seccomp_unotify.2: Add BUGS section describing SECCOMP_IOCTL_NOTIF_RECV bug

Tycho Andersen confirmed that this issue is present.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

diff --git a/man2/seccomp_unotify.2 b/man2/seccomp_unotify.2
index c331d9eec12e42a9ea1d4e1fd8af1414cf551625..96fc3117d73751f16231ec2b5bb043a1bbb8695e 100644 (file)
--- a/man2/seccomp_unotify.2
+++ b/man2/seccomp_unotify.2
@@ -349,6 +349,8 @@ was being generated.
 .\" Is this expected behavior? It seems to me rather
 .\" desirable that SECCOMP_IOCTL_NOTIF_RECV should give an error
 .\" if the target process has terminated.
+.\"
+.\" For now, this behavior is documented in BUGS.
 .TP
 .BR SECCOMP_IOCTL_NOTIF_ID_VALID " (since Linux 5.0)"
 This operation can be used to check that a notification ID
@@ -562,6 +564,14 @@ these interfaces indicate that the file descriptor is readable.
 .\" Interestingly, after the event had been received, the file
 .\" descriptor indicates as writable (verified from the source
 .\" code and by experiment). How is this useful?
+.SH BUGS
+If a
+.BR SECCOMP_IOCTL_NOTIF_RECV
+.BR ioctl (2)
+operation is performed after the target process terminates, then the
+.BR ioctl (2)
+call simply blocks (rather than returning an error to indicate that the
+target process no longer exists).
 .SH EXAMPLES
 The (somewhat contrived) program shown below demonstrates the use of
 the interfaces described in this page.