seccomp.2: Document SECCOMP_GET_NOTIF_SIZES

Signed-off-by: Tycho Andersen <tycho@tycho.ws> CC: Kees Cook <keescook@chromium.org> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-12-12 17:11:05 -07:00 · 2018-12-12 17:11:05 -07:00 · 9bc48145a6
parent 408483bd31
commit 9bc48145a6
1 changed files with 24 additions and 0 deletions
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@ -2,6 +2,7 @@
 .\" and Copyright (C) 2012 Will Drewry <wad@chromium.org>
 .\" and Copyright (C) 2008, 2014,2017 Michael Kerrisk <mtk.manpages@gmail.com>
 .\" and Copyright (C) 2017 Tyler Hicks <tyhicks@canonical.com>
+.\" and Copyright (C) 2020 Tycho Andersen <tycho@tycho.ws>
 .\"
 .\" %%%LICENSE_START(VERBATIM)
 .\" Permission is granted to make and distribute verbatim copies of this
@ -250,6 +251,29 @@ The value of
 must be 0, and
 .IR args
 must be a pointer to an unsigned 32-bit filter return action.
+.TP
+.BR SECCOMP_GET_NOTIF_SIZES " (since Linux 4.21)"
+Get the sizes of the seccomp userspace notification structures. Since the
+structures include a struct seccomp_data which may grow in size, this command
+can be used to determine how much memory to allocate for sending and receiving
+notifications.
+.IP
+The value of
+.IR flags
+must be 0, and
+.IR args
+must be a pointer to a struct seccomp_notif_sizes, which looks like:
+.IP
+.in +4n
+.EX
+struct seccomp_notif_sizes
+    __u16 seccomp_notif;
+    __u16 seccomp_notif_resp;
+    __u16 seccomp_data;
+};
+.EE
+.in
+.PP
 .SS Filters
 When adding filters via
 .BR SECCOMP_SET_MODE_FILTER ,