From: Tycho Andersen <tycho@tycho.ws>
Date: Sat, 26 Sep 2020 13:29:47 +0000 (+0200)
Subject: seccomp.2: Document SECCOMP_RET_USER_NOTIF
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7f8ea64e2f65dad8a033a81e9cb0a710938135d9;p=thirdparty%2Fman-pages.git

seccomp.2: Document SECCOMP_RET_USER_NOTIF

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---

diff --git a/man2/seccomp.2 b/man2/seccomp.2
index c18bf11ac5..fcbcf81b76 100644
--- a/man2/seccomp.2
+++ b/man2/seccomp.2
@@ -597,6 +597,17 @@ portion of the filter's return value being passed to user space as the
 .IR errno
 value without executing the system call.
 .TP
+.BR SECCOMP_RET_USER_NOTIF " (since Linux 4.21)"
+Forwards the syscall to an attached listener in userspace to allow userspace to
+decide what to do with the syscall. If there is no attached listener (either
+because the filter was not installed with the
+.BR SECCOMP_FILTER_FLAG_NEW_LISTENER
+or because the fd was closed), the filter returns
+.BR ENOSYS
+similar to what happens when a filter returns
+.BR SECCOMP_RET_TRACE
+and there is no tracer. See "Userspace Notification" below for more details.
+.TP
 .BR SECCOMP_RET_TRACE
 When returned, this value will cause the kernel to attempt to notify a
 .BR ptrace (2)-based