From 712551eaadb5d50f75395a980132d7e691ad877e Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Sat, 5 Sep 2015 08:43:31 +0200
Subject: [PATCH] seccomp.2: Describe use of 'instruction_pointer' data field

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/seccomp.2 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/man2/seccomp.2 b/man2/seccomp.2
index 8b869a9f5..8b0bd6e38 100644
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@@ -306,6 +306,20 @@ but also to explicitly reject all system calls that contain
 in
 .IR nr .
 
+The
+.I instruction_pointer
+field provides the address of the machine-language instruction that
+performed the system call.
+This might be useful in conjunction with the use of
+.I /proc/[pid]/maps
+to perform checks based on which region (mapping) of the program
+made the system call.
+(Probably, it is wise to lock down the
+.BR mmap (2)
+and
+.BR mprotect (2)
+system calls to prevent the program from subverting such checks.)
+
 When checking values from
 .IR args
 against a blacklist, keep in mind that arguments are often
@@ -777,6 +791,7 @@ main(int argc, char **argv)
 .BR prctl (2),
 .BR ptrace (2),
 .BR sigaction (2),
+.BR proc (5),
 .BR signal (7),
 .BR socket (7)
 .sp