seccomp.2: Document SECCOMP_GET_NOTIF_SIZES

Signed-off-by: Tycho Andersen <tycho@tycho.ws>
CC: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Tycho Andersen 2018-12-12 17:11:05 -07:00 committed by Michael Kerrisk
parent 408483bd31
commit 9bc48145a6
1 changed files with 24 additions and 0 deletions

View File

@ -2,6 +2,7 @@
.\" and Copyright (C) 2012 Will Drewry <wad@chromium.org>
.\" and Copyright (C) 2008, 2014,2017 Michael Kerrisk <mtk.manpages@gmail.com>
.\" and Copyright (C) 2017 Tyler Hicks <tyhicks@canonical.com>
.\" and Copyright (C) 2020 Tycho Andersen <tycho@tycho.ws>
.\"
.\" %%%LICENSE_START(VERBATIM)
.\" Permission is granted to make and distribute verbatim copies of this
@ -250,6 +251,29 @@ The value of
must be 0, and
.IR args
must be a pointer to an unsigned 32-bit filter return action.
.TP
.BR SECCOMP_GET_NOTIF_SIZES " (since Linux 4.21)"
Get the sizes of the seccomp userspace notification structures. Since the
structures include a struct seccomp_data which may grow in size, this command
can be used to determine how much memory to allocate for sending and receiving
notifications.
.IP
The value of
.IR flags
must be 0, and
.IR args
must be a pointer to a struct seccomp_notif_sizes, which looks like:
.IP
.in +4n
.EX
struct seccomp_notif_sizes
__u16 seccomp_notif;
__u16 seccomp_notif_resp;
__u16 seccomp_data;
};
.EE
.in
.PP
.SS Filters
When adding filters via
.BR SECCOMP_SET_MODE_FILTER ,