mirror of https://github.com/mkerrisk/man-pages
seccomp.2: Some reworking of Tycho's SECCOMP_RET_USER_NOTIF patch
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
c734bbd265
commit
3bed246e7e
|
@ -600,16 +600,21 @@ portion of the filter's return value being passed to user space as the
|
|||
.IR errno
|
||||
value without executing the system call.
|
||||
.TP
|
||||
.BR SECCOMP_RET_USER_NOTIF " (since Linux 4.21)"
|
||||
Forwards the syscall to an attached listener in userspace to allow userspace to
|
||||
decide what to do with the syscall. If there is no attached listener (either
|
||||
.BR SECCOMP_RET_USER_NOTIF " (since Linux 5.0)"
|
||||
.\" commit 6a21cc50f0c7f87dae5259f6cfefe024412313f6
|
||||
Forward the system call to an attached user-space listening
|
||||
process to allow that process to decide what to do with the system call.
|
||||
If there is no attached listener (either
|
||||
because the filter was not installed with the
|
||||
.BR SECCOMP_FILTER_FLAG_NEW_LISTENER
|
||||
or because the fd was closed), the filter returns
|
||||
flag or because the file descriptor was closed), the filter returns
|
||||
.BR ENOSYS
|
||||
similar to what happens when a filter returns
|
||||
(similar to what happens when a filter returns
|
||||
.BR SECCOMP_RET_TRACE
|
||||
and there is no tracer. See "Userspace Notification" below for more details.
|
||||
and there is no tracer).
|
||||
See
|
||||
.BR seccomp_unotify (2)
|
||||
for further details.
|
||||
.TP
|
||||
.BR SECCOMP_RET_TRACE
|
||||
When returned, this value will cause the kernel to attempt to notify a
|
||||
|
|
Loading…
Reference in New Issue