Hi Michael! On 7/27/20 6:19 AM, Michael Schmitz wrote:
m68k (other than Coldfire) uses syscall_trace for both trace entry and trace exit. Seccomp support requires separate entry points for trace entry and exit which are already provided for Coldfire. Replace syscall_trace by syscall_trace_enter and syscall_trace_leave in preparation for seccomp support. Check return code of syscall_trace_enter(), and skip syscall if nonzero. Return code will be left at what had been set by by ptrace or seccomp.
Correct me if I'm wrong, but shouldn't the skip happen when the return code is -1? At least that's what we're doing on SuperH and that seems to be what other architectures are doing as well. Also, shouldn't that part of the change not be part of the patch that adds support for SECCOMP filter like in [1]? I don't think it makes sense to add the return code check unless the rest of SECCOMP filter has been implemented. Adrian
[1] https://github.com/glaubitz/linux/commit/2fa1e7b9ba5150bc12adaddc017d5a6b79f363e7
-- .''`. John Paul Adrian Glaubitz : :' : Debian Developer - glaubitz@xxxxxxxxxx `. `' Freie Universitaet Berlin - glaubitz@xxxxxxxxxxxxxxxxxxx `- GPG: 62FF 8A75 84E0 2956 9546 0006 7426 3B37 F5B5 F913
