diff options
| -rw-r--r-- | lib/chaseccomp/README.md | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/chaseccomp/README.md b/lib/chaseccomp/README.md index d04704d9..5f9d342e 100644 --- a/lib/chaseccomp/README.md +++ b/lib/chaseccomp/README.md @@ -24,6 +24,9 @@ ifdef. This lets us use the same filters for all platforms - if it doesn't support a syscall, its "allow" rule just doesn't get compiled in. +Ideally, the filter should be constructed by sorting the syscalls in +order of usage frequency and then checking each syscall with ifeqdef. + Also note, the following statement is prepended to every filter, with an automatically determined audit arch nr: @@ -32,9 +35,6 @@ load arch ifne {audit arch nr of computer} deny ``` -Ideally, the filter should be constructed by sorting the syscalls in -order of usage frequency and then checking each syscall with ifeqdef. - The assembler runs in three steps: * gen_defs generates a C file from `$<.chasc` (and any chasc file it |