diff options
| author | Alejandro Colomar <alx@kernel.org> | 2024-05-29 21:30:57 +0200 |
|---|---|---|
| committer | Alejandro Colomar <alx@kernel.org> | 2024-05-31 01:52:38 +0200 |
| commit | 7850987a74f17755d411105e2515cfe572c94a6e (patch) | |
| tree | 6b9a16721bb2757c023d37ff8dc0de47658c2115 | |
| parent | 59e741f7740ce3616c0d58b417d06f25be1cba4a (diff) | |
| download | man-pages-7850987a74f17755d411105e2515cfe572c94a6e.tar.gz | |
PR_PAC_RESET_KEYS.2const: Tweak after split
Signed-off-by: Alejandro Colomar <alx@kernel.org>
| -rw-r--r-- | man/man2const/PR_PAC_RESET_KEYS.2const | 78 |
1 files changed, 28 insertions, 50 deletions
diff --git a/man/man2const/PR_PAC_RESET_KEYS.2const b/man/man2const/PR_PAC_RESET_KEYS.2const index 2a72afebac..2d4bbce40e 100644 --- a/man/man2const/PR_PAC_RESET_KEYS.2const +++ b/man/man2const/PR_PAC_RESET_KEYS.2const @@ -1,5 +1,6 @@ .\" Copyright 2020, Dave Martin <Dave.Martin@arm.com> .\" Copyright 2020, Michael Kerrisk <mtk.manpages@gmail.com> +.\" Copyright 2024, Alejandro Colomar <alx@kernel.org> .\" .\" SPDX-License-Identifier: Linux-man-pages-copyleft .\" @@ -15,19 +16,15 @@ Standard C library .nf .B #include <sys/prctl.h> .P -.BI "int prctl(int " op ", ...);" +.BI "int prctl(PR_PAC_RESET_KEYS, unsigned long " keys ", 0L, 0L, 0L);" .fi .SH DESCRIPTION -.\" commit ba830885656414101b2f8ca88786524d4bb5e8c1 -.TP -.BR PR_PAC_RESET_KEYS " (since Linux 5.0, only on arm64)" Securely reset the thread's pointer authentication keys to fresh random values generated by the kernel. -.IP +.P The set of keys to be reset is specified by -.IR arg2 , +.IR keys , which must be a logical OR of zero or more of the following: -.RS .TP .B PR_PAC_APIAKEY instruction authentication key A @@ -45,49 +42,21 @@ data authentication key B generic authentication \[lq]A\[rq] key. .IP (Yes folks, there really is no generic B key.) -.RE -.IP +.P As a special case, if -.I arg2 +.I keys is zero, then all the keys are reset. Since new keys could be added in future, this is the recommended way to completely wipe the existing keys when establishing a clean execution context. -Note that there is no need to use +.P +There is no need to use .B PR_PAC_RESET_KEYS in preparation for calling .BR execve (2), since .BR execve (2) resets all the pointer authentication keys. -.IP -The remaining arguments -.IR arg3 ", " arg4 ", and " arg5 -must all be zero. -.IP -If the arguments are invalid, -and in particular if -.I arg2 -contains set bits that are unrecognized -or that correspond to a key not available on this platform, -then the call fails with error -.BR EINVAL . -.IP -.B Warning: -Because the compiler or run-time environment -may be using some or all of the keys, -a successful -.B PR_PAC_RESET_KEYS -may crash the calling process. -The conditions for using it safely are complex and system-dependent. -Don't use it unless you know what you are doing. -.IP -For more information, see the kernel source file -.I Documentation/arm64/pointer\-authentication.rst -.\"commit b693d0b372afb39432e1c49ad7b3454855bc6bed -(or -.I Documentation/arm64/pointer\-authentication.txt -before Linux 5.3). .SH RETURN VALUE On success, 0 is returned. @@ -97,19 +66,28 @@ is set to indicate the error. .SH ERRORS .TP .B EINVAL -.I arg2 -is not a valid value. -.TP -.B EINVAL -.I op -is -.B PR_PAC_RESET_KEYS -and the arguments are invalid or unsupported. -See the description of -.B PR_PAC_RESET_KEYS -above for details. +.I keys +contains set bits that are invalid or unsupported on this platform. .SH STANDARDS Linux. +arm64 only. .SH HISTORY +Linux 5.0 (arm64). +.\" commit ba830885656414101b2f8ca88786524d4bb5e8c1 +.SH CAVEATS +Because the compiler or run-time environment +may be using some or all of the keys, +a successful +.B PR_PAC_RESET_KEYS +may crash the calling process. +The conditions for using it safely are complex and system-dependent. +Don't use it unless you know what you are doing. .SH SEE ALSO .BR prctl (2) +.P +For more information, see the kernel source file +.I Documentation/arm64/pointer\-authentication.rst +.\"commit b693d0b372afb39432e1c49ad7b3454855bc6bed +(or +.I Documentation/arm64/pointer\-authentication.txt +before Linux 5.3). |