Hi Stephen,
On 1/7/22 17:46, Stephen Kitt wrote:
Since seccomp() doesn't exist in glibc, avoid relying on it, and use
syscall() instead. This updates the example program to match the
documentation, which was updated in commit 5945cd7bd3c3 ("seccomp.2:
Use syscall(SYS_...); for system calls without a wrapper").
Signed-off-by: Stephen Kitt <steve@xxxxxxx>
Patch applied.
Thanks!
Alex
---
man2/seccomp.2 | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/man2/seccomp.2 b/man2/seccomp.2
index a3421871f..67928ed3f 100644
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@@ -1133,6 +1133,7 @@ cecilia
#include <linux/filter.h>
#include <linux/seccomp.h>
#include <sys/prctl.h>
+#include <sys/syscall.h>
#define X32_SYSCALL_BIT 0x40000000
#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
@@ -1190,7 +1191,7 @@ install_filter(int syscall_nr, int t_arch, int f_errno)
.filter = filter,
};
- if (seccomp(SECCOMP_SET_MODE_FILTER, 0, &prog)) {
+ if (syscall(SYS_seccomp, SECCOMP_SET_MODE_FILTER, 0, &prog)) {
perror("seccomp");
return 1;
}
--
Alejandro Colomar
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
http://www.alejandro-colomar.es/
