Use a single-font-change macro for a single argument. The output from "nroff" and "groff" is unchanged. Signed-off-by: Bjarni Ingi Gislason <bjarniig@xxxxxxxxx> --- man2/prctl.2 | 216 +++++++++++++++++++++++++-------------------------- 1 file changed, 108 insertions(+), 108 deletions(-) diff --git a/man2/prctl.2 b/man2/prctl.2 index 83995f53c..40326aece 100644 --- a/man2/prctl.2 +++ b/man2/prctl.2 @@ -100,7 +100,7 @@ call returns 1 if the capability in .I arg3 is in the ambient set and 0 if it is not. .TP -.BR PR_CAP_AMBIENT_CLEAR_ALL +.B PR_CAP_AMBIENT_CLEAR_ALL All capabilities will be removed from the ambient set. This operation requires setting .I arg3 @@ -157,11 +157,11 @@ The call fails with the error: .B EPERM if the calling thread does not have the .BR CAP_SETPCAP ; -.BR EINVAL +.B EINVAL if .I arg2 does not represent a valid capability; or -.BR EINVAL +.B EINVAL if file capabilities are not enabled in the kernel, in which case bounding sets are not supported. .IP @@ -192,7 +192,7 @@ Subsequently, calls to in the orphaned process will now return the PID of the subreaper process, and when the orphan terminates, it is the subreaper process that will receive a -.BR SIGCHLD +.B SIGCHLD signal and will be able to .BR wait (2) on the process to discover its termination status. @@ -250,7 +250,7 @@ in .IP Normally, this flag is set to 1. However, it is reset to the current value contained in the file -.IR /proc/sys/fs/\:suid_dumpable +.I /proc/sys/fs/\:suid_dumpable (which by default has the value 0), in the following circumstances: .\" See kernel/cred.c::commit_creds() (Linux 3.18 sources) @@ -285,7 +285,7 @@ for further details. .IP If a process is not dumpable, the ownership of files in the process's -.IR /proc/[pid] +.I /proc/[pid] directory is affected as described in .BR proc (5). .TP @@ -337,7 +337,7 @@ The argument is a bit mask describing the floating-point mode used: .RS .TP -.BR PR_FP_MODE_FR +.B PR_FP_MODE_FR When this bit is .I unset (so called @@ -370,11 +370,11 @@ can operate only when this bit is .I set .RB ( FR=1 ). Applications that use the O32 FPXX ABI can operate with either -.BR FR=0 +.B FR=0 or .BR FR=1 . .TP -.BR PR_FP_MODE_FRE +.B PR_FP_MODE_FRE Enable emulation of 32-bit floating-point mode. When this mode is enabled, it emulates 32-bit floating-point operations @@ -414,7 +414,7 @@ The arguments .IR arg3 , .IR arg4 , and -.IR arg5 +.I arg5 are ignored. .TP .BR PR_GET_FP_MODE " (since Linux 4.0, only on MIPS)" @@ -430,7 +430,7 @@ The arguments .IR arg3 , .IR arg4 , and -.IR arg5 +.I arg5 are ignored. .TP .BR PR_SET_FPEMU " (since Linux 2.4.18, 2.5.9, only on ia64)" @@ -516,7 +516,7 @@ In late kill mode, the process is killed only when it accesses a corrupted page. See .BR sigaction (2) for more information on the -.BR SIGBUS +.B SIGBUS signal. The policy is inherited by children. The remaining unused @@ -540,7 +540,7 @@ However, there are cases, such as self-modifying programs, where a program might find it useful to change its own memory map. .IP The calling process must have the -.BR CAP_SYS_RESOURCE +.B CAP_SYS_RESOURCE capability. The value in .I arg2 @@ -556,11 +556,11 @@ arguments must be zero if unused. Before Linux 3.10, .\" commit 52b3694157e3aa6df871e283115652ec6f2d31e0 this feature is available only if the kernel is built with the -.BR CONFIG_CHECKPOINT_RESTORE +.B CONFIG_CHECKPOINT_RESTORE option enabled. .RS .TP -.BR PR_SET_MM_START_CODE +.B PR_SET_MM_START_CODE Set the address above which the program text can run. The corresponding memory area must be readable and executable, but not writable or shareable (see @@ -569,12 +569,12 @@ and .BR mmap (2) for more information). .TP -.BR PR_SET_MM_END_CODE +.B PR_SET_MM_END_CODE Set the address below which the program text can run. The corresponding memory area must be readable and executable, but not writable or shareable. .TP -.BR PR_SET_MM_START_DATA +.B PR_SET_MM_START_DATA Set the address above which initialized and uninitialized (bss) data are placed. The corresponding memory area must be readable and writable, @@ -586,11 +586,11 @@ uninitialized (bss) data are placed. The corresponding memory area must be readable and writable, but not executable or shareable. .TP -.BR PR_SET_MM_START_STACK +.B PR_SET_MM_START_STACK Set the start address of the stack. The corresponding memory area must be readable and writable. .TP -.BR PR_SET_MM_START_BRK +.B PR_SET_MM_START_BRK Set the address above which the program heap can be expanded with .BR brk (2) call. @@ -598,31 +598,31 @@ The address must be greater than the ending address of the current program data segment. In addition, the combined size of the resulting heap and the size of the data segment can't exceed the -.BR RLIMIT_DATA +.B RLIMIT_DATA resource limit (see .BR setrlimit (2)). .TP -.BR PR_SET_MM_BRK +.B PR_SET_MM_BRK Set the current .BR brk (2) value. The requirements for the address are the same as for the -.BR PR_SET_MM_START_BRK +.B PR_SET_MM_START_BRK option. .PP The following options are available since Linux 3.5. .\" commit fe8c7f5cbf91124987106faa3bdf0c8b955c4cf7 .TP -.BR PR_SET_MM_ARG_START +.B PR_SET_MM_ARG_START Set the address above which the program command line is placed. .TP -.BR PR_SET_MM_ARG_END +.B PR_SET_MM_ARG_END Set the address below which the program command line is placed. .TP -.BR PR_SET_MM_ENV_START +.B PR_SET_MM_ENV_START Set the address above which the program environment is placed. .TP -.BR PR_SET_MM_ENV_END +.B PR_SET_MM_ENV_END Set the address below which the program environment is placed. .IP The address passed with @@ -630,15 +630,15 @@ The address passed with .BR PR_SET_MM_ARG_END , .BR PR_SET_MM_ENV_START , and -.BR PR_SET_MM_ENV_END +.B PR_SET_MM_ENV_END should belong to a process stack area. Thus, the corresponding memory area must be readable, writable, and (depending on the kernel configuration) have the -.BR MAP_GROWSDOWN +.B MAP_GROWSDOWN attribute set (see .BR mmap (2)). .TP -.BR PR_SET_MM_AUXV +.B PR_SET_MM_AUXV Set a new auxiliary vector. The .I arg3 @@ -647,10 +647,10 @@ The .I arg4 is the size of the vector. .TP -.BR PR_SET_MM_EXE_FILE +.B PR_SET_MM_EXE_FILE .\" commit b32dfe377102ce668775f8b6b1461f7ad428f8b6 Supersede the -.IR /proc/pid/exe +.I /proc/pid/exe symbolic link with a new one pointing to a new executable file identified by the file descriptor provided in .I arg3 @@ -663,12 +663,12 @@ To change the symbolic link, one needs to unmap all existing executable memory areas, including those created by the kernel itself (for example the kernel usually creates at least one executable memory area for the ELF -.IR \.text +.I \.text section). .IP In Linux 4.9 and earlier, the .\" commit 3fb4afd9a504c2386b8435028d43283216bf588e -.BR PR_SET_MM_EXE_FILE +.B PR_SET_MM_EXE_FILE operation can be performed only once in a process's lifetime; attempting to perform the operation a second time results in the error .BR EPERM . @@ -680,7 +680,7 @@ user-space applications needed to perform this operation more than once. The following options are available since Linux 3.18. .\" commit f606b77f1a9e362451aca8f81d8f36a3a112139e .TP -.BR PR_SET_MM_MAP +.B PR_SET_MM_MAP Provides one-shot access to all the addresses by passing in a .I struct prctl_mm_map (as defined in \fI<linux/prctl.h>\fP). @@ -689,10 +689,10 @@ The argument should provide the size of the struct. .IP This feature is available only if the kernel is built with the -.BR CONFIG_CHECKPOINT_RESTORE +.B CONFIG_CHECKPOINT_RESTORE option enabled. .TP -.BR PR_SET_MM_MAP_SIZE +.B PR_SET_MM_MAP_SIZE Returns the size of the .I struct prctl_mm_map the kernel expects. @@ -702,7 +702,7 @@ The argument should be a pointer to an unsigned int. .IP This feature is available only if the kernel is built with the -.BR CONFIG_CHECKPOINT_RESTORE +.B CONFIG_CHECKPOINT_RESTORE option enabled. .RE .TP @@ -717,7 +717,7 @@ The .IR arg3 , .IR arg4 , and -.IR arg5 +.I arg5 .\" commit e9d1b4f3c60997fe197bf0243cb4a41a44387a88 arguments must be zero. .IP @@ -753,7 +753,7 @@ register. .IP These calls fail if the CPU or kernel does not support MPX. Kernel support for MPX is enabled via the -.BR CONFIG_X86_INTEL_MPX +.B CONFIG_X86_INTEL_MPX configuration option. You can check whether the CPU supports MPX by looking for the 'mpx' CPUID bit, like with the following command: @@ -775,7 +775,7 @@ inherits the state of MPX management. During .BR execve (2), MPX management is reset to a state as if -.BR PR_MPX_DISABLE_MANAGEMENT +.B PR_MPX_DISABLE_MANAGEMENT had been called. .IP For further information on Intel MPX, see the kernel source file @@ -838,14 +838,14 @@ the value of a thread's attribute can be viewed via the .I NoNewPrivs field in the -.IR /proc/[pid]/status +.I /proc/[pid]/status file. .IP For more information, see the kernel source file -.IR Documentation/userspace\-api/no_new_privs.rst +.I Documentation/userspace\-api/no_new_privs.rst .\" commit 40fde647ccb0ae8c11d256d271e24d385eed595b (or -.IR Documentation/prctl/no_new_privs.txt +.I Documentation/prctl/no_new_privs.txt before Linux 4.13). See also .BR seccomp (2). @@ -885,7 +885,7 @@ thread and also upon termination of each subreaper process above) to which the caller is subsequently reparented. If the parent thread and all ancestor subreapers have already terminated by the time of the -.BR PR_SET_PDEATHSIG +.B PR_SET_PDEATHSIG operation, then no parent-death signal is sent to the caller. .IP The parent-death signal is process-directed (see @@ -941,10 +941,10 @@ the ptrace restrictions introduced by Yama are effectively disabled for the calling process. .IP For further information, see the kernel source file -.IR Documentation/admin\-guide/LSM/Yama.rst +.I Documentation/admin\-guide/LSM/Yama.rst .\" commit 90bb766440f2147486a2acc3e793d7b8348b0c22 (or -.IR Documentation/security/Yama.txt +.I Documentation/security/Yama.txt before Linux 4.13). .TP .BR PR_SET_SECCOMP " (since Linux 2.6.23)" @@ -964,7 +964,7 @@ The seccomp mode is selected via .IR <linux/seccomp.h> .) .IP With -.IR arg2 +.I arg2 set to .BR SECCOMP_MODE_STRICT , the only system calls that the thread is permitted to make are @@ -976,7 +976,7 @@ the only system calls that the thread is permitted to make are and .BR sigreturn (2). Other system calls result in the delivery of a -.BR SIGKILL +.B SIGKILL signal. Strict secure computing mode is useful for number-crunching applications that may need to execute untrusted byte code, @@ -987,7 +987,7 @@ if the kernel is configured with enabled. .IP With -.IR arg2 +.I arg2 set to .BR SECCOMP_MODE_FILTER " (since Linux 3.5)," the system calls allowed are defined by a pointer @@ -1002,7 +1002,7 @@ This mode is available only if the kernel is configured with enabled. .IP If -.BR SECCOMP_MODE_FILTER +.B SECCOMP_MODE_FILTER filters permit .BR fork (2), then the seccomp mode is inherited by children created by @@ -1017,10 +1017,10 @@ calls, then additional filters can be added; they are run in order until the first non-allow result is seen. .IP For further information, see the kernel source file -.IR Documentation/userspace\-api/seccomp_filter.rst +.I Documentation/userspace\-api/seccomp_filter.rst .\" commit c061f33f35be0ccc80f4b8e0aea5dfd2ed7e01a3 (or -.IR Documentation/prctl/seccomp_filter.txt +.I Documentation/prctl/seccomp_filter.txt before Linux 4.13). .TP .BR PR_GET_SECCOMP " (since Linux 2.6.23)" @@ -1034,7 +1034,7 @@ call will cause a signal to be sent to the process. If the caller is in filter mode, and this system call is allowed by the seccomp filters, it returns 2; otherwise, the process is killed with a -.BR SIGKILL +.B SIGKILL signal. This operation is available only if the kernel is configured with @@ -1042,9 +1042,9 @@ if the kernel is configured with enabled. .IP Since Linux 3.8, the -.IR Seccomp +.I Seccomp field of the -.IR /proc/[pid]/status +.I /proc/[pid]/status file provides a method of obtaining the same information, without the risk that the process is killed; see .BR proc (5). @@ -1065,24 +1065,24 @@ See Returns the state of the speculation misfeature specified in .IR arg2 . Currently, the only permitted value for this argument is -.BR PR_SPEC_STORE_BYPASS +.B PR_SPEC_STORE_BYPASS (otherwise the call fails with the error .BR ENODEV ). .IP The return value uses bits 0-3 with the following meaning: .RS .TP -.BR PR_SPEC_PRCTL +.B PR_SPEC_PRCTL Mitigation can be controlled per thread by .B PR_SET_SPECULATION_CTRL .TP -.BR PR_SPEC_ENABLE +.B PR_SPEC_ENABLE The speculation feature is enabled, mitigation is disabled. .TP -.BR PR_SPEC_DISABLE +.B PR_SPEC_DISABLE The speculation feature is disabled, mitigation is enabled .TP -.BR PR_SPEC_FORCE_DISABLE +.B PR_SPEC_FORCE_DISABLE Same as .B PR_SPEC_DISABLE but cannot be undone. @@ -1117,18 +1117,18 @@ Currently, the only permitted value for this argument is .BR ENODEV ). This setting is a per-thread attribute. The -.IR arg3 +.I arg3 argument is used to hand in the control value, which is one of the following: .RS .TP -.BR PR_SPEC_ENABLE +.B PR_SPEC_ENABLE The speculation feature is enabled, mitigation is disabled. .TP -.BR PR_SPEC_DISABLE +.B PR_SPEC_DISABLE The speculation feature is disabled, mitigation is enabled .TP -.BR PR_SPEC_FORCE_DISABLE +.B PR_SPEC_FORCE_DISABLE Same as .B PR_SPEC_DISABLE but cannot be undone. @@ -1140,7 +1140,7 @@ will fail with the error .RE .IP Any other value in -.IR arg3 +.I arg3 will result in the call failing with the error .BR ERANGE . .IP @@ -1224,7 +1224,7 @@ and the flag, in the location pointed to by .IR "(int\ **)\ arg2" . This feature is available only if the kernel is built with the -.BR CONFIG_CHECKPOINT_RESTORE +.B CONFIG_CHECKPOINT_RESTORE option enabled. Note that since the .BR prctl () @@ -1240,7 +1240,7 @@ Each thread has two associated timer slack values: a "default" value, and a "current" value. This operation sets the "current" timer slack value for the calling thread. If the nanosecond value supplied in -.IR arg2 +.I arg2 is greater than zero, then the "current" value is set to this value. If .I arg2 @@ -1288,7 +1288,7 @@ Thereafter, a thread can adjust its "current" timer slack value via .BR PR_SET_TIMERSLACK . The "default" value can't be changed. The timer slack values of -.IR init +.I init (PID 1), the ancestor of all processes, are 50,000 nanoseconds (50 microseconds). The timer slack values are preserved across @@ -1362,9 +1362,9 @@ Alpha also supports an additional flag with the value of 4 and no corresponding named constant, which instructs kernel to not fix up unaligned accesses (it is analogous to providing the -.BR UAC_NOFIX +.B UAC_NOFIX flag in -.BR SSI_NVPAIRS +.B SSI_NVPAIRS operation of the .BR setsysinfo () system call on Tru64). @@ -1388,7 +1388,7 @@ On success, .BR PR_MCE_KILL_GET , .BR PR_CAP_AMBIENT + PR_CAP_AMBIENT_IS_SET , and (if it returns) -.BR PR_GET_SECCOMP +.B PR_GET_SECCOMP return the nonnegative values described above. All other .I option @@ -1401,17 +1401,17 @@ is set appropriately. .B EACCES .I option is -.BR PR_SET_SECCOMP +.B PR_SET_SECCOMP and .I arg2 is .BR SECCOMP_MODE_FILTER , but the process does not have the -.BR CAP_SYS_ADMIN +.B CAP_SYS_ADMIN capability or has not set the -.IR no_new_privs +.I no_new_privs attribute (see the discussion of -.BR PR_SET_NO_NEW_PRIVS +.B PR_SET_NO_NEW_PRIVS above). .TP .B EACCES @@ -1471,9 +1471,9 @@ is not recognized. .B EINVAL .I option is -.BR PR_MCE_KILL +.B PR_MCE_KILL or -.BR PR_MCE_KILL_GET +.B PR_MCE_KILL_GET or .BR PR_SET_MM , and unused @@ -1488,7 +1488,7 @@ is not valid value for this .B EINVAL .I option is -.BR PR_SET_SECCOMP +.B PR_SET_SECCOMP or .BR PR_GET_SECCOMP , and the kernel was not configured with @@ -1533,7 +1533,7 @@ and the permissions of the corresponding memory area are not as required; .IP * .I arg2 is -.BR PR_SET_MM_START_BRK +.B PR_SET_MM_START_BRK or .BR PR_SET_MM_BRK , and @@ -1547,7 +1547,7 @@ resource limit to be exceeded. .B EINVAL .I option is -.BR PR_SET_PTRACER +.B PR_SET_PTRACER and .I arg2 is not 0, @@ -1565,7 +1565,7 @@ is not a valid signal number. .B EINVAL .I option is -.BR PR_SET_DUMPABLE +.B PR_SET_DUMPABLE and .I arg2 is neither @@ -1576,7 +1576,7 @@ nor .B EINVAL .I option is -.BR PR_SET_TIMING +.B PR_SET_TIMING and .I arg2 is not @@ -1585,7 +1585,7 @@ is not .B EINVAL .I option is -.BR PR_SET_NO_NEW_PRIVS +.B PR_SET_NO_NEW_PRIVS and .I arg2 is not equal to 1 @@ -1593,42 +1593,42 @@ or .IR arg3 , .IR arg4 , or -.IR arg5 +.I arg5 is nonzero. .TP .B EINVAL .I option is -.BR PR_GET_NO_NEW_PRIVS +.B PR_GET_NO_NEW_PRIVS and .IR arg2 , .IR arg3 , .IR arg4 , or -.IR arg5 +.I arg5 is nonzero. .TP .B EINVAL .I option is -.BR PR_SET_THP_DISABLE +.B PR_SET_THP_DISABLE and .IR arg3 , .IR arg4 , or -.IR arg5 +.I arg5 is nonzero. .TP .B EINVAL .I option is -.BR PR_GET_THP_DISABLE +.B PR_GET_THP_DISABLE and .IR arg2 , .IR arg3 , .IR arg4 , or -.IR arg5 +.I arg5 is nonzero. .TP .B EINVAL @@ -1643,41 +1643,41 @@ in the case of .BR PR_CAP_AMBIENT_CLEAR_ALL , .IR arg3 ) is nonzero; or -.IR arg2 +.I arg2 has an invalid value; or -.IR arg2 +.I arg2 is .BR PR_CAP_AMBIENT_LOWER , .BR PR_CAP_AMBIENT_RAISE , or -.BR PR_CAP_AMBIENT_IS_SET +.B PR_CAP_AMBIENT_IS_SET and -.IR arg3 +.I arg3 does not specify a valid capability. .TP .B ENODEV .I option was -.BR PR_SET_SPECULATION_CTRL +.B PR_SET_SPECULATION_CTRL the kernel or CPU does not support the requested speculation misfeature. .TP .B ENXIO .I option was -.BR PR_MPX_ENABLE_MANAGEMENT +.B PR_MPX_ENABLE_MANAGEMENT or -.BR PR_MPX_DISABLE_MANAGEMENT +.B PR_MPX_DISABLE_MANAGEMENT and the kernel or the CPU does not support MPX management. Check that the kernel and processor have MPX support. .TP .B ENXIO .I option was -.BR PR_SET_SPECULATION_CTRL +.B PR_SET_SPECULATION_CTRL implies that the control of the selected speculation misfeature is not possible. See -.BR PR_GET_SPECULATION_CTRL +.B PR_GET_SPECULATION_CTRL for the bit fields to determine which option is available. .TP .B EOPNOTSUPP @@ -1703,7 +1703,7 @@ or tried to set a flag whose corresponding locked flag was set .B EPERM .I option is -.BR PR_SET_SPECULATION_CTRL +.B PR_SET_SPECULATION_CTRL wherein the speculation was disabled with .B PR_SPEC_FORCE_DISABLE and caller tried to enable it again. @@ -1735,15 +1735,15 @@ and the caller does not have the capability. .TP .B EPERM -.IR option +.I option is -.BR PR_CAP_AMBIENT +.B PR_CAP_AMBIENT and -.IR arg2 +.I arg2 is .BR PR_CAP_AMBIENT_RAISE , but either the capability specified in -.IR arg3 +.I arg3 is not present in the process's permitted and inheritable capability sets, or the .B PR_CAP_AMBIENT_LOWER @@ -1752,9 +1752,9 @@ securebit has been set. .B ERANGE .I option was -.BR PR_SET_SPECULATION_CTRL +.B PR_SET_SPECULATION_CTRL and -.IR arg3 +.I arg3 is neither .BR PR_SPEC_ENABLE , .BR PR_SPEC_DISABLE , @@ -1764,9 +1764,9 @@ nor .B EINVAL .I option was -.BR PR_GET_SPECULATION_CTRL +.B PR_GET_SPECULATION_CTRL or -.BR PR_SET_SPECULATION_CTRL +.B PR_SET_SPECULATION_CTRL and unused arguments to .BR prctl () are not 0. -- 2.20.1