xref: /freebsd/usr.bin/proccontrol/proccontrol.1 (revision acb1f1269c6f4ff89a0d28ba742f6687e9ef779d)
114653744SKonstantin Belousov.\" Copyright (c) 2019 The FreeBSD Foundation, Inc.
214653744SKonstantin Belousov.\" All rights reserved.
314653744SKonstantin Belousov.\"
414653744SKonstantin Belousov.\" This documentation was written by
514653744SKonstantin Belousov.\" Konstantin Belousov <kib@FreeBSD.org> under sponsorship
614653744SKonstantin Belousov.\" from the FreeBSD Foundation.
714653744SKonstantin Belousov.\"
814653744SKonstantin Belousov.\" Redistribution and use in source and binary forms, with or without
914653744SKonstantin Belousov.\" modification, are permitted provided that the following conditions
1014653744SKonstantin Belousov.\" are met:
1114653744SKonstantin Belousov.\" 1. Redistributions of source code must retain the above copyright
1214653744SKonstantin Belousov.\"    notice, this list of conditions and the following disclaimer.
1314653744SKonstantin Belousov.\" 2. Redistributions in binary form must reproduce the above copyright
1414653744SKonstantin Belousov.\"    notice, this list of conditions and the following disclaimer in the
1514653744SKonstantin Belousov.\"    documentation and/or other materials provided with the distribution.
1614653744SKonstantin Belousov.\"
1714653744SKonstantin Belousov.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
1814653744SKonstantin Belousov.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1914653744SKonstantin Belousov.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2014653744SKonstantin Belousov.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
2114653744SKonstantin Belousov.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2214653744SKonstantin Belousov.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2314653744SKonstantin Belousov.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2414653744SKonstantin Belousov.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2514653744SKonstantin Belousov.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2614653744SKonstantin Belousov.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2714653744SKonstantin Belousov.\" SUCH DAMAGE.
2814653744SKonstantin Belousov.\"
2914653744SKonstantin Belousov.\" $FreeBSD$
3014653744SKonstantin Belousov.\"
31*acb1f126SEdward Tomasz Napierala.Dd July 2, 2021
3214653744SKonstantin Belousov.Dt PROCCONTROL 1
3314653744SKonstantin Belousov.Os
3414653744SKonstantin Belousov.Sh NAME
3514653744SKonstantin Belousov.Nm proccontrol
3614653744SKonstantin Belousov.Nd Control some process execution aspects
3714653744SKonstantin Belousov.Sh SYNOPSIS
3814653744SKonstantin Belousov.Nm
3914653744SKonstantin Belousov.Fl m Ar mode
4014653744SKonstantin Belousov.Op Fl s Ar control
4114653744SKonstantin Belousov.Op Fl q
4214653744SKonstantin Belousov.Fl p Ar pid | command
4314653744SKonstantin Belousov.Sh DESCRIPTION
4414653744SKonstantin BelousovThe
4514653744SKonstantin Belousov.Nm
4614653744SKonstantin Belousovcommand modifies the execution parameter of existing process
4714653744SKonstantin Belousovspecified by the
4814653744SKonstantin Belousov.Ar pid
4914653744SKonstantin Belousovargument, or starts execution of the new program
5014653744SKonstantin Belousov.Ar command
5114653744SKonstantin Belousovwith the execution parameter set for it.
5214653744SKonstantin Belousov.Pp
5314653744SKonstantin BelousovWhich execution parameter is changed, selected by the mandatory
5414653744SKonstantin Belousovparameter
5514653744SKonstantin Belousov.Ar mode .
5614653744SKonstantin BelousovPossible values for
5714653744SKonstantin Belousov.Ar mode
5814653744SKonstantin Belousovare:
5914653744SKonstantin Belousov.Bl -tag -width trapcap
6014653744SKonstantin Belousov.It Ar aslr
6114653744SKonstantin BelousovControl the Address Space Layout Randomization.
6214653744SKonstantin BelousovOnly applicable to the new process spawned.
6314653744SKonstantin Belousov.It Ar trace
6414653744SKonstantin BelousovControl the permission for debuggers to attach.
65504748bcSKonstantin BelousovNote that process is only allowed to enable tracing for itself,
66504748bcSKonstantin Belousovnot for any other process.
6714653744SKonstantin Belousov.It Ar trapcap
6814653744SKonstantin BelousovControls the signalling of capability mode access violations.
6946922074SKonstantin Belousov.It Ar protmax
7046922074SKonstantin BelousovControls the implicit PROT_MAX application for
7146922074SKonstantin Belousov.Xr mmap 2 .
72*acb1f126SEdward Tomasz Napierala.It Ar nonewprivs
73*acb1f126SEdward Tomasz NapieralaControls disabling the setuid and sgid bits for
74*acb1f126SEdward Tomasz Napierala.Xr execve 2 .
75fab66680SKonstantin Belousov.It Ar kpti
76fab66680SKonstantin BelousovControls the KPTI enable, AMD64 only.
77da477bcdSKonstantin Belousov.It Ar la48
78da477bcdSKonstantin BelousovControl limiting usermode process address space to 48 bits of address,
79da477bcdSKonstantin BelousovAMD64 only, on machines capable of 57-bit addressing.
8014653744SKonstantin Belousov.El
8114653744SKonstantin Belousov.Pp
8214653744SKonstantin BelousovThe
83504748bcSKonstantin Belousov.Ar control
8414653744SKonstantin Belousovspecifies if the selected
8514653744SKonstantin Belousov.Ar mode
8614653744SKonstantin Belousovshould be enabled or disabled.
8714653744SKonstantin BelousovPossible values are
8814653744SKonstantin Belousov.Ar enable
8914653744SKonstantin Belousovand
9014653744SKonstantin Belousov.Ar disable ,
9114653744SKonstantin Belousovwith the default value being
9214653744SKonstantin Belousov.Ar enable
9314653744SKonstantin Belousovif not specified.
9414653744SKonstantin BelousovSee
9514653744SKonstantin Belousov.Xr procctl 2
9614653744SKonstantin Belousovfor detailed description of each mode effects and interaction with other
9714653744SKonstantin Belousovprocess control facilities.
9814653744SKonstantin Belousov.Pp
9914653744SKonstantin BelousovThe
100504748bcSKonstantin Belousov.Fl q
10114653744SKonstantin Belousovswitch makes the utility query and print the current setting for
10214653744SKonstantin Belousovthe selected mode.
103504748bcSKonstantin BelousovThe
104504748bcSKonstantin Belousov.Fl q
105504748bcSKonstantin Belousovrequires the query target process specification with
106504748bcSKonstantin Belousov.Fl p .
10714653744SKonstantin Belousov.Sh EXIT STATUS
10814653744SKonstantin Belousov.Ex -std
10914653744SKonstantin Belousov.Sh EXAMPLES
11014653744SKonstantin Belousov.Bl -bullet
11114653744SKonstantin Belousov.It
11214653744SKonstantin BelousovTo disable debuggers attachment to the process 1020, execute
11314653744SKonstantin Belousov.Dl "proccontrol -m trace -s disable -p 1020"
11414653744SKonstantin Belousov.It
11514653744SKonstantin BelousovTo execute the
11614653744SKonstantin Belousov.Xr uniq 1
11714653744SKonstantin Belousovprogram in a mode where capability access violations cause
11814653744SKonstantin Belousov.Dv SIGTRAP
11914653744SKonstantin Belousovdelivery, do
12014653744SKonstantin Belousov.Dl "proccontrol -m trapcap uniq"
12114653744SKonstantin Belousov.It
12214653744SKonstantin BelousovTo query the current ASLR enablement mode for the running
12314653744SKonstantin Belousovprocess 1020, do
12414653744SKonstantin Belousov.Dl "proccontrol -m aslr -q -p 1020"
12514653744SKonstantin Belousov.El
12614653744SKonstantin Belousov.Sh SEE ALSO
12714653744SKonstantin Belousov.Xr kill 2 ,
12814653744SKonstantin Belousov.Xr procctl 2 ,
12914653744SKonstantin Belousov.Xr ptrace 2
13014653744SKonstantin Belousov.Sh HISTORY
13114653744SKonstantin BelousovThe
13214653744SKonstantin Belousov.Nm
13314653744SKonstantin Belousovcommand appeared in
13414653744SKonstantin Belousov.Fx 10.0 .
13514653744SKonstantin Belousov.Sh AUTHORS
13614653744SKonstantin BelousovThe
13714653744SKonstantin Belousov.Nm
13814653744SKonstantin Belousovcommand and this manual page were written by
13914653744SKonstantin Belousov.An Konstantin Belousov Aq Mt kib@freebsd.org
14014653744SKonstantin Belousovunder sponsorship from The FreeBSD Foundation.
141