NAME

       PR_GET_SECCOMP - get the secure computing mode

LIBRARY

       Standard C library (libc, -lc)

SYNOPSIS

       #include <linux/prctl.h>  /* Definition of PR_* constants */
       #include <sys/prctl.h>

       int prctl(PR_GET_SECCOMP);

DESCRIPTION

       Return the secure computing mode of the calling thread.

       If  the caller is not in secure computing mode, this operation returns 0; if the caller is
       in strict secure computing mode, then the prctl() call will cause a SIGKILL signal  to  be
       sent  to the process.  If the caller is in filter mode, and this system call is allowed by
       the seccomp filters, it returns 2; otherwise, the process is killed with a SIGKILL signal.

       This operation is available only if the kernel is configured with CONFIG_SECCOMP enabled.

RETURN VALUE

       On success, this call returns the nonnegative value described  above.   On  error,  -1  is
       returned, and errno is set to indicate the error; or the process is killed.

ERRORS

       EINVAL The kernel was not configured with CONFIG_SECCOMP.

       SIGKILL
              The caller is in strict secure computing mode.

       SIGKILL
              The  caller  is  in filter mode, and this system call is not allowed by the seccomp
              filters.

FILES

       /proc/pid/status
              Since Linux 3.8, the Seccomp field of this file provides a method of obtaining  the
              same   information,   without   the   risk   that   the   process  is  killed;  see
              proc_pid_status(5).

STANDARDS

       Linux.

HISTORY

       Linux 2.6.23.

SEE ALSO

       prctl(2), PR_SET_SECCOMP(2const), seccomp(2)