[Request] Add example for SECCOMP_GET_ACTION_AVAIL

[mrcnski]

ISSUE

Overview

Hello, I'm writing concerning the following quote from the docs:

Before installing a filter, make sure that the current kernel version supports the actions of the filter. This can be checked by inspecting the output of: cat /proc/sys/kernel/seccomp/actions_avail or by calling the seccomp(SECCOMP_GET_ACTION_AVAIL) syscall.

Are there any examples of using the second method in practice (seccomp(SECCOMP_GET_ACTION_AVAIL) syscall)? It seems like seccompiler does not expose any way to do this (would be nice if it did but maybe out of scope?), so it seems like I have to either:

1. stitch different libraries together, one for making syscalls, and libc to get SECCOMP_GET_ACTION_AVAIL, or
2. write the low-level code manually

If you know of any code that already does this it would save me time, and it could be a useful addition to the docs. :)

[alindima]

Just to clarify, it should be a matter of calling libc::syscall with the right parameters and a tiny bit of unsafe code.

Also, for general usage of seccompiler on modern kernels, getting the available actions shouldn't be a concern, unless the application is using some more recently-added variant, like SECCOMP_RET_USER_NOTIF.

This could be nevertheless a quality of life wrapper to have in seccompiler, but not super important either