878 .BR PR_SET_MM_START_CODE ,
879 .BR PR_SET_MM_END_CODE ,
880 .BR PR_SET_MM_START_DATA ,
881 .BR PR_SET_MM_END_DATA ,
883 .BR PR_SET_MM_START_STACK ,
884 and the permissions of the corresponding memory area are not as required;
888 .BR PR_SET_MM_START_BRK
893 is less than or equal to the end of the data segment
894 or specifies a value that would cause the
896 resource limit to be exceeded.
906 .BR PR_SET_PTRACER_ANY ,
907 or the PID of an existing process.
915 is not a valid signal number.
935 .BR PR_TIMING_STATISTICAL .
940 .BR PR_SET_NO_NEW_PRIVS
954 .BR PR_GET_NO_NEW_PRIVS
966 .BR PR_SET_THP_DISABLE
977 .BR PR_GET_THP_DISABLE
989 .BR PR_SET_SECUREBITS ,
990 and the caller does not have the
993 or tried to unset a "locked" flag,
994 or tried to set a flag whose corresponding locked flag was set
996 .BR capabilities (7)).
1001 .BR PR_SET_KEEPCAPS ,
1003 .B SECURE_KEEP_CAPS_LOCKED
1006 .BR capabilities (7)).
1011 .BR PR_CAPBSET_DROP ,
1012 and the caller does not have the
1020 and the caller does not have the
1031 .BR PR_SET_MM_EXE_FILE ,
1032 the file is not executable.
1040 .BR PR_SET_MM_EXE_FILE ,
1041 and this the second attempt to change the
1043 symbolic link, which is prohibited.
1051 .BR PR_SET_MM_EXE_FILE ,
1052 and the file descriptor passed in
1055 .\" The following can't actually happen, because prctl() in
1056 .\" seccomp mode will cause SIGKILL.
1061 .\" .BR PR_SET_SECCOMP ,
1062 .\" and secure computing mode is already 1.
1066 system call was introduced in Linux 2.1.57.
1067 .\" The library interface was added in glibc 2.0.6
1069 This call is Linux-specific.
1072 system call (also introduced in Linux 2.1.44
1073 as irix_prctl on the MIPS architecture),
1076 .BI "ptrdiff_t prctl(int " option ", int " arg2 ", int " arg3 );
1078 and options to get the maximum number of processes per user,
1079 get the maximum number of processors the calling process can use,
1080 find out whether a specified process is currently blocked,
1081 get or set the maximum stack size, and so on.
1086 This page is part of release 3.68 of the Linux
1089 A description of the project,
1090 information about reporting bugs,
1091 and the latest version of this page,
1093 \%http://www.kernel.org/doc/man\-pages/.