\select@language {english}
\contentsline {chapter}{\numberline {1}Linux kernel release 4.x \textless {}http://kernel.org/\textgreater {}}{3}{chapter.1}
\contentsline {section}{\numberline {1.1}What is Linux?}{3}{section.1.1}
\contentsline {section}{\numberline {1.2}On what hardware does it run?}{3}{section.1.2}
\contentsline {section}{\numberline {1.3}Documentation}{3}{section.1.3}
\contentsline {section}{\numberline {1.4}Installing the kernel source}{4}{section.1.4}
\contentsline {section}{\numberline {1.5}Software requirements}{4}{section.1.5}
\contentsline {section}{\numberline {1.6}Build directory for the kernel}{4}{section.1.6}
\contentsline {section}{\numberline {1.7}Configuring the kernel}{5}{section.1.7}
\contentsline {section}{\numberline {1.8}Compiling the kernel}{6}{section.1.8}
\contentsline {section}{\numberline {1.9}If something goes wrong}{7}{section.1.9}
\contentsline {chapter}{\numberline {2}The kernel's command-line parameters}{9}{chapter.2}
\contentsline {section}{\numberline {2.1}cpu lists:}{9}{section.2.1}
\contentsline {section}{\numberline {2.2}Todo}{90}{section.2.2}
\contentsline {chapter}{\numberline {3}Linux allocated devices (4.x+ version)}{91}{chapter.3}
\contentsline {section}{\numberline {3.1}Additional \texttt {/dev/} directory entries}{145}{section.3.1}
\contentsline {subsection}{\numberline {3.1.1}Compulsory links}{145}{subsection.3.1.1}
\contentsline {subsection}{\numberline {3.1.2}Recommended links}{145}{subsection.3.1.2}
\contentsline {subsection}{\numberline {3.1.3}Locally defined links}{145}{subsection.3.1.3}
\contentsline {subsection}{\numberline {3.1.4}Sockets and pipes}{146}{subsection.3.1.4}
\contentsline {subsection}{\numberline {3.1.5}Mount points}{146}{subsection.3.1.5}
\contentsline {section}{\numberline {3.2}Terminal devices}{146}{section.3.2}
\contentsline {subsection}{\numberline {3.2.1}Virtual consoles and the console device}{146}{subsection.3.2.1}
\contentsline {subsection}{\numberline {3.2.2}Serial ports}{147}{subsection.3.2.2}
\contentsline {subsection}{\numberline {3.2.3}Pseudoterminals (PTYs)}{147}{subsection.3.2.3}
\contentsline {chapter}{\numberline {4}Reporting bugs}{149}{chapter.4}
\contentsline {section}{\numberline {4.1}Background}{149}{section.4.1}
\contentsline {section}{\numberline {4.2}How to report Linux kernel bugs}{149}{section.4.2}
\contentsline {subsection}{\numberline {4.2.1}Identify the problematic subsystem}{149}{subsection.4.2.1}
\contentsline {subsection}{\numberline {4.2.2}Identify who to notify}{149}{subsection.4.2.2}
\contentsline {subsection}{\numberline {4.2.3}Tips for reporting bugs}{150}{subsection.4.2.3}
\contentsline {subsection}{\numberline {4.2.4}Gather information}{150}{subsection.4.2.4}
\contentsline {section}{\numberline {4.3}Follow up}{151}{section.4.3}
\contentsline {subsection}{\numberline {4.3.1}Expectations for bug reporters}{151}{subsection.4.3.1}
\contentsline {subsection}{\numberline {4.3.2}Expectations for kernel maintainers}{151}{subsection.4.3.2}
\contentsline {chapter}{\numberline {5}Security bugs}{153}{chapter.5}
\contentsline {section}{\numberline {5.1}Contact}{153}{section.5.1}
\contentsline {section}{\numberline {5.2}Disclosure}{153}{section.5.2}
\contentsline {section}{\numberline {5.3}Coordination}{153}{section.5.3}
\contentsline {section}{\numberline {5.4}CVE assignment}{154}{section.5.4}
\contentsline {section}{\numberline {5.5}Non-disclosure agreements}{154}{section.5.5}
\contentsline {chapter}{\numberline {6}Bug hunting}{155}{chapter.6}
\contentsline {section}{\numberline {6.1}Where is the Oops message is located?}{156}{section.6.1}
\contentsline {section}{\numberline {6.2}Finding the bug's location}{156}{section.6.2}
\contentsline {subsection}{\numberline {6.2.1}gdb}{156}{subsection.6.2.1}
\contentsline {subsection}{\numberline {6.2.2}objdump}{158}{subsection.6.2.2}
\contentsline {section}{\numberline {6.3}Reporting the bug}{159}{section.6.3}
\contentsline {section}{\numberline {6.4}Fixing the bug}{159}{section.6.4}
\contentsline {section}{\numberline {6.5}Notes on Oops tracing with \texttt {klogd}}{159}{section.6.5}
\contentsline {chapter}{\numberline {7}Bisecting a bug}{161}{chapter.7}
\contentsline {section}{\numberline {7.1}Introduction}{161}{section.7.1}
\contentsline {section}{\numberline {7.2}Devices not appearing}{161}{section.7.2}
\contentsline {section}{\numberline {7.3}Finding patch that caused a bug}{161}{section.7.3}
\contentsline {chapter}{\numberline {8}Tainted kernels}{163}{chapter.8}
\contentsline {chapter}{\numberline {9}Ramoops oops/panic logger}{165}{chapter.9}
\contentsline {section}{\numberline {9.1}Introduction}{165}{section.9.1}
\contentsline {section}{\numberline {9.2}Ramoops concepts}{165}{section.9.2}
\contentsline {section}{\numberline {9.3}Setting the parameters}{165}{section.9.3}
\contentsline {section}{\numberline {9.4}Dump format}{167}{section.9.4}
\contentsline {section}{\numberline {9.5}Reading the data}{167}{section.9.5}
\contentsline {section}{\numberline {9.6}Persistent function tracing}{167}{section.9.6}
\contentsline {chapter}{\numberline {10}Dynamic debug}{169}{chapter.10}
\contentsline {section}{\numberline {10.1}Introduction}{169}{section.10.1}
\contentsline {section}{\numberline {10.2}Controlling dynamic debug Behaviour}{169}{section.10.2}
\contentsline {section}{\numberline {10.3}Viewing Dynamic Debug Behaviour}{170}{section.10.3}
\contentsline {section}{\numberline {10.4}Command Language Reference}{170}{section.10.4}
\contentsline {section}{\numberline {10.5}Debug messages during Boot Process}{172}{section.10.5}
\contentsline {section}{\numberline {10.6}Debug Messages at Module Initialization Time}{173}{section.10.6}
\contentsline {section}{\numberline {10.7}Examples}{173}{section.10.7}
\contentsline {chapter}{\numberline {11}Explaining the dreaded ``No init found.'' boot hang message}{175}{chapter.11}
\contentsline {chapter}{\numberline {12}Rules on how to access information in sysfs}{177}{chapter.12}
\contentsline {chapter}{\numberline {13}Using the initial RAM disk (initrd)}{181}{chapter.13}
\contentsline {section}{\numberline {13.1}Operation}{181}{section.13.1}
\contentsline {section}{\numberline {13.2}Boot command-line options}{181}{section.13.2}
\contentsline {section}{\numberline {13.3}Compressed cpio images}{182}{section.13.3}
\contentsline {section}{\numberline {13.4}Installation}{182}{section.13.4}
\contentsline {section}{\numberline {13.5}Changing the root device}{184}{section.13.5}
\contentsline {section}{\numberline {13.6}Usage scenarios}{185}{section.13.6}
\contentsline {section}{\numberline {13.7}Obsolete root change mechanism}{186}{section.13.7}
\contentsline {section}{\numberline {13.8}Mixed change\_root and pivot\_root mechanism}{186}{section.13.8}
\contentsline {section}{\numberline {13.9}Resources}{186}{section.13.9}
\contentsline {chapter}{\numberline {14}Linux Serial Console}{187}{chapter.14}
\contentsline {chapter}{\numberline {15}Linux Braille Console}{189}{chapter.15}
\contentsline {chapter}{\numberline {16}Parport}{191}{chapter.16}
\contentsline {section}{\numberline {16.1}Parport as modules}{191}{section.16.1}
\contentsline {subsection}{\numberline {16.1.1}modprobe}{191}{subsection.16.1.1}
\contentsline {subsection}{\numberline {16.1.2}Parport probe {[}optional{]}}{192}{subsection.16.1.2}
\contentsline {section}{\numberline {16.2}Parport linked into the kernel statically}{192}{section.16.2}
\contentsline {section}{\numberline {16.3}Files in /proc}{192}{section.16.3}
\contentsline {section}{\numberline {16.4}Device drivers}{193}{section.16.4}
\contentsline {section}{\numberline {16.5}Reporting printer problems with parport}{194}{section.16.5}
\contentsline {chapter}{\numberline {17}RAID arrays}{195}{chapter.17}
\contentsline {section}{\numberline {17.1}Boot time assembly of RAID arrays}{195}{section.17.1}
\contentsline {subsection}{\numberline {17.1.1}\texttt {md device no.}}{195}{subsection.17.1.1}
\contentsline {subsection}{\numberline {17.1.2}\texttt {raid level}}{195}{subsection.17.1.2}
\contentsline {subsection}{\numberline {17.1.3}\texttt {chunk size factor}}{195}{subsection.17.1.3}
\contentsline {subsection}{\numberline {17.1.4}\texttt {fault level}}{196}{subsection.17.1.4}
\contentsline {subsection}{\numberline {17.1.5}\texttt {dev0} to \texttt {devn}}{196}{subsection.17.1.5}
\contentsline {section}{\numberline {17.2}Boot time autodetection of RAID arrays}{196}{section.17.2}
\contentsline {section}{\numberline {17.3}Boot time assembly of degraded/dirty arrays}{196}{section.17.3}
\contentsline {section}{\numberline {17.4}Superblock formats}{196}{section.17.4}
\contentsline {section}{\numberline {17.5}General Rules - apply for all superblock formats}{197}{section.17.5}
\contentsline {section}{\numberline {17.6}Specific Rules that apply to format-0 super block arrays, and arrays with no superblock (non-persistent)}{197}{section.17.6}
\contentsline {section}{\numberline {17.7}MD devices in sysfs}{197}{section.17.7}
\contentsline {chapter}{\numberline {18}Kernel module signing facility}{205}{chapter.18}
\contentsline {section}{\numberline {18.1}Overview}{205}{section.18.1}
\contentsline {section}{\numberline {18.2}Configuring module signing}{205}{section.18.2}
\contentsline {section}{\numberline {18.3}Generating signing keys}{206}{section.18.3}
\contentsline {section}{\numberline {18.4}Public keys in the kernel}{207}{section.18.4}
\contentsline {section}{\numberline {18.5}Manually signing modules}{207}{section.18.5}
\contentsline {section}{\numberline {18.6}Signed modules and stripping}{208}{section.18.6}
\contentsline {section}{\numberline {18.7}Loading signed modules}{208}{section.18.7}
\contentsline {section}{\numberline {18.8}Non-valid signatures and unsigned modules}{208}{section.18.8}
\contentsline {section}{\numberline {18.9}Administering/protecting the private key}{208}{section.18.9}
\contentsline {chapter}{\numberline {19}Linux Magic System Request Key Hacks}{209}{chapter.19}
\contentsline {section}{\numberline {19.1}What is the magic SysRq key?}{209}{section.19.1}
\contentsline {section}{\numberline {19.2}How do I enable the magic SysRq key?}{209}{section.19.2}
\contentsline {section}{\numberline {19.3}How do I use the magic SysRq key?}{209}{section.19.3}
\contentsline {section}{\numberline {19.4}What are the `command' keys?}{211}{section.19.4}
\contentsline {section}{\numberline {19.5}Okay, so what can I use them for?}{211}{section.19.5}
\contentsline {section}{\numberline {19.6}Sometimes SysRq seems to get `stuck' after using it, what can I do?}{212}{section.19.6}
\contentsline {section}{\numberline {19.7}I hit SysRq, but nothing seems to happen, what's wrong?}{212}{section.19.7}
\contentsline {section}{\numberline {19.8}I want to add SysRQ key events to a module, how does it work?}{212}{section.19.8}
\contentsline {section}{\numberline {19.9}When I hit a SysRq key combination only the header appears on the console?}{213}{section.19.9}
\contentsline {section}{\numberline {19.10}I have more questions, who can I ask?}{213}{section.19.10}
\contentsline {section}{\numberline {19.11}Credits}{213}{section.19.11}
\contentsline {chapter}{\numberline {20}Unicode support}{215}{chapter.20}
\contentsline {section}{\numberline {20.1}Introduction}{215}{section.20.1}
\contentsline {section}{\numberline {20.2}Actual characters assigned in the Linux Zone}{215}{section.20.2}
\contentsline {section}{\numberline {20.3}Klingon language support}{216}{section.20.3}
\contentsline {section}{\numberline {20.4}Other Fictional and Artificial Scripts}{217}{section.20.4}
\contentsline {chapter}{\numberline {21}Software cursor for VGA}{219}{chapter.21}
\contentsline {section}{\numberline {21.1}Examples}{219}{section.21.1}
\contentsline {chapter}{\numberline {22}Kernel Support for miscellaneous (your favourite) Binary Formats v1.1}{221}{chapter.22}
\contentsline {section}{\numberline {22.1}Hints}{223}{section.22.1}
\contentsline {chapter}{\numberline {23}Mono(tm) Binary Kernel Support for Linux}{225}{chapter.23}
\contentsline {chapter}{\numberline {24}Java(tm) Binary Kernel Support for Linux v1.03}{227}{chapter.24}
\contentsline {chapter}{\numberline {25}Reliability, Availability and Serviceability}{235}{chapter.25}
\contentsline {section}{\numberline {25.1}RAS concepts}{235}{section.25.1}
\contentsline {subsection}{\numberline {25.1.1}Improving RAS}{235}{subsection.25.1.1}
\contentsline {subsection}{\numberline {25.1.2}Types of errors}{235}{subsection.25.1.2}
\contentsline {subsection}{\numberline {25.1.3}Identifying a bad hardware component}{236}{subsection.25.1.3}
\contentsline {subsection}{\numberline {25.1.4}ECC memory}{237}{subsection.25.1.4}
\contentsline {section}{\numberline {25.2}EDAC - Error Detection And Correction}{238}{section.25.2}
\contentsline {subsection}{\numberline {25.2.1}Purpose}{238}{subsection.25.2.1}
\contentsline {subsection}{\numberline {25.2.2}Memory}{238}{subsection.25.2.2}
\contentsline {subsection}{\numberline {25.2.3}Other hardware elements}{238}{subsection.25.2.3}
\contentsline {subsection}{\numberline {25.2.4}PCI bus scanning}{238}{subsection.25.2.4}
\contentsline {subsection}{\numberline {25.2.5}Versioning}{239}{subsection.25.2.5}
\contentsline {subsection}{\numberline {25.2.6}Loading}{239}{subsection.25.2.6}
\contentsline {subsection}{\numberline {25.2.7}Sysfs interface}{239}{subsection.25.2.7}
\contentsline {subsection}{\numberline {25.2.8}Memory Controller (mc) Model}{239}{subsection.25.2.8}
\contentsline {subsection}{\numberline {25.2.9}\texttt {mcX} directories}{240}{subsection.25.2.9}
\contentsline {subsection}{\numberline {25.2.10}\texttt {dimmX} or \texttt {rankX} directories}{240}{subsection.25.2.10}
\contentsline {subsection}{\numberline {25.2.11}\texttt {csrowX} directories}{242}{subsection.25.2.11}
\contentsline {subsection}{\numberline {25.2.12}System Logging}{243}{subsection.25.2.12}
\contentsline {subsection}{\numberline {25.2.13}PCI Bus Parity Detection}{244}{subsection.25.2.13}
\contentsline {subsection}{\numberline {25.2.14}Sysfs configuration}{244}{subsection.25.2.14}
\contentsline {subsection}{\numberline {25.2.15}Module parameters}{244}{subsection.25.2.15}
\contentsline {subsection}{\numberline {25.2.16}EDAC device type}{246}{subsection.25.2.16}
\contentsline {subsection}{\numberline {25.2.17}Instances}{246}{subsection.25.2.17}
\contentsline {subsection}{\numberline {25.2.18}Blocks}{246}{subsection.25.2.18}
\contentsline {subsection}{\numberline {25.2.19}Usage of EDAC APIs on Nehalem and newer Intel CPUs}{247}{subsection.25.2.19}
\contentsline {subsection}{\numberline {25.2.20}Reference documents used on \texttt {amd64\_edac}}{249}{subsection.25.2.20}
\contentsline {subsubsection}{Credits}{250}{subsubsection*.3}
\contentsline {chapter}{\numberline {26}Power Management}{251}{chapter.26}
\contentsline {section}{\numberline {26.1}CPU Performance Scaling}{251}{section.26.1}
\contentsline {subsection}{\numberline {26.1.1}The Concept of CPU Performance Scaling}{251}{subsection.26.1.1}
\contentsline {subsection}{\numberline {26.1.2}CPU Performance Scaling in Linux}{251}{subsection.26.1.2}
\contentsline {subsection}{\numberline {26.1.3}\texttt {CPUFreq} Policy Objects}{252}{subsection.26.1.3}
\contentsline {subsection}{\numberline {26.1.4}CPU Initialization}{252}{subsection.26.1.4}
\contentsline {subsection}{\numberline {26.1.5}Policy Interface in \texttt {sysfs}}{253}{subsection.26.1.5}
\contentsline {subsection}{\numberline {26.1.6}Generic Scaling Governors}{255}{subsection.26.1.6}
\contentsline {subsubsection}{\texttt {performance}}{255}{subsubsection*.4}
\contentsline {subsubsection}{\texttt {powersave}}{255}{subsubsection*.5}
\contentsline {subsubsection}{\texttt {userspace}}{255}{subsubsection*.6}
\contentsline {subsubsection}{\texttt {schedutil}}{255}{subsubsection*.7}
\contentsline {subsubsection}{\texttt {ondemand}}{256}{subsubsection*.8}
\contentsline {subsubsection}{\texttt {conservative}}{257}{subsubsection*.9}
\contentsline {subsection}{\numberline {26.1.7}Frequency Boost Support}{258}{subsection.26.1.7}
\contentsline {subsubsection}{Background}{258}{subsubsection*.10}
\contentsline {subsubsection}{The \texttt {boost} File in \texttt {sysfs}}{258}{subsubsection*.11}
\contentsline {subsubsection}{Rationale for Boost Control Knob}{259}{subsubsection*.12}
\contentsline {subsubsection}{Legacy AMD \texttt {cpb} Knob}{259}{subsubsection*.13}
\contentsline {section}{\numberline {26.2}\texttt {intel\_pstate} CPU Performance Scaling Driver}{259}{section.26.2}
\contentsline {subsection}{\numberline {26.2.1}General Information}{259}{subsection.26.2.1}
\contentsline {subsection}{\numberline {26.2.2}Operation Modes}{260}{subsection.26.2.2}
\contentsline {subsubsection}{Active Mode}{260}{subsubsection*.15}
\contentsline {paragraph}{Active Mode With HWP}{260}{paragraph*.16}
\contentsline {subparagraph}{HWP + \texttt {performance}}{261}{subparagraph*.17}
\contentsline {subparagraph}{HWP + \texttt {powersave}}{261}{subparagraph*.18}
\contentsline {paragraph}{Active Mode Without HWP}{261}{paragraph*.19}
\contentsline {subparagraph}{\texttt {performance}}{261}{subparagraph*.20}
\contentsline {subparagraph}{\texttt {powersave}}{261}{subparagraph*.21}
\contentsline {subsubsection}{Passive Mode}{262}{subsubsection*.23}
\contentsline {subsection}{\numberline {26.2.3}Turbo P-states Support}{262}{subsection.26.2.3}
\contentsline {subsection}{\numberline {26.2.4}Processor Support}{263}{subsection.26.2.4}
\contentsline {subsection}{\numberline {26.2.5}User Space Interface in \texttt {sysfs}}{264}{subsection.26.2.5}
\contentsline {subsubsection}{Global Attributes}{264}{subsubsection*.29}
\contentsline {subsubsection}{Interpretation of Policy Attributes}{265}{subsubsection*.39}
\contentsline {subsubsection}{Coordination of P-State Limits}{265}{subsubsection*.46}
\contentsline {subsubsection}{Energy vs Performance Hints}{266}{subsubsection*.50}
\contentsline {subsection}{\numberline {26.2.6}\texttt {intel\_pstate} vs \texttt {acpi-cpufreq}}{266}{subsection.26.2.6}
\contentsline {subsection}{\numberline {26.2.7}Kernel Command Line Options for \texttt {intel\_pstate}}{267}{subsection.26.2.7}
\contentsline {subsection}{\numberline {26.2.8}Diagnostics and Tuning}{267}{subsection.26.2.8}
\contentsline {subsubsection}{Trace Events}{267}{subsubsection*.58}
\contentsline {subsubsection}{\texttt {ftrace}}{268}{subsubsection*.61}
\contentsline {subsubsection}{Tuning Interface in \texttt {debugfs}}{268}{subsubsection*.62}
\contentsline {chapter}{\numberline {27}Thunderbolt}{271}{chapter.27}
\contentsline {section}{\numberline {27.1}Security levels and how to use them}{271}{section.27.1}
\contentsline {section}{\numberline {27.2}Authorizing devices when security level is \texttt {user} or \texttt {secure}}{272}{section.27.2}
\contentsline {section}{\numberline {27.3}Upgrading NVM on Thunderbolt device or host}{272}{section.27.3}
\contentsline {section}{\numberline {27.4}Upgrading NVM when host controller is in safe mode}{273}{section.27.4}
\contentsline {chapter}{\numberline {28}Linux Security Module Usage}{275}{chapter.28}
\contentsline {section}{\numberline {28.1}AppArmor}{275}{section.28.1}
\contentsline {subsection}{\numberline {28.1.1}What is AppArmor?}{275}{subsection.28.1.1}
\contentsline {subsection}{\numberline {28.1.2}How to enable/disable}{275}{subsection.28.1.2}
\contentsline {subsection}{\numberline {28.1.3}Documentation}{276}{subsection.28.1.3}
\contentsline {subsection}{\numberline {28.1.4}Links}{276}{subsection.28.1.4}
\contentsline {section}{\numberline {28.2}LoadPin}{276}{section.28.2}
\contentsline {section}{\numberline {28.3}SELinux}{276}{section.28.3}
\contentsline {section}{\numberline {28.4}Smack}{277}{section.28.4}
\contentsline {subsection}{\numberline {28.4.1}The Simplified Mandatory Access Control Kernel (Whitepaper)}{280}{subsection.28.4.1}
\contentsline {subsubsection}{Mandatory Access Control}{280}{subsubsection*.64}
\contentsline {subsubsection}{Bell \& LaPadula}{280}{subsubsection*.65}
\contentsline {subsubsection}{Domain Type Enforcement}{281}{subsubsection*.66}
\contentsline {subsubsection}{Smack}{281}{subsubsection*.67}
\contentsline {subsubsection}{Smack Terminology}{281}{subsubsection*.68}
\contentsline {subsubsection}{Smack Basics}{281}{subsubsection*.69}
\contentsline {paragraph}{Labels}{281}{paragraph*.70}
\contentsline {paragraph}{Access Rules}{282}{paragraph*.71}
\contentsline {paragraph}{Smack Access Rules}{282}{paragraph*.72}
\contentsline {paragraph}{Access Rule Format}{282}{paragraph*.73}
\contentsline {paragraph}{Applying Access Rules}{283}{paragraph*.74}
\contentsline {paragraph}{Setting Access Rules}{284}{paragraph*.75}
\contentsline {paragraph}{Task Attribute}{284}{paragraph*.76}
\contentsline {paragraph}{File Attribute}{284}{paragraph*.77}
\contentsline {paragraph}{Privilege}{284}{paragraph*.78}
\contentsline {paragraph}{Smack Networking}{284}{paragraph*.79}
\contentsline {paragraph}{CIPSO Configuration}{284}{paragraph*.80}
\contentsline {paragraph}{Socket Attributes}{285}{paragraph*.81}
\contentsline {paragraph}{Smack Netlabel Exceptions}{285}{paragraph*.82}
\contentsline {subsubsection}{Writing Applications for Smack}{286}{subsubsection*.83}
\contentsline {subsubsection}{Smack Ignorant Applications}{286}{subsubsection*.84}
\contentsline {subsubsection}{Smack Relevant Applications}{286}{subsubsection*.85}
\contentsline {subsubsection}{Smack Enforcing Applications}{286}{subsubsection*.86}
\contentsline {subsubsection}{File System Interfaces}{286}{subsubsection*.87}
\contentsline {subsubsection}{Socket Interfaces}{286}{subsubsection*.88}
\contentsline {subsubsection}{Administration}{287}{subsubsection*.89}
\contentsline {subsubsection}{Smack auditing}{287}{subsubsection*.90}
\contentsline {subsubsection}{Bringup Mode}{287}{subsubsection*.91}
\contentsline {section}{\numberline {28.5}TOMOYO}{287}{section.28.5}
\contentsline {subsection}{\numberline {28.5.1}What is TOMOYO?}{287}{subsection.28.5.1}
\contentsline {subsection}{\numberline {28.5.2}How to enable TOMOYO?}{288}{subsection.28.5.2}
\contentsline {subsection}{\numberline {28.5.3}Where is documentation?}{288}{subsection.28.5.3}
\contentsline {subsection}{\numberline {28.5.4}What is future plan?}{288}{subsection.28.5.4}
\contentsline {section}{\numberline {28.6}Yama}{288}{section.28.6}
\contentsline {subsection}{\numberline {28.6.1}ptrace\_scope}{288}{subsection.28.6.1}