diff options
| author | Tudor Brindus <me@tbrindus.ca> | 2020-06-25 16:54:04 -0400 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2020-07-13 21:37:48 -0400 |
| commit | fa6264bd9d674d5bd141d1153ed1d77e654b4af1 (patch) | |
| tree | f56f8703947055f9487172e73219ee5fc68b0ede /doc | |
| parent | 2f3ae1fe7eaa1195e29979ae341bfc288bc69ee5 (diff) | |
| download | libseccomp-fa6264bd9d674d5bd141d1153ed1d77e654b4af1.tar.gz | |
doc: clarify seccomp_rule_add syscall translation behavior
libseccomp performs a translation step when adding a raw syscall value
to a multi-architecture filter. For instance, when adding __NR_open
(syscall value 2 on x86-64) to a filter containing x86 and x86-64 where
the native ABI is x86-64, the x86 BPF branch will use the value 5
(__NR_open on x86).
This commit adds explicit documentation for the translation step.
Refs https://github.com/seccomp/libseccomp/issues/259.
Signed-off-by: Tudor Brindus <me@tbrindus.ca>
Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man/man3/seccomp_rule_add.3 | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/man/man3/seccomp_rule_add.3 b/doc/man/man3/seccomp_rule_add.3 index efa1bc6..58c6395 100644 --- a/doc/man/man3/seccomp_rule_add.3 +++ b/doc/man/man3/seccomp_rule_add.3 @@ -150,7 +150,10 @@ value directly using the standard values, in order to ensure proper operation across multiple architectures it is highly recommended to use the .BR SCMP_SYS () -macro instead. See the EXAMPLES section below. +macro instead. See the EXAMPLES section below. It is also important to +remember that regardless of the architectures present in the filter, the +syscall numbers used in filter rules are interpreted in the context of the +native architecture. .P Starting with Linux v4.8, there may be a need to create a rule with a syscall value of -1 to allow tracing programs to skip a syscall invocation; in order |