plucky (2) PR_GET_SECCOMP.2.gz

Provided by: manpages-dev_6.9.1-1_all bug

NAME
       PR_GET_SECCOMP - get the secure computing mode


LIBRARY
       Standard C library (libc, -lc)


SYNOPSIS
       #include <linux/prctl.h>  /* Definition of PR_* constants */
       #include <sys/prctl.h>

       int prctl(PR_GET_SECCOMP);


DESCRIPTION
       Return the secure computing mode of the calling thread.

       If  the  caller  is  not  in  secure computing mode, this operation returns 0; if the caller is in strict
       secure computing mode, then the prctl() call will cause a SIGKILL signal to be sent to the  process.   If
       the  caller  is  in  filter  mode,  and this system call is allowed by the seccomp filters, it returns 2;
       otherwise, the process is killed with a SIGKILL signal.

       This operation is available only if the kernel is configured with CONFIG_SECCOMP enabled.


RETURN VALUE
       On success, this call returns the nonnegative value described above.  On error, -1 is returned, and errno
       is set to indicate the error; or the process is killed.


ERRORS
       EINVAL The kernel was not configured with CONFIG_SECCOMP.

       SIGKILL
              The caller is in strict secure computing mode.

       SIGKILL
              The caller is in filter mode, and this system call is not allowed by the seccomp filters.


FILES
       /proc/pid/status
              Since  Linux  3.8,  the  Seccomp  field  of  this  file  provides  a  method of obtaining the same
              information, without the risk that the process is killed; see proc_pid_status(5).


STANDARDS
       Linux.


HISTORY
       Linux 2.6.23.


SEE ALSO
       prctl(2), PR_SET_SECCOMP(2const), seccomp(2)