uapi/linux/prctl.h

0001 /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */
0002 #ifndef _LINUX_PRCTL_H
0003 #define _LINUX_PRCTL_H
0004
0005 #include <linux/types.h>
0006
0007 /* Values to pass as first argument to prctl() */
0008
0009 #define PR_SET_PDEATHSIG  1  /* Second arg is a signal */
0010 #define PR_GET_PDEATHSIG  2  /* Second arg is a ptr to return the signal */
0011
0012 /* Get/set current->mm->dumpable */
0013 #define PR_GET_DUMPABLE   3
0014 #define PR_SET_DUMPABLE   4
0015
0016 /* Get/set unaligned access control bits (if meaningful) */
0017 #define PR_GET_UNALIGN    5
0018 #define PR_SET_UNALIGN    6
0019 # define PR_UNALIGN_NOPRINT 1   /* silently fix up unaligned user accesses */
0020 # define PR_UNALIGN_SIGBUS  2   /* generate SIGBUS on unaligned user access */
0021
0022 /* Get/set whether or not to drop capabilities on setuid() away from
0023  * uid 0 (as per security/commoncap.c) */
0024 #define PR_GET_KEEPCAPS   7
0025 #define PR_SET_KEEPCAPS   8
0026
0027 /* Get/set floating-point emulation control bits (if meaningful) */
0028 #define PR_GET_FPEMU  9
0029 #define PR_SET_FPEMU 10
0030 # define PR_FPEMU_NOPRINT   1   /* silently emulate fp operations accesses */
0031 # define PR_FPEMU_SIGFPE    2   /* don't emulate fp operations, send SIGFPE instead */
0032
0033 /* Get/set floating-point exception mode (if meaningful) */
0034 #define PR_GET_FPEXC    11
0035 #define PR_SET_FPEXC    12
0036 # define PR_FP_EXC_SW_ENABLE    0x80    /* Use FPEXC for FP exception enables */
0037 # define PR_FP_EXC_DIV      0x010000    /* floating point divide by zero */
0038 # define PR_FP_EXC_OVF      0x020000    /* floating point overflow */
0039 # define PR_FP_EXC_UND      0x040000    /* floating point underflow */
0040 # define PR_FP_EXC_RES      0x080000    /* floating point inexact result */
0041 # define PR_FP_EXC_INV      0x100000    /* floating point invalid operation */
0042 # define PR_FP_EXC_DISABLED 0   /* FP exceptions disabled */
0043 # define PR_FP_EXC_NONRECOV 1   /* async non-recoverable exc. mode */
0044 # define PR_FP_EXC_ASYNC    2   /* async recoverable exception mode */
0045 # define PR_FP_EXC_PRECISE  3   /* precise exception mode */
0046
0047 /* Get/set whether we use statistical process timing or accurate timestamp
0048  * based process timing */
0049 #define PR_GET_TIMING   13
0050 #define PR_SET_TIMING   14
0051 # define PR_TIMING_STATISTICAL  0       /* Normal, traditional,
0052                                                    statistical process timing */
0053 # define PR_TIMING_TIMESTAMP    1       /* Accurate timestamp based
0054                                                    process timing */
0055
0056 #define PR_SET_NAME    15       /* Set process name */
0057 #define PR_GET_NAME    16       /* Get process name */
0058
0059 /* Get/set process endian */
0060 #define PR_GET_ENDIAN   19
0061 #define PR_SET_ENDIAN   20
0062 # define PR_ENDIAN_BIG      0
0063 # define PR_ENDIAN_LITTLE   1   /* True little endian mode */
0064 # define PR_ENDIAN_PPC_LITTLE   2   /* "PowerPC" pseudo little endian */
0065
0066 /* Get/set process seccomp mode */
0067 #define PR_GET_SECCOMP  21
0068 #define PR_SET_SECCOMP  22
0069
0070 /* Get/set the capability bounding set (as per security/commoncap.c) */
0071 #define PR_CAPBSET_READ 23
0072 #define PR_CAPBSET_DROP 24
0073
0074 /* Get/set the process' ability to use the timestamp counter instruction */
0075 #define PR_GET_TSC 25
0076 #define PR_SET_TSC 26
0077 # define PR_TSC_ENABLE      1   /* allow the use of the timestamp counter */
0078 # define PR_TSC_SIGSEGV     2   /* throw a SIGSEGV instead of reading the TSC */
0079
0080 /* Get/set securebits (as per security/commoncap.c) */
0081 #define PR_GET_SECUREBITS 27
0082 #define PR_SET_SECUREBITS 28
0083
0084 /*
0085  * Get/set the timerslack as used by poll/select/nanosleep
0086  * A value of 0 means "use default"
0087  */
0088 #define PR_SET_TIMERSLACK 29
0089 #define PR_GET_TIMERSLACK 30
0090
0091 #define PR_TASK_PERF_EVENTS_DISABLE     31
0092 #define PR_TASK_PERF_EVENTS_ENABLE      32
0093
0094 /*
0095  * Set early/late kill mode for hwpoison memory corruption.
0096  * This influences when the process gets killed on a memory corruption.
0097  */
0098 #define PR_MCE_KILL 33
0099 # define PR_MCE_KILL_CLEAR   0
0100 # define PR_MCE_KILL_SET     1
0101
0102 # define PR_MCE_KILL_LATE    0
0103 # define PR_MCE_KILL_EARLY   1
0104 # define PR_MCE_KILL_DEFAULT 2
0105
0106 #define PR_MCE_KILL_GET 34
0107
0108 /*
0109  * Tune up process memory map specifics.
0110  */
0111 #define PR_SET_MM       35
0112 # define PR_SET_MM_START_CODE       1
0113 # define PR_SET_MM_END_CODE     2
0114 # define PR_SET_MM_START_DATA       3
0115 # define PR_SET_MM_END_DATA     4
0116 # define PR_SET_MM_START_STACK      5
0117 # define PR_SET_MM_START_BRK        6
0118 # define PR_SET_MM_BRK          7
0119 # define PR_SET_MM_ARG_START        8
0120 # define PR_SET_MM_ARG_END      9
0121 # define PR_SET_MM_ENV_START        10
0122 # define PR_SET_MM_ENV_END      11
0123 # define PR_SET_MM_AUXV         12
0124 # define PR_SET_MM_EXE_FILE     13
0125 # define PR_SET_MM_MAP          14
0126 # define PR_SET_MM_MAP_SIZE     15
0127
0128 /*
0129  * This structure provides new memory descriptor
0130  * map which mostly modifies /proc/pid/stat[m]
0131  * output for a task. This mostly done in a
0132  * sake of checkpoint/restore functionality.
0133  */
0134 struct prctl_mm_map {
0135     __u64   start_code;     /* code section bounds */
0136     __u64   end_code;
0137     __u64   start_data;     /* data section bounds */
0138     __u64   end_data;
0139     __u64   start_brk;      /* heap for brk() syscall */
0140     __u64   brk;
0141     __u64   start_stack;        /* stack starts at */
0142     __u64   arg_start;      /* command line arguments bounds */
0143     __u64   arg_end;
0144     __u64   env_start;      /* environment variables bounds */
0145     __u64   env_end;
0146     __u64   *auxv;          /* auxiliary vector */
0147     __u32   auxv_size;      /* vector size */
0148     __u32   exe_fd;         /* /proc/$pid/exe link file */
0149 };
0150
0151 /*
0152  * Set specific pid that is allowed to ptrace the current task.
0153  * A value of 0 mean "no process".
0154  */
0155 #define PR_SET_PTRACER 0x59616d61
0156 # define PR_SET_PTRACER_ANY ((unsigned long)-1)
0157
0158 #define PR_SET_CHILD_SUBREAPER  36
0159 #define PR_GET_CHILD_SUBREAPER  37
0160
0161 /*
0162  * If no_new_privs is set, then operations that grant new privileges (i.e.
0163  * execve) will either fail or not grant them.  This affects suid/sgid,
0164  * file capabilities, and LSMs.
0165  *
0166  * Operations that merely manipulate or drop existing privileges (setresuid,
0167  * capset, etc.) will still work.  Drop those privileges if you want them gone.
0168  *
0169  * Changing LSM security domain is considered a new privilege.  So, for example,
0170  * asking selinux for a specific new context (e.g. with runcon) will result
0171  * in execve returning -EPERM.
0172  *
0173  * See Documentation/userspace-api/no_new_privs.rst for more details.
0174  */
0175 #define PR_SET_NO_NEW_PRIVS 38
0176 #define PR_GET_NO_NEW_PRIVS 39
0177
0178 #define PR_GET_TID_ADDRESS  40
0179
0180 #define PR_SET_THP_DISABLE  41
0181 #define PR_GET_THP_DISABLE  42
0182
0183 /*
0184  * No longer implemented, but left here to ensure the numbers stay reserved:
0185  */
0186 #define PR_MPX_ENABLE_MANAGEMENT  43
0187 #define PR_MPX_DISABLE_MANAGEMENT 44
0188
0189 #define PR_SET_FP_MODE      45
0190 #define PR_GET_FP_MODE      46
0191 # define PR_FP_MODE_FR      (1 << 0)    /* 64b FP registers */
0192 # define PR_FP_MODE_FRE     (1 << 1)    /* 32b compatibility */
0193
0194 /* Control the ambient capability set */
0195 #define PR_CAP_AMBIENT          47
0196 # define PR_CAP_AMBIENT_IS_SET      1
0197 # define PR_CAP_AMBIENT_RAISE       2
0198 # define PR_CAP_AMBIENT_LOWER       3
0199 # define PR_CAP_AMBIENT_CLEAR_ALL   4
0200
0201 /* arm64 Scalable Vector Extension controls */
0202 /* Flag values must be kept in sync with ptrace NT_ARM_SVE interface */
0203 #define PR_SVE_SET_VL           50  /* set task vector length */
0204 # define PR_SVE_SET_VL_ONEXEC       (1 << 18) /* defer effect until exec */
0205 #define PR_SVE_GET_VL           51  /* get task vector length */
0206 /* Bits common to PR_SVE_SET_VL and PR_SVE_GET_VL */
0207 # define PR_SVE_VL_LEN_MASK     0xffff
0208 # define PR_SVE_VL_INHERIT      (1 << 17) /* inherit across exec */
0209
0210 /* Per task speculation control */
0211 #define PR_GET_SPECULATION_CTRL     52
0212 #define PR_SET_SPECULATION_CTRL     53
0213 /* Speculation control variants */
0214 # define PR_SPEC_STORE_BYPASS       0
0215 # define PR_SPEC_INDIRECT_BRANCH    1
0216 # define PR_SPEC_L1D_FLUSH      2
0217 /* Return and control values for PR_SET/GET_SPECULATION_CTRL */
0218 # define PR_SPEC_NOT_AFFECTED       0
0219 # define PR_SPEC_PRCTL          (1UL << 0)
0220 # define PR_SPEC_ENABLE         (1UL << 1)
0221 # define PR_SPEC_DISABLE        (1UL << 2)
0222 # define PR_SPEC_FORCE_DISABLE      (1UL << 3)
0223 # define PR_SPEC_DISABLE_NOEXEC     (1UL << 4)
0224
0225 /* Reset arm64 pointer authentication keys */
0226 #define PR_PAC_RESET_KEYS       54
0227 # define PR_PAC_APIAKEY         (1UL << 0)
0228 # define PR_PAC_APIBKEY         (1UL << 1)
0229 # define PR_PAC_APDAKEY         (1UL << 2)
0230 # define PR_PAC_APDBKEY         (1UL << 3)
0231 # define PR_PAC_APGAKEY         (1UL << 4)
0232
0233 /* Tagged user address controls for arm64 */
0234 #define PR_SET_TAGGED_ADDR_CTRL     55
0235 #define PR_GET_TAGGED_ADDR_CTRL     56
0236 # define PR_TAGGED_ADDR_ENABLE      (1UL << 0)
0237 /* MTE tag check fault modes */
0238 # define PR_MTE_TCF_NONE        0UL
0239 # define PR_MTE_TCF_SYNC        (1UL << 1)
0240 # define PR_MTE_TCF_ASYNC       (1UL << 2)
0241 # define PR_MTE_TCF_MASK        (PR_MTE_TCF_SYNC | PR_MTE_TCF_ASYNC)
0242 /* MTE tag inclusion mask */
0243 # define PR_MTE_TAG_SHIFT       3
0244 # define PR_MTE_TAG_MASK        (0xffffUL << PR_MTE_TAG_SHIFT)
0245 /* Unused; kept only for source compatibility */
0246 # define PR_MTE_TCF_SHIFT       1
0247
0248 /* Control reclaim behavior when allocating memory */
0249 #define PR_SET_IO_FLUSHER       57
0250 #define PR_GET_IO_FLUSHER       58
0251
0252 /* Dispatch syscalls to a userspace handler */
0253 #define PR_SET_SYSCALL_USER_DISPATCH    59
0254 # define PR_SYS_DISPATCH_OFF        0
0255 # define PR_SYS_DISPATCH_ON     1
0256 /* The control values for the user space selector when dispatch is enabled */
0257 # define SYSCALL_DISPATCH_FILTER_ALLOW  0
0258 # define SYSCALL_DISPATCH_FILTER_BLOCK  1
0259
0260 /* Set/get enabled arm64 pointer authentication keys */
0261 #define PR_PAC_SET_ENABLED_KEYS     60
0262 #define PR_PAC_GET_ENABLED_KEYS     61
0263
0264 /* Request the scheduler to share a core */
0265 #define PR_SCHED_CORE           62
0266 # define PR_SCHED_CORE_GET      0
0267 # define PR_SCHED_CORE_CREATE       1 /* create unique core_sched cookie */
0268 # define PR_SCHED_CORE_SHARE_TO     2 /* push core_sched cookie to pid */
0269 # define PR_SCHED_CORE_SHARE_FROM   3 /* pull core_sched cookie to pid */
0270 # define PR_SCHED_CORE_MAX      4
0271 # define PR_SCHED_CORE_SCOPE_THREAD     0
0272 # define PR_SCHED_CORE_SCOPE_THREAD_GROUP   1
0273 # define PR_SCHED_CORE_SCOPE_PROCESS_GROUP  2
0274
0275 /* arm64 Scalable Matrix Extension controls */
0276 /* Flag values must be in sync with SVE versions */
0277 #define PR_SME_SET_VL           63  /* set task vector length */
0278 # define PR_SME_SET_VL_ONEXEC       (1 << 18) /* defer effect until exec */
0279 #define PR_SME_GET_VL           64  /* get task vector length */
0280 /* Bits common to PR_SME_SET_VL and PR_SME_GET_VL */
0281 # define PR_SME_VL_LEN_MASK     0xffff
0282 # define PR_SME_VL_INHERIT      (1 << 17) /* inherit across exec */
0283
0284 #define PR_SET_VMA      0x53564d41
0285 # define PR_SET_VMA_ANON_NAME       0
0286
0287 #endif /* _LINUX_PRCTL_H */