mirror of https://github.com/mkerrisk/man-pages
ptrace.2: Document PTRACE_O_SUSPEND_SECCOMP flag
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com> CC: Kees Cook <keescook@chromium.org> CC: Andy Lutomirski <luto@amacapital.net> CC: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
a0742a27be
commit
e3cfeba2ff
|
@ -592,6 +592,18 @@ The seccomp event message data (from the
|
|||
.BR SECCOMP_RET_DATA
|
||||
portion of the seccomp filter rule) can be retrieved with
|
||||
.BR PTRACE_GETEVENTMSG .
|
||||
.TP
|
||||
.BR PTRACE_O_SUSPEND_SECCOMP " (since Linux 4.2)"
|
||||
Suspend the tracee's seccomp protections. This applies regardless of mode, and
|
||||
can be used when the tracee has not yet installed seccomp filters. That is, a
|
||||
valid usecase is to suspend a tracee's seccomp protections before they are
|
||||
installed by the tracee, let the tracee install the filters, and then clear
|
||||
this flag when the filters should be resumed. Setting this option requires that
|
||||
the tracer have
|
||||
.BR CAP_SYS_ADMIN ,
|
||||
not have any seccomp protections installed, and not have
|
||||
.BR PTRACE_O_SUSPEND_SECCOMP
|
||||
set on itself.
|
||||
.RE
|
||||
.TP
|
||||
.BR PTRACE_GETEVENTMSG " (since Linux 2.5.46)"
|
||||
|
|
Loading…
Reference in New Issue