LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

seccomp.2: Note that execve() may change syscall numbers during life of process 

On a multiarch/multi-ABI platform such as modern x86, each
architecture/ABI (x86-64, x32, i386)has its own syscall numbers,
which means a seccomp() filter may see different syscall numbers
over the life of the process if that process uses execve() to
execute programs that has a different architectures/ABIs.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2018-03-05 10:20:55 +01:00
parent a3dcaaa2ba
commit 036b0619f7
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
man2/seccomp.2
View File

@ -285,8 +285,11 @@ struct seccomp_data {
.PP
Because numbering of system calls varies between architectures and
some architectures (e.g., x86-64) allow user-space code to use
the calling conventions of multiple architectures, it is usually
necessary to verify the value of the
the calling conventions of multiple architectures
(and the convention being used may vary over the life of a process that uses
.BR execve (2)
to execute binaries that employ the different conventions),
it is usually necessary to verify the value of the
.IR arch
field.
.PP