From patchwork Wed Jun 10 06:57:32 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael Kerrisk (man-pages)" X-Patchwork-Id: 11597245 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 218A392A for ; Wed, 10 Jun 2020 06:57:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 08AE120801 for ; Wed, 10 Jun 2020 06:57:56 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="pxpLUCsT" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726157AbgFJG5z (ORCPT ); Wed, 10 Jun 2020 02:57:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50028 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726254AbgFJG5x (ORCPT ); Wed, 10 Jun 2020 02:57:53 -0400 Received: from mail-wr1-x441.google.com (mail-wr1-x441.google.com [IPv6:2a00:1450:4864:20::441]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 21BF9C03E96B for ; Tue, 9 Jun 2020 23:57:52 -0700 (PDT) Received: by mail-wr1-x441.google.com with SMTP id e1so932556wrt.5 for ; Tue, 09 Jun 2020 23:57:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=EEs396PvYoTVXTs6aaCClr5a690E8PPQODHKGBcfJ0Y=; b=pxpLUCsTUVHLQ85bzQncA61leFmjuUXlmPemn7odmjtvlIn5E9jHESg1BityE0DfdU KGTRlcucfDBPQ5zrj4MIQrjZ8sK+8SYaRmtdSf2EkqMGqSHnJlacmcqlLMfyyLWhntCe cO44O92Q3TvG+1x5oP0DpZlWfpTv4OSbw6p1Q6vKwiXWDuZ5Bw+GbSC+Ijeb43RSQjEd eZyXzPIf3gMZKDoZDBYSUFf+kwX6oU1VhPmm5xNWOrhjbP4UlXcA7lmni9dKzQH9qY5e V9rjy+RbBmya+8JYOUmSg37Hp1lG5JqAGmDar49pbkC1v83u48FCgOODWXLqAKnr2f4A T5+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=EEs396PvYoTVXTs6aaCClr5a690E8PPQODHKGBcfJ0Y=; b=dJjqkcmMx7eUKfojWctYfON9eEMmwIi2svGPCgxEbiaOCuaiXgCFlWzjpJMg7oBgDV DriWgFOJZvNAmEJNJoKS3P3RF61ZqQJsn4m/eoMXCmszwe63F+f39KGzr5eBs/rvJaLn /FX6JDYLgO4BoE63AySRkvJlKJxJkyvLo/0GmluptfWix89SUcy2ZV2HzGQp5JdWlmXU jZ41by8b9uc0mVQ3ZBesXPvzVMYlaMDbOkbulPc2Oz5+6/x0Qjyow20H9mT+dlA9J+Ni BOKecjdjHScqsjdtV/IOxvB/1cl2T+DQmX3zLCHxlHIDebI75SzMbPrFb4afZeZAaZP1 gD/Q== X-Gm-Message-State: AOAM531DiYKWDXgotINKvpmpgZF3V1eqRYdtlJS2aR4a4xzWT6xD8owt uB04/kg4q0KZPHZMB8WX+xg= X-Google-Smtp-Source: ABdhPJzX/s4Tq6dK9YFxc1xRkHwIBK4rv5ncpLkrhAcGe0wuJsGMcUhnJrvCK51OArUGmJCUA1U3MA== X-Received: by 2002:adf:bb02:: with SMTP id r2mr1971910wrg.143.1591772270865; Tue, 09 Jun 2020 23:57:50 -0700 (PDT) Received: from bienne.fritz.box ([2001:a61:253c:8201:b2fb:3ef8:ca:1604]) by smtp.gmail.com with ESMTPSA id g18sm5889977wme.17.2020.06.09.23.57.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Jun 2020 23:57:50 -0700 (PDT) From: "Michael Kerrisk (man-pages)" To: mtk.manpages@gmail.com, Andrew Morgan Cc: linux-security-module@vger.kernel.org Subject: [PATCH 1/4] cap_get_proc.3: Typo fixes Date: Wed, 10 Jun 2020 08:57:32 +0200 Message-Id: <20200610065735.3975740-1-mtk.manpages@gmail.com> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: Signed-off-by: Michael Kerrisk (man-pages) --- doc/cap_get_proc.3 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/cap_get_proc.3 b/doc/cap_get_proc.3 index 3eef3f7..c2ce212 100644 --- a/doc/cap_get_proc.3 +++ b/doc/cap_get_proc.3 @@ -87,7 +87,7 @@ with a .I cap as an argument returns the current value of this bounding set capability flag in effect for the current process. This operation is -unpriveged. Note, a macro function +unprivileged. Note, a macro function .BR "CAP_IS_SUPPORTED(cap_value_t " cap ) is provided that evaluates to true (1) if the system supports the specified capability, @@ -216,7 +216,7 @@ On failure, .I errno is set to .BR EINVAL , -.BR EPERM, +.BR EPERM , or .BR ENOMEM . .SH "CONFORMING TO" @@ -298,7 +298,7 @@ Linux. Note that, by default, the only processes that have available to them are processes started as a kernel thread. (Typically this includes .BR init (8), -kflushd and kswapd). You will need to recompile the kernel to modify +kflushd and kswapd.) You will need to recompile the kernel to modify this default. .SH EXAMPLE The code segment below raises the From patchwork Wed Jun 10 06:57:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael Kerrisk (man-pages)" X-Patchwork-Id: 11597243 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 66ED514B7 for ; Wed, 10 Jun 2020 06:57:55 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 43CA420801 for ; Wed, 10 Jun 2020 06:57:55 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="bozXkOi/" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726266AbgFJG5y (ORCPT ); Wed, 10 Jun 2020 02:57:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50030 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726157AbgFJG5x (ORCPT ); Wed, 10 Jun 2020 02:57:53 -0400 Received: from mail-wr1-x444.google.com (mail-wr1-x444.google.com [IPv6:2a00:1450:4864:20::444]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D834BC03E96F for ; Tue, 9 Jun 2020 23:57:52 -0700 (PDT) Received: by mail-wr1-x444.google.com with SMTP id c3so903417wru.12 for ; Tue, 09 Jun 2020 23:57:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=bmjTCUR4HAGNSH0v1nRx3c5xjU7b4qeB1apQs6A1zGw=; b=bozXkOi/HUXwxduOCmidVG4plhkh+Lk5KsvGr8BEmPsKEvUG3yEn6AnxzuJtrv5gEA zXPLE34oXeIRtZuTZKGETSkdgz/GIUq1o+OB+VplH41YCN5HGSLuJAW727SoqpZJGu9Q Qba4VrtsYNh1evyiAoBasQ448VHBsZjVMHnkJgFTieIrau6wdAT8X0S/+lC8QJYcC2Mj khDn6W251bvo7t/P0XFYzGv3hDB12lYBzFqdNkLq1lpjXOrxpByNpQKAJk3ay11kMIHW erUa/InMgxpGkmnourydytujNkVs5r3hc3GGwYCUnVfX+8FeJzo7y+nHX5ZvzoKFzrcR op4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=bmjTCUR4HAGNSH0v1nRx3c5xjU7b4qeB1apQs6A1zGw=; b=XxdzPTYiGyVfk3TwehbJ+rh5hMy7G0/ffrQNaCo9npXjPbORPiwvWoNgGfzLE/3+9O ZsfTtWpscYmOHEa1AgNkCWu/NDj2reh0HzSowroKxW3/Gy+L9jXkiEbPCf7VpYmF4kme ntsRot4v5n4koCDFD3WtDOEeLpDdG5QYgzckLHrwaa7btKiChIloH46FfGGu3KpY8ad4 rD8FnRuKYYF0ElIn/ummghzS/k28qxZnIo3bP2PC6PTp2TU//2sNnKSR4CRMNCH6sRyD Y4NyUD6skqv6bkOAdLXKsP5tQdSCFZJ/ffJf8tMUEWQ9iYQaI/pkaCVlohoW3Wi0aJWz X+wA== X-Gm-Message-State: AOAM532b602F2PrBG1On97Co85iDCjOopjWSoBJ8lt6bpEJCOBchO16Y DDx1QNf4n9ZUCcNuzNGpStm6kFzXCE0yeQ== X-Google-Smtp-Source: ABdhPJz9BdtQme2J+4ZuZxkBzplzInhRppm1Oub3rQLiFLgJthrneU1Be6Dkf9T/RANX0XYfEJyyaQ== X-Received: by 2002:adf:fec3:: with SMTP id q3mr1847191wrs.123.1591772271561; Tue, 09 Jun 2020 23:57:51 -0700 (PDT) Received: from bienne.fritz.box ([2001:a61:253c:8201:b2fb:3ef8:ca:1604]) by smtp.gmail.com with ESMTPSA id g18sm5889977wme.17.2020.06.09.23.57.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Jun 2020 23:57:51 -0700 (PDT) From: "Michael Kerrisk (man-pages)" To: mtk.manpages@gmail.com, Andrew Morgan Cc: linux-security-module@vger.kernel.org Subject: [PATCH 2/4] cap_get_proc.3: for cap_get_pid(), pid==0 means "the calling process" Date: Wed, 10 Jun 2020 08:57:33 +0200 Message-Id: <20200610065735.3975740-2-mtk.manpages@gmail.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200610065735.3975740-1-mtk.manpages@gmail.com> References: <20200610065735.3975740-1-mtk.manpages@gmail.com> MIME-Version: 1.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: It's useful to know that when cap_get_pid() gets pid==0, it returns the caller's capabilities. Signed-off-by: Michael Kerrisk (man-pages) --- doc/cap_get_proc.3 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/cap_get_proc.3 b/doc/cap_get_proc.3 index c2ce212..0238601 100644 --- a/doc/cap_get_proc.3 +++ b/doc/cap_get_proc.3 @@ -78,6 +78,9 @@ see .BR cap_init (3), with the process capabilities of the process indicated by .IR pid . +(If +.I pid +is 0, then the calling process's capabilities are returned.) This information can also be obtained from the .I /proc//status file. From patchwork Wed Jun 10 06:57:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael Kerrisk (man-pages)" X-Patchwork-Id: 11597247 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 7D3F814B7 for ; Wed, 10 Jun 2020 06:57:56 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 609872081A for ; Wed, 10 Jun 2020 06:57:56 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="BeNL46Bc" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726254AbgFJG5z (ORCPT ); Wed, 10 Jun 2020 02:57:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50036 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726260AbgFJG5y (ORCPT ); Wed, 10 Jun 2020 02:57:54 -0400 Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com [IPv6:2a00:1450:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ADA3DC08C5C1 for ; Tue, 9 Jun 2020 23:57:53 -0700 (PDT) Received: by mail-wr1-x442.google.com with SMTP id x14so946801wrp.2 for ; Tue, 09 Jun 2020 23:57:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MNhV0IFzScQ15TZZtgXV6VCFSZHajLQMnYJCaTkA5Ok=; b=BeNL46Bchb3Yc7ofHCHp5D4RABtjbpELHkY2eeSlXilyKHSujdSBCa9XHcXmeTlWiQ Nu/GwvlB5wNedab4DFtGOfJYK1iNnoCrzfyLsAKkvhDmVgxgN0YhWEkExPFkD+hv7Y2W wgcTleDHvDYVofHLfYG8W/1ad+DITqgX2/pDtEETI/PgzXCqdRgZwNWJooyWtknca8S2 cOJNGxIWNvTOFeyMA4UNAfobe94mFlicPT4Cq9+QkMVMDNqB4Fq4eNfL55Bz3jm/4Gfb RgusWZoI9Ym4M911R2Ee/QF50O92sTt96+pAaAAAN8+1G426d+NYMLzYb/V9Tw8FNoBh tntw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MNhV0IFzScQ15TZZtgXV6VCFSZHajLQMnYJCaTkA5Ok=; b=UANzXMALdZGu7RxT7hS5v1PFFpkNTT+PYeYotSSYlBNsur788gYaTFVsOVO9lMQ5rz kyfF7FJuz/EYY6rHmETcqg1sNnzoZLqgocJ7CmtKcYd6P19QtcsmE9qxG24gmhkAr9Hq Sbf46eZQL8Zn/mKHgaiRpLynXyUxquUzu4BOvEM+MRteCUEc9oMZxYinpkLYgkPJXwRz k34OP8LlzA9a19Ag9wWRZ5J+H+cxeCXSRi9a2FJTg77mELPgrKFyT/qgwnAk/rfL1HCC PqJnPqo0OZdqs+i/F1yE588pFVZpvuLNkPXOASXQ9X9NkoV+KhB7pihHqN7rFtnQrcMI 2wsA== X-Gm-Message-State: AOAM531bHT4Fnh3TpFztajAHRD2h+eVilNFYYEgQpiUEkPmvVUO51jZP FSWHPdEe92oQSyOt3NhWD1w= X-Google-Smtp-Source: ABdhPJxO3cQIoOGqXKsWGsuHwN4Gzmg7BIlz/3m6TNtD0z7SbRuDrb1+E5g+WWeTyqyLJ7eVHIcjuQ== X-Received: by 2002:a5d:50c9:: with SMTP id f9mr1964845wrt.9.1591772272460; Tue, 09 Jun 2020 23:57:52 -0700 (PDT) Received: from bienne.fritz.box ([2001:a61:253c:8201:b2fb:3ef8:ca:1604]) by smtp.gmail.com with ESMTPSA id g18sm5889977wme.17.2020.06.09.23.57.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Jun 2020 23:57:52 -0700 (PDT) From: "Michael Kerrisk (man-pages)" To: mtk.manpages@gmail.com, Andrew Morgan Cc: linux-security-module@vger.kernel.org Subject: [PATCH 3/4] getpcaps.8: Note that pid==0 displays capabilities of getpcaps itself Date: Wed, 10 Jun 2020 08:57:34 +0200 Message-Id: <20200610065735.3975740-3-mtk.manpages@gmail.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200610065735.3975740-1-mtk.manpages@gmail.com> References: <20200610065735.3975740-1-mtk.manpages@gmail.com> MIME-Version: 1.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: When experimenting with capabilities, it's useful to know that pid==0 causes getpcaps to display its own capabilities. Signed-off-by: Michael Kerrisk (man-pages) --- doc/getpcaps.8 | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/doc/getpcaps.8 b/doc/getpcaps.8 index be9935f..aaaf0a2 100644 --- a/doc/getpcaps.8 +++ b/doc/getpcaps.8 @@ -10,7 +10,14 @@ getpcaps \- display process capabilities .B getpcaps displays the capabilities on the processes indicated by the .I pid -value(s) given on the commandline. The capabilities are displayed in +value(s) given on the command line. +A +.I pid +of 0 displays the capabilities of the process that is running +.B getpcaps +itself. +.PP +The capabilities are displayed in the .BR cap_from_text (3) format. From patchwork Wed Jun 10 06:57:35 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Michael Kerrisk (man-pages)" X-Patchwork-Id: 11597249 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 21A3992A for ; Wed, 10 Jun 2020 06:57:58 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 04CB820801 for ; Wed, 10 Jun 2020 06:57:58 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ddLRfwzP" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726260AbgFJG55 (ORCPT ); Wed, 10 Jun 2020 02:57:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50038 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726280AbgFJG5z (ORCPT ); Wed, 10 Jun 2020 02:57:55 -0400 Received: from mail-wr1-x442.google.com (mail-wr1-x442.google.com [IPv6:2a00:1450:4864:20::442]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BC0B7C03E96B for ; Tue, 9 Jun 2020 23:57:54 -0700 (PDT) Received: by mail-wr1-x442.google.com with SMTP id p5so916384wrw.9 for ; Tue, 09 Jun 2020 23:57:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=pobv6r5LIc/Sd0wEhG16fzhnOAOk2VjDCWplMb577X4=; b=ddLRfwzPXNoxfe3VO0mqTSrQK47USq90tvqnlgHEeEidcoKAA+uYgKh2UAY9xDTxMB LijpchiQC0rtYmQ0SMFm+iGStHtIS+nSbQ0HvVPvRlJT7+S/KQeNO7OcX5e9nr9uKVxd chTVHOEai816FH+lElh6dpyw841D4IGSW+gCDgy4GsgxPYsILPLgZj+b5Lc1gQZlA9B4 usAaEb9SfNQMCdez47Ix5zx3o3Me8qxnM5wRb5gu9LQZo4CQXgubgpVzSOo+ug6wcDGx WODGLYbRLmJUld739JnmLdguTDP/DFPD4BRf9dE8mW3L3AITdUSjIggLLRWcktXFnU02 PKww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=pobv6r5LIc/Sd0wEhG16fzhnOAOk2VjDCWplMb577X4=; b=UHdHuBq+IwGD5y08c8VmRBP9f61iLqFl/CI9il79+zqpwSv+ZG390FrhgoDis8Em5Q 4rzwiaAYzQxr1NaV7Zsnhhgn2UNauxSB8kSgvRonfIqXA4tjSkgEdciiQkht//ogFf+p lvF5WyHPwUOK2hSF2x9NwWo6+D3sWH6+XZL9O5P6xkiSKDIx8p+XtkuvGeDGonrBxV62 7s/FY43sjnXzchv8fkBFbjwRjE940f1twTb8yQhgTvXJnDRQ/yO5nb6KK8Y+vSSTmi+O meR+3UI5mpDw44xbEOvFP3j6oVADEA4VmeER3EFSNH7fPLKuepn0DAotw+5ZVGWrOAg8 9MGw== X-Gm-Message-State: AOAM5318YBFHcpQx5ltadA19cdkNSEwT3blvDDZd1Hfjy7fMdolwyIvz rkofBOC+CeyBVwYGEO5GtLOS54iUGEsF7Q== X-Google-Smtp-Source: ABdhPJzFZsnYmDYUVArSRtbW8NTXUKOpxjDxsY89LnG/TbreI0HJx9efp9KmToVT2n0bZaq89FgnyA== X-Received: by 2002:adf:f84d:: with SMTP id d13mr1759982wrq.99.1591772273452; Tue, 09 Jun 2020 23:57:53 -0700 (PDT) Received: from bienne.fritz.box ([2001:a61:253c:8201:b2fb:3ef8:ca:1604]) by smtp.gmail.com with ESMTPSA id g18sm5889977wme.17.2020.06.09.23.57.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Jun 2020 23:57:53 -0700 (PDT) From: "Michael Kerrisk (man-pages)" To: mtk.manpages@gmail.com, Andrew Morgan Cc: linux-security-module@vger.kernel.org Subject: [PATCH 4/4] cap_get_proc.3: change "current process" to "calling process" Date: Wed, 10 Jun 2020 08:57:35 +0200 Message-Id: <20200610065735.3975740-4-mtk.manpages@gmail.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20200610065735.3975740-1-mtk.manpages@gmail.com> References: <20200610065735.3975740-1-mtk.manpages@gmail.com> MIME-Version: 1.0 Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: The term "current process" is kernel-developer speak that is often not understood by user-space programmers. Change to "calling process", which is clearer. Signed-off-by: Michael Kerrisk (man-pages) --- doc/cap_get_proc.3 | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/doc/cap_get_proc.3 b/doc/cap_get_proc.3 index 0238601..b0a61d1 100644 --- a/doc/cap_get_proc.3 +++ b/doc/cap_get_proc.3 @@ -89,7 +89,7 @@ file. with a .I cap as an argument returns the current value of this bounding set -capability flag in effect for the current process. This operation is +capability flag in effect for the calling process. This operation is unprivileged. Note, a macro function .BR "CAP_IS_SUPPORTED(cap_value_t " cap ) is provided that evaluates to true (1) if the system supports the @@ -122,11 +122,11 @@ capability set must have a raised .BR CAP_SETPCAP . Further, to raise a specific ambient capability the .IR inheritable " and " permitted -sets of the current process must contain the specified capability, and +sets of the calling process must contain the specified capability, and raised ambient bits will only be retained as long as this remains true. .PP .BR cap_reset_ambient () -resets all of the ambient capabilities for the current process to +resets all of the ambient capabilities for the calling process to their lowered value. To complete successfully, the prevailing .I effective capability set must have a raised @@ -139,12 +139,12 @@ changes to the inheritable set by the program code without explicitly fixing up the ambient set can also drop ambient bits. .PP .BR cap_get_secbits () -returns the securebits of the current process. These bits affect the -way in which the current process implements things like setuid-root +returns the securebits of the calling process. These bits affect the +way in which the calling process implements things like setuid-root fixup and ambient capabilities. .PP .BR cap_set_secbits () -attempts to modify the securebits of the current process. Note +attempts to modify the securebits of the calling process. Note .B CAP_SETPCAP must be in the effective capability set for this to be effective. Some settings lock the sub-states of the securebits, so attempts to set values @@ -274,13 +274,13 @@ attempts to set the capabilities of some other process(es), If .I pid is positive it refers to a specific process; if it is zero, it refers -to the current process; \-1 refers to all processes other than the -current process and process '1' (typically +to the calling process; \-1 refers to all processes other than the +calling process and process '1' (typically .BR init (8)); other negative values refer to the .I \-pid process group. In order to use this function, the kernel must support -it and the current process must have +it and the calling process must have .B CAP_SETPCAP raised in its Effective capability set. The capabilities set in the target process(es) are those contained in @@ -288,7 +288,7 @@ target process(es) are those contained in Kernels that support filesystem capabilities redefine the semantics of .B CAP_SETPCAP and on such systems this function will always fail for any target not -equal to the current process. +equal to the calling process. .BR capsetp () returns zero for success, and \-1 on failure.