1137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#ifndef _LINUX_PRCTL_H 2137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define _LINUX_PRCTL_H 3137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 4137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Values to pass as first argument to prctl() */ 5137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 6137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_PDEATHSIG 1 /* Second arg is a signal */ 7137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_PDEATHSIG 2 /* Second arg is a ptr to return the signal */ 8137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 9137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set current->mm->dumpable */ 10137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_DUMPABLE 3 11137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_DUMPABLE 4 12137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 13137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set unaligned access control bits (if meaningful) */ 14137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_UNALIGN 5 15137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_UNALIGN 6 16137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_UNALIGN_NOPRINT 1 /* silently fix up unaligned user accesses */ 17137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_UNALIGN_SIGBUS 2 /* generate SIGBUS on unaligned user access */ 18137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 19137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set whether or not to drop capabilities on setuid() away from 20137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan * uid 0 (as per security/commoncap.c) */ 21137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_KEEPCAPS 7 22137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_KEEPCAPS 8 23137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 24137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set floating-point emulation control bits (if meaningful) */ 25137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_FPEMU 9 26137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_FPEMU 10 27137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FPEMU_NOPRINT 1 /* silently emulate fp operations accesses */ 28137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FPEMU_SIGFPE 2 /* don't emulate fp operations, send SIGFPE instead */ 29137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 30137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set floating-point exception mode (if meaningful) */ 31137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_FPEXC 11 32137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_FPEXC 12 33137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_SW_ENABLE 0x80 /* Use FPEXC for FP exception enables */ 34137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_DIV 0x010000 /* floating point divide by zero */ 35137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_OVF 0x020000 /* floating point overflow */ 36137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_UND 0x040000 /* floating point underflow */ 37137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_RES 0x080000 /* floating point inexact result */ 38137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_INV 0x100000 /* floating point invalid operation */ 39137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_DISABLED 0 /* FP exceptions disabled */ 40137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_NONRECOV 1 /* async non-recoverable exc. mode */ 41137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_ASYNC 2 /* async recoverable exception mode */ 42137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_FP_EXC_PRECISE 3 /* precise exception mode */ 43137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 44137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set whether we use statistical process timing or accurate timestamp 45137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan * based process timing */ 46137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_TIMING 13 47137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_TIMING 14 48137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_TIMING_STATISTICAL 0 /* Normal, traditional, 49137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan statistical process timing */ 50137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_TIMING_TIMESTAMP 1 /* Accurate timestamp based 51137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan process timing */ 52137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 53137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_NAME 15 /* Set process name */ 54137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_NAME 16 /* Get process name */ 55137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 56137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set process endian */ 57137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_ENDIAN 19 58137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_ENDIAN 20 59137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_ENDIAN_BIG 0 60137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_ENDIAN_LITTLE 1 /* True little endian mode */ 61137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_ENDIAN_PPC_LITTLE 2 /* "PowerPC" pseudo little endian */ 62137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 63137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set process seccomp mode */ 64137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_SECCOMP 21 65137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_SECCOMP 22 66137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 67137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set the capability bounding set (as per security/commoncap.c) */ 68137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_CAPBSET_READ 23 69137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_CAPBSET_DROP 24 70137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 71137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set the process' ability to use the timestamp counter instruction */ 72137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_TSC 25 73137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_TSC 26 74137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_TSC_ENABLE 1 /* allow the use of the timestamp counter */ 75137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_TSC_SIGSEGV 2 /* throw a SIGSEGV instead of reading the TSC */ 76137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 77137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* Get/set securebits (as per security/commoncap.c) */ 78137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_SECUREBITS 27 79137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_SECUREBITS 28 80137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 81137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* 82137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan * Get/set the timerslack as used by poll/select/nanosleep 83137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan * A value of 0 means "use default" 84137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan */ 85137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_SET_TIMERSLACK 29 86137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_GET_TIMERSLACK 30 87137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 88137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_TASK_PERF_EVENTS_DISABLE 31 89137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_TASK_PERF_EVENTS_ENABLE 32 90137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 91137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan/* 92137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan * Set early/late kill mode for hwpoison memory corruption. 93137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan * This influences when the process gets killed on a memory corruption. 94137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan */ 95137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_MCE_KILL 33 96137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_MCE_KILL_CLEAR 0 97137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_MCE_KILL_SET 1 98137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 99137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_MCE_KILL_LATE 0 100137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_MCE_KILL_EARLY 1 101137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan# define PR_MCE_KILL_DEFAULT 2 102137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 103137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#define PR_MCE_KILL_GET 34 104137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan 1057cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan/* 1067cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * Tune up process memory map specifics. 1077cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan */ 1087cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_SET_MM 35 1097cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_START_CODE 1 1107cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_END_CODE 2 1117cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_START_DATA 3 1127cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_END_DATA 4 1137cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_START_STACK 5 1147cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_START_BRK 6 1157cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_BRK 7 1167cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_ARG_START 8 1177cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_ARG_END 9 1187cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_ENV_START 10 1197cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_ENV_END 11 1207cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_AUXV 12 1217cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_MM_EXE_FILE 13 1227cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan 1237cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan/* 1247cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * Set specific pid that is allowed to ptrace the current task. 1257cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * A value of 0 mean "no process". 1267cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan */ 1277cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_SET_PTRACER 0x59616d61 1287cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan# define PR_SET_PTRACER_ANY ((unsigned long)-1) 1297cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan 1307cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_SET_CHILD_SUBREAPER 36 1317cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_GET_CHILD_SUBREAPER 37 1327cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan 1337cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan/* 1347cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * If no_new_privs is set, then operations that grant new privileges (i.e. 1357cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * execve) will either fail or not grant them. This affects suid/sgid, 1367cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * file capabilities, and LSMs. 1377cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * 1387cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * Operations that merely manipulate or drop existing privileges (setresuid, 1397cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * capset, etc.) will still work. Drop those privileges if you want them gone. 1407cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * 1417cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * Changing LSM security domain is considered a new privilege. So, for example, 1427cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * asking selinux for a specific new context (e.g. with runcon) will result 1437cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * in execve returning -EPERM. 1447cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * 1457cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan * See Documentation/prctl/no_new_privs.txt for more details. 1467cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan */ 1477cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_SET_NO_NEW_PRIVS 38 1487cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_GET_NO_NEW_PRIVS 39 1497cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan 1507cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan#define PR_GET_TID_ADDRESS 40 1517cef6f379932486d8effbf6eb0a80fbc73c64b6bAndrew G Morgan 152137016b23eda8bd6e8933f23c83823d4c54c423bAndrew G. Morgan#endif /* _LINUX_PRCTL_H */ 153