Zach Reizner pointed out a mismatch between kernel behavior and the
man-page documentation of SECCOMP_RET_KILL which kills tasks not
processes.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
---
man2/seccomp.2 | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/man2/seccomp.2 b/man2/seccomp.2
index 7d0e721..b805154 100644
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@@ -371,9 +371,9 @@ In decreasing order of precedence,
the values that may be returned by a seccomp filter are:
.TP
.BR SECCOMP_RET_KILL
-This value results in the process exiting immediately
+This value results in the task exiting immediately
without executing the system call.
-The process terminates as though killed by a
+The task terminates as though killed by a
.B SIGSYS
signal
.RI ( not
@@ -769,7 +769,7 @@ install_filter(int syscall_nr, int t_arch, int f_errno)
system calls */
BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_ALLOW),
- /* [7] Destination of architecture mismatch: kill process */
+ /* [7] Destination of architecture mismatch: kill task */
BPF_STMT(BPF_RET | BPF_K, SECCOMP_RET_KILL),
};
--
2.7.4
--
Kees Cook
Pixel Security
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
