On Fri, Sep 25, 2020 at 4:07 PM Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote: > We'd need at least three states per syscall: unknown, always-allow, > and need-to-run-filter. > > The downsides are less determinism and a bit of an uglier > implementation. The upside is that we don't need to loop over all > syscalls at load -- instead the time that each operation takes is > independent of the total number of syscalls on the system. And we can > entirely avoid, say, evaluating the x32 case until the task tries an > x32 syscall. I was really afraid of multiple tasks writing to the bitmaps at once, hence I used bitmap-per-task. Now I think about it, if this stays lockless, the worst thing that can happen is that a write undo a bit set by another task. In this case, if the "known" bit is cleared then the worst would be the emulation is run many times. But if the "always allow" is cleared but not "known" bit then we have an issue: the syscall will always be executed in BPF. Is it worth holding a spinlock here? Though I'll try to get the benchmark numbers for the emulator later tonight. YiFei Zhu