From f8429b73d5d17787547bde55f6668f4d6f04d346 Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Fri, 2 Sep 2022 14:15:25 +0900
Subject: [PATCH] config-linux.md: formalize the order of seccomp.syscalls

Corresponds to the behavior of existing implementations such as runc

Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 config-linux.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/config-linux.md b/config-linux.md
index 178361f34..9b248ad50 100644
--- a/config-linux.md
+++ b/config-linux.md
@@ -759,6 +759,11 @@ The following parameters can be specified to set up seccomp:
             * `SCMP_CMP_GT`
             * `SCMP_CMP_MASKED_EQ`
 
+    Syscalls in this list are not guaranteed to be unique, and MAY appear multiple
+    times. If a syscall appears multiple times, runtimes MUST use the first match,
+    MUST ignore further occurrences. Runtimes MAY log a warning if duplicate entries
+    are present.
+
 ### Example
 
 ```json