On Wed, Dec 12, 2018 at 4:11 PM Tycho Andersen <tycho@xxxxxxxx> wrote: > > Add some documentation about how to use SECCOMP_GET_NOTIF_SIZES and what it > is used for. > > Signed-off-by: Tycho Andersen <tycho@xxxxxxxx> > CC: Kees Cook <keescook@xxxxxxxxxxxx> > --- > man2/seccomp.2 | 23 +++++++++++++++++++++++ > 1 file changed, 23 insertions(+) > > diff --git a/man2/seccomp.2 b/man2/seccomp.2 > index 191ad3582..d69187783 100644 > --- a/man2/seccomp.2 > +++ b/man2/seccomp.2 > @@ -243,6 +243,29 @@ The value of > must be 0, and > .IR args > must be a pointer to an unsigned 32-bit filter return action. > +.TP > +.BR SECCOMP_GET_NOTIF_SIZES " (since Linux 4.21)" Those I suppose this series should get updated for "5.0" instead of 4.21. :) > +Get the sizes of the seccomp userspace notification structures. Since the > +structures include a struct seccomp_data which may grow in size, this command > +can be used to determine how much memory to allocate for sending and receiving > +notifications. > +.IP > +The value of > +.IR flags > +must be 0, and > +.IR args > +must be a pointer to a struct seccomp_notif_sizes, which looks like: > +.IP > +.in +4n > +.EX > +struct seccomp_notif_sizes > + __u16 seccomp_notif; > + __u16 seccomp_notif_resp; > + __u16 seccomp_data; > +}; > +.EE > +.in > +.PP > .SS Filters > When adding filters via > .BR SECCOMP_SET_MODE_FILTER , > -- > 2.19.1 > -- Kees Cook
