On 01/14, Peter Zijlstra wrote:
>
> On Tue, Jan 14, 2025 at 01:32:58PM +0100, Oleg Nesterov wrote:
>
> > OK, suppose we have
> >
> > void start_SECCOMP_MODE_STRICT(void)
> > {
> > // in particular nacks __NR_uretprobe
> > seccomp(SECCOMP_MODE_STRICT, ...);
> > }
> >
> > and we want to add uretprobe to this function.
> >
> > In this case prepare_uretprobe() can't know that sys_uretprobe() won't
> > work when this function returns?
>
> Indeed. But any further probes placed after seccomp() would be able to,
> and installing trampolines for them would be a waste, no?
But the probed task will crash when it returns from
start_SECCOMP_MODE_STRICT() above.
Even if, due to seccomp filtering, sys_uretprobe() doesn't kill the task
(I missed the fact it can) but just returns ENOSYS/whatever.
Oleg.
