LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

seccomp.2: Use syscall(SYS_...); for system calls without a wrapper 

Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Alejandro Colomar 2021-06-12 10:31:19 +02:00 committed by Michael Kerrisk
parent 292583e25b
commit 5945cd7bd3
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
man2/seccomp.2
View File

@ -38,13 +38,18 @@ seccomp \- operate on Secure Computing state of the process
.BR "#include <sys/ptrace.h>" " /* Definition of " PTRACE_* " constants */" .BR "#include <sys/ptrace.h>" " /* Definition of " PTRACE_* " constants */"
.\" Kees Cook noted: Anything that uses SECCOMP_RET_TRACE returns will .\" Kees Cook noted: Anything that uses SECCOMP_RET_TRACE returns will
.\" need <sys/ptrace.h> .\" need <sys/ptrace.h>
.BR "#include <sys/syscall.h>" " /* Definition of " SYS_* " constants */"
.B #include <unistd.h>
.PP .PP
.BI "int seccomp(unsigned int " operation ", unsigned int " flags \ .BI "int syscall(SYS_seccomp, unsigned int " operation ", unsigned int " flags ,
", void *" args ); .BI " void *" args );
.fi .fi
.PP .PP
.IR Note : .IR Note :
There is no glibc wrapper for this system call; see NOTES. glibc provides no wrapper for
.BR seccomp (),
necessitating the use of
.BR syscall (2).
.SH DESCRIPTION .SH DESCRIPTION
The The
.BR seccomp () .BR seccomp ()
@ -930,9 +935,6 @@ Tile (since Linux 4.3)
PA-RISC (since Linux 4.6) PA-RISC (since Linux 4.6)
.\" User mode Linux since Linux 4.6 .\" User mode Linux since Linux 4.6
.PD .PD
.PP
Glibc does not provide a wrapper for this system call; call it using
.BR syscall (2).
.\" .\"
.SS Caveats .SS Caveats
There are various subtleties to consider when applying seccomp filters There are various subtleties to consider when applying seccomp filters