From 8826022c0b7dd01a09973596750f038334780aad Mon Sep 17 00:00:00 2001
From: Tom Hromatka <tom.hromatka@oracle.com>
Date: Thu, 22 Oct 2020 13:35:31 -0600
Subject: doc: Add SCMP_ACT_NOTIFY documentation to seccomp_rule_add.3

Document the usage of SCMP_ACT_NOTIFY in seccomp_rule_add.3

Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
---
 doc/man/man3/seccomp_rule_add.3 | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/doc/man/man3/seccomp_rule_add.3 b/doc/man/man3/seccomp_rule_add.3
index 58c6395..4d8ef3f 100644
--- a/doc/man/man3/seccomp_rule_add.3
+++ b/doc/man/man3/seccomp_rule_add.3
@@ -209,6 +209,22 @@ matches the filter rule but the syscall will be logged.
 .B SCMP_ACT_ALLOW
 The seccomp filter will have no effect on the thread calling the syscall if it
 matches the filter rule.
+.TP
+.B SCMP_ACT_NOTIFY
+A monitoring process will be notified when a process running the seccomp
+filter calls a syscall that matches the filter rule.  The process that invokes
+the syscall waits in the kernel until the monitoring process has responded via
+.B seccomp_notify_respond(3)
+\&.
+
+When a filter utilizing
+.B SCMP_ACT_NOTIFY
+is loaded into the kernel, the kernel generates a notification fd that must be
+used to communicate between the monitoring process and the process(es) being
+filtered.  See
+.B seccomp_notif_fd(3)
+for more information.
+
 .P
 Valid comparison
 .I op
-- 
cgit v1.2.1