Add support for a bunch of newer prctl's:

- PAC_RESET_KEYS
- IO_FLUSHER
- FP_MODE
- MPX
- THP_DISABLE
- TASK_PERF_EVENTS
- SPECULATION_CTRL

Author: seveas

_prctlmodule.c

@@ -50,6 +50,7 @@ prctl_prctl(PyObject *self, PyObject *args)
 {
     long option = 0;
     long arg = 0;
+    long arg2 = 0;
     char *argstr = NULL;
     char name[17] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
     int result;
@@ -59,7 +60,7 @@ prctl_prctl(PyObject *self, PyObject *args)
      * prctl possibilities. int+string is required for (and only accepted for)
      * PR_SET_NAME
      */
-    if(!PyArg_ParseTuple(args, "l|l", &option, &arg)) {
+    if(!PyArg_ParseTuple(args, "l|ll", &option, &arg, &arg2)) {
         if(!PyArg_ParseTuple(args, "ls", &option, &argstr)) {
             return NULL;
         }
@@ -88,6 +89,9 @@ prctl_prctl(PyObject *self, PyObject *args)
             break;
 #endif
         case(PR_SET_DUMPABLE):
+#ifdef PR_SET_IO_FLUSHER
+        case(PR_SET_IO_FLUSHER):
+#endif
         case(PR_SET_KEEPCAPS):
             /* Only 0 and 1 are allowed */
             arg = arg ? 1 : 0;
@@ -113,6 +117,14 @@ prctl_prctl(PyObject *self, PyObject *args)
                 return NULL;
             }
             break;
+#ifdef PR_SET_FP_MODE
+        case(PR_SET_FP_MODE):
+            if(arg != PR_FP_MODE_FR && arg != PR_FP_MODE_FRE) {
+                PyErr_SetString(PyExc_ValueError, "Unknown floating-point mode");
+                return NULL;
+            }
+            break;
+#endif
 #ifdef PR_MCE_KILL
         case(PR_SET_MCE_KILL):
             if(arg != PR_MCE_KILL_DEFAULT && arg != PR_MCE_KILL_EARLY && arg != PR_MCE_KILL_LATE) {
@@ -127,6 +139,14 @@ prctl_prctl(PyObject *self, PyObject *args)
             }
             strncpy(name, argstr, 16);
             break;
+#ifdef PR_PAC_RESET_KEYS
+        case(PR_PAC_RESET_KEYS):
+            if(arg & ~(PR_PAC_APIAKEY | PR_PAC_APIBKEY | PR_PAC_APDAKEY | PR_PAC_APDBKEY | PR_PAC_APGAKEY)) {
+                PyErr_SetString(PyExc_ValueError, "Unknown pointer authentication key");
+                return NULL;
+            }
+            break;
+#endif
         case(PR_SET_PDEATHSIG):
             if(arg < 0 || arg > SIGRTMAX) {
                 PyErr_SetString(PyExc_ValueError, "Unknown signal");
@@ -154,6 +174,30 @@ prctl_prctl(PyObject *self, PyObject *args)
                 return NULL;
             }
             break;
+#endif
+#ifdef PR_GET_SPECULATION_CTRL
+        case(PR_SET_SPECULATION_CTRL):
+            if(arg != PR_SPEC_STORE_BYPASS && arg != PR_SPEC_INDIRECT_BRANCH) {
+                PyErr_SetString(PyExc_ValueError, "Invalid speculation control setting");
+                return NULL;
+            }
+            if(arg2 != PR_SPEC_ENABLE
+               && arg2 != PR_SPEC_DISABLE
+               && arg2 != PR_SPEC_FORCE_DISABLE
+#ifdef PR_SPEC_DISABLE_NOEXEC
+               && arg2 != PR_SPEC_DISABLE_NOEXEC
+#endif
+            ) {
+                PyErr_SetString(PyExc_ValueError, "Invalid speculation control value");
+                return NULL;
+            }
+            /* Intentionally not breaking */
+        case(PR_GET_SPECULATION_CTRL):
+            if(arg != PR_SPEC_STORE_BYPASS && arg != PR_SPEC_INDIRECT_BRANCH) {
+                PyErr_SetString(PyExc_ValueError, "Invalid speculation control setting");
+                return NULL;
+            }
+            break;
 #endif
         case(PR_SET_TIMING):
             if(arg != PR_TIMING_STATISTICAL && arg != PR_TIMING_TIMESTAMP) {
@@ -199,14 +243,29 @@ prctl_prctl(PyObject *self, PyObject *args)
         case(PR_SET_ENDIAN):
         case(PR_SET_FPEMU):
         case(PR_SET_FPEXC):
+#ifdef PR_SET_FP_MODE
+        case(PR_GET_FP_MODE):
+        case(PR_SET_FP_MODE):
+#endif
+#ifdef PR_SET_IO_FLUSHER
+        case(PR_GET_IO_FLUSHER):
+        case(PR_SET_IO_FLUSHER):
+#endif
         case(PR_SET_KEEPCAPS):
         case(PR_GET_KEEPCAPS):
 #ifdef PR_MCE_KILL
         case(PR_GET_MCE_KILL):
 #endif
+#ifdef PR_MPX_ENABLE_MANAGEMENT
+        case(PR_MPX_ENABLE_MANAGEMENT):
+        case(PR_MPX_DISABLE_MANAGEMENT):
+#endif
 #ifdef PR_GET_NO_NEW_PRIVS
         case(PR_GET_NO_NEW_PRIVS):
         case(PR_SET_NO_NEW_PRIVS):
+#endif
+#ifdef PR_PAC_RESET_KEYS
+        case(PR_PAC_RESET_KEYS):
 #endif
         case(PR_SET_PDEATHSIG):
 #if defined(PR_GET_PTRACER) && (PR_GET_PTRACER != NOT_SET)
@@ -223,6 +282,18 @@ prctl_prctl(PyObject *self, PyObject *args)
         case(PR_SET_SECUREBITS):
         case(PR_GET_SECUREBITS):
 #endif
+#ifdef PR_GET_SPECULATION_CTRL
+        case(PR_GET_SPECULATION_CTRL):
+        case(PR_SET_SPECULATION_CTRL):
+#endif
+#ifdef PR_TASK_PERF_EVENTS_DISABLE
+        case(PR_TASK_PERF_EVENTS_DISABLE):
+        case(PR_TASK_PERF_EVENTS_ENABLE):
+#endif
+#ifdef PR_SET_THP_DISABLE
+        case(PR_GET_THP_DISABLE):
+        case(PR_SET_THP_DISABLE):
+#endif
 #ifdef PR_GET_TIMERSLACK
         case(PR_GET_TIMERSLACK):
         case(PR_SET_TIMERSLACK):
@@ -233,7 +304,7 @@ prctl_prctl(PyObject *self, PyObject *args)
         case(PR_SET_TSC):
 #endif
         case(PR_SET_UNALIGN):
-            result = prctl(option, arg, 0, 0, 0);
+            result = prctl(option, arg, arg2, 0, 0);
             if(result < 0) {
                 PyErr_SetFromErrno(PyExc_OSError);
                 return NULL;
@@ -243,12 +314,22 @@ prctl_prctl(PyObject *self, PyObject *args)
                 case(PR_CAPBSET_READ):
 #endif
                 case(PR_GET_DUMPABLE):
+#ifdef PR_SET_IO_FLUSHER
+                case(PR_GET_IO_FLUSHER):
+#endif
                 case(PR_GET_KEEPCAPS):
 #ifdef PR_GET_SECCOMP
                 case(PR_GET_SECCOMP):
+#endif
+#ifdef PR_GET_THP_DISABLE
+                case(PR_GET_THP_DISABLE):
 #endif
                 case(PR_GET_TIMING):
                     return PyBool_FromLong(result);
+
+#ifdef PR_SET_FP_MODE
+                case(PR_GET_FP_MODE):
+#endif
 #ifdef PR_MCE_KILL
                 case(PR_GET_MCE_KILL):
 #endif
@@ -261,6 +342,9 @@ prctl_prctl(PyObject *self, PyObject *args)
 #ifdef PR_GET_SECUREBITS
                 case(PR_GET_SECUREBITS):
 #endif
+#ifdef PR_GET_SPECULATION_CTRL
+                case(PR_GET_SPECULATION_CTRL):
+#endif
 #ifdef PR_GET_TIMERSLACK
                 case(PR_GET_TIMERSLACK):
 #endif
@@ -639,6 +723,9 @@ PyInit__prctl(void)
 #ifdef PR_CAPBSET_READ
     namedconstant(PR_CAPBSET_READ);
     namedconstant(PR_CAPBSET_DROP);
+#endif
+#ifdef PR_SET_CHILD_SUBREAPER
+    namedattribute(CHILD_SUBREAPER);
 #endif
     namedattribute(DUMPABLE);
     namedattribute(ENDIAN);
@@ -659,34 +746,72 @@ PyInit__prctl(void)
     namedconstant(PR_FP_EXC_NONRECOV);
     namedconstant(PR_FP_EXC_ASYNC);
     namedconstant(PR_FP_EXC_PRECISE);
+#ifdef PR_SET_FP_MODE
+    namedattribute(FP_MODE);
+    namedconstant(PR_FP_MODE_FR);
+    namedconstant(PR_FP_MODE_FRE);
+#endif
+#ifdef PR_SET_IO_FLUSHER
+    namedattribute(IO_FLUSHER);
+#endif
     namedattribute(KEEPCAPS);
 #ifdef PR_MCE_KILL
     namedattribute(MCE_KILL);
     namedconstant(PR_MCE_KILL_DEFAULT);
     namedconstant(PR_MCE_KILL_EARLY);
     namedconstant(PR_MCE_KILL_LATE);
+#endif
+#ifdef PR_MPX_ENABLE_MANAGEMENT
+    namedconstant(PR_MPX_ENABLE_MANAGEMENT);
+    namedconstant(PR_MPX_DISABLE_MANAGEMENT);
 #endif
     namedattribute(NAME);
+#ifdef PR_SET_NO_NEW_PRIVS
+    namedattribute(NO_NEW_PRIVS);
+#endif
+#ifdef PR_PAC_RESET_KEYS
+    namedconstant(PR_PAC_RESET_KEYS);
+    namedconstant(PR_PAC_APIAKEY);
+    namedconstant(PR_PAC_APIBKEY);
+    namedconstant(PR_PAC_APDAKEY);
+    namedconstant(PR_PAC_APDBKEY);
+    namedconstant(PR_PAC_APGAKEY);
+#endif
     namedattribute(PDEATHSIG);
 #ifdef PR_SET_PTRACER
     namedattribute(PTRACER);
 #endif
 #ifdef PR_SET_PTRACER_ANY
     namedconstant(PR_SET_PTRACER_ANY);
 #endif
-#ifdef PR_SET_CHILD_SUBREAPER
-    namedattribute(CHILD_SUBREAPER);
-#endif
-#ifdef PR_SET_NO_NEW_PRIVS
-    namedattribute(NO_NEW_PRIVS);
-#endif
-
 #ifdef PR_GET_SECCOMP
     namedattribute(SECCOMP);
 #endif
 #ifdef PR_GET_SECUREBITS
     namedattribute(SECUREBITS);
 #endif
+#ifdef PR_SET_SPECULATION_CTRL
+    namedattribute(SPECULATION_CTRL);
+    namedconstant(PR_SPEC_STORE_BYPASS);
+    namedconstant(PR_SPEC_INDIRECT_BRANCH);
+    namedconstant(PR_SPEC_PRCTL);
+    namedconstant(PR_SPEC_ENABLE);
+    namedconstant(PR_SPEC_DISABLE);
+    namedconstant(PR_SPEC_FORCE_DISABLE);
+#ifdef PR_SPEC_DISABLE_NOEXEC
+    namedconstant(PR_SPEC_DISABLE_NOEXEC);
+#endif
+#endif
+#ifdef PR_TASK_PERF_EVENTS_DISABLE
+    namedconstant(PR_TASK_PERF_EVENTS_DISABLE);
+    namedconstant(PR_TASK_PERF_EVENTS_ENABLE);
+#endif
+#ifdef PR_SET_THP_DISABLE
+    namedattribute(THP_DISABLE);
+#endif
+#ifdef PR_GET_TID_ADDRESS
+    namedconstant(PR_GET_TID_ADDRESS);
+#endif
 #ifdef PR_GET_TIMERSLACK
     namedattribute(TIMERSLACK);
 #endif
@@ -701,9 +826,7 @@ PyInit__prctl(void)
     namedattribute(UNALIGN);
     namedconstant(PR_UNALIGN_NOPRINT);
     namedconstant(PR_UNALIGN_SIGBUS);
-#ifdef PR_GET_TID_ADDRESS
-    namedconstant(PR_GET_TID_ADDRESS);
-#endif
+
     /* Add the CAP_* constants too */
     namedconstant(CAP_EFFECTIVE);
     namedconstant(CAP_PERMITTED);

docs/index.rst

@@ -137,6 +137,21 @@ The prctl module is now ready to use.
   Return the floating-point exception mode as a bitmap of enabled modes. See
   :func:`set_fpexc`.
 
+.. function:: set_io_flusher(is_flusher)
+
+  Put the process in :const:`IO_FLUSHER` state, which, which allows it special
+  treatment to make progress when allocating memory. This is used by process
+  involved in the block layer or filesystem i/o path, such as fuse daemons or
+  scsi device emulation daemons.
+
+  This is only available in linux 5.6 and newer
+
+.. function:: get_io_flusher()
+
+  Return the :const:`IO_FLUSHER` state of the process.
+
+  This is only available in linux 5.6 and newer
+
 .. function:: set_keepcaps(flag)
 
   Set the state of the thread's "keep capabilities" flag, which determines
@@ -147,6 +162,7 @@ The prctl module is now ready to use.
   are cleared). This value will be reset to :const:`False` on subsequent calls
   to :func:`execve`.
 
+
 .. function:: get_keepcaps()
 
   Return the current state of the calling thread's "keep capabilities" flag.
@@ -171,6 +187,16 @@ The prctl module is now ready to use.
 
   This is only available in linux 2.6.32 and newer
 
+.. function:: pr_mpx_enable_management()
+
+.. function:: pr_mpx_disable_management()
+
+  Enable or disable intel memory protection extensions. See :manpage:`prctl(2)`
+  for details and limitations.
+
+  This is only available in linux 3.19 and newer, but no longer available in
+  linux 5.4 and newer.
+
 .. function:: set_name(name)
 
   Set the process name for the calling process, the name can be up to 16 bytes
@@ -199,6 +225,23 @@ The prctl module is now ready to use.
 
   This is only available in linux 3.5 and newer
 
+.. function:: pac_reset_keys(keys)
+
+  Securely reset the thread's pointer authentication keys to fresh random
+  values generated by the kernel. The keys must be a logical or of any of the
+  keys you want to reset, or 0 to reset all keys. The available keys are
+  :const:`PR_PAC_APIAKEY`, :const:`PR_PAC_APIBKEY`, :const:`PR_PAC_APDAKEY`,
+  :const:`PR_PAC_APDBKEY` and :const:`PR_PAC_APGAKEY`.
+
+  For more information, see the kernel source file
+  Documentation/arm64/pointer-authentication.rst
+
+  This is only available in linux 5.0 and newer
+
+  .. note::
+    This function only works on arm64 systems. An :exc:`OSError` is raised
+    when called on other systems.
+
 .. function:: set_proctitle(title)
 
   Set the process name for the calling process by overwriting the C-level
@@ -272,6 +315,48 @@ The prctl module is now ready to use.
   operation is only available if the kernel is configured with
   :const:`CONFIG_SECCOMP` enabled.
 
+.. function:: set_speculation_ctrl(feature, value)
+
+  Sets the state of a speculation misfeature (:const:`SPEC_STORE_BYPASS` or
+  :const:`SPEC_INDIRECT_BRANCH`). The value is one of :const:`PR_SPEC_ENABLE`
+  to enable the feature, :const:`PR_SPEC_DISABLE` to disable it,
+  :const:`PR_SPEC_FORCE_DISABLE` to disable it permanently for the thread and
+  :const:`PR_SPEC_DISABLE_NOEXEC` to disable it until the next :func:`execve`.
+
+  This is only available in linux 4.17 and newer
+
+.. function:: get_speculation_ctrl(feature)
+
+  Returns the state of a speculation misfeature (:const:`SPEC_STORE_BYPASS` or
+  :const:`SPEC_INDIRECT_BRANCH`). The value is one of the values that can be
+  set by :func:`pr_set_speculation_ctrl`, possibly logically OR'ed with
+  const:`PR_SPEC_PRCTL` to indicate that the value can be controlled er thread
+  by that function. If all bits are 0, the CPU is not affected by the
+  misfeature.
+
+  This is only available in linux 4.17 and newer
+
+.. function:: task_perf_events_disable()
+.. function:: task_perf_events_enable()
+
+  Disable or enable all performance counters attached to the calling process,
+  regardless of whether the counters were created by this process or another
+  process. Performance counters created by the calling process for other
+  processes are unaffected. 
+
+.. function:: set_thp_disable(is_disabled)
+
+  Disable transparent huge ages for the current process. This flag is inhereted
+  by child process and preserved across execve.
+
+  This is only available in linux 3.15 and newer
+
+.. function:: get_thp_disable()
+ 
+  Return whether transparent huge pages are disabled for the current process.
+
+  This is only available in linux 3.15 and newer
+
 .. function:: get_tid_address()
 
   Allows the process to obtain its own `clear_tid_address`, used when