From: Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
To: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
Cc: linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Zach Reizner <zachr-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
Jorge Lucangeli Obes
<jorgelo-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>
Subject: [PATCH] seccomp.2: Clarify SECCOMP_RET_KILL kills tasks not processes
Date: Thu, 6 Jul 2017 12:23:07 -0700 [thread overview]
Message-ID: <20170706192307.GA38040@beast> (raw)
Zach Reizner pointed out a mismatch between kernel behavior and the
man-page documentation of SECCOMP_RET_KILL which kills tasks not
processes.
Signed-off-by: Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
---
man2/seccomp.2 | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/man2/seccomp.2 b/man2/seccomp.2
index 7d0e721..b805154 100644
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@@ -371,9 +371,9 @@ In decreasing order of precedence,
the values that may be returned by a seccomp filter are:
.TP
.BR SECCOMP_RET_KILL
-This value results in the process exiting immediately
+This value results in the task exiting immediately
without executing the system call.
-The process terminates as though killed by a
+The task terminates as though killed by a
.B SIGSYS
signal
.RI ( not
@@ -769,7 +769,7 @@ install_filter(int syscall_nr, int t_arch, int f_errno)
system calls */
BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ALLOW),
- /* [7] Destination of architecture mismatch: kill process */
+ /* [7] Destination of architecture mismatch: kill task */
BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_KILL),
};
--
2.7.4
--
Kees Cook
Pixel Security
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2017-07-06 19:23 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-06 19:23 Kees Cook [this message]
2017-08-15 18:49 ` [PATCH] seccomp.2: Clarify SECCOMP_RET_KILL kills tasks not processes Michael Kerrisk (man-pages)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170706192307.GA38040@beast \
--to=keescook-f7+t8e8rja9g9huczpvpmw@public.gmane.org \
--cc=jorgelo-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
--cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=zachr-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.