Reword mismatch_action description

Claiming that `mismatch_action` is used for syscalls that do not match
*any rules* is incorrect. A syscall number mapped to an empty `Vec` is
considered to match the filter and therefore uses the `match_action`
instead, despite not matching any rules (because no rules even exist).

Signed-off-by: Christopher Head <[email protected]>

Author: Hawk777

src/backend/filter.rs

@@ -26,7 +26,7 @@ impl SeccompFilter {
     /// # Arguments
     ///
     /// * `rules` - Map containing syscall numbers and their respective [`SeccompRule`]s.
-    /// * `mismatch_action` - [`SeccompAction`] taken for all syscalls that do not match any rule.
+    /// * `mismatch_action` - [`SeccompAction`] taken for all syscalls that do not match the filter.
     /// * `match_action` - [`SeccompAction`] taken for system calls that match the filter.
     /// * `target_arch` - Target architecture of the generated BPF filter.
     ///