Add some documentation about how to use SECCOMP_GET_NOTIF_SIZES and what it is used for. Signed-off-by: Tycho Andersen <tycho@xxxxxxxx> CC: Kees Cook <keescook@xxxxxxxxxxxx> --- man2/seccomp.2 | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/man2/seccomp.2 b/man2/seccomp.2 index 191ad3582..d69187783 100644 --- a/man2/seccomp.2 +++ b/man2/seccomp.2 @@ -243,6 +243,29 @@ The value of must be 0, and .IR args must be a pointer to an unsigned 32-bit filter return action. +.TP +.BR SECCOMP_GET_NOTIF_SIZES " (since Linux 4.21)" +Get the sizes of the seccomp userspace notification structures. Since the +structures include a struct seccomp_data which may grow in size, this command +can be used to determine how much memory to allocate for sending and receiving +notifications. +.IP +The value of +.IR flags +must be 0, and +.IR args +must be a pointer to a struct seccomp_notif_sizes, which looks like: +.IP +.in +4n +.EX +struct seccomp_notif_sizes + __u16 seccomp_notif; + __u16 seccomp_notif_resp; + __u16 seccomp_data; +}; +.EE +.in +.PP .SS Filters When adding filters via .BR SECCOMP_SET_MODE_FILTER , -- 2.19.1
