• W
    seccomp: Add SECCOMP_RET_TRAP · bb6ea430
    Will Drewry 提交于
    Adds a new return value to seccomp filters that triggers a SIGSYS to be
    delivered with the new SYS_SECCOMP si_code.
    
    This allows in-process system call emulation, including just specifying
    an errno or cleanly dumping core, rather than just dying.
    Suggested-by: NMarkus Gutschke <markus@chromium.org>
    Suggested-by: NJulien Tinnes <jln@chromium.org>
    Signed-off-by: NWill Drewry <wad@chromium.org>
    Acked-by: NEric Paris <eparis@redhat.com>
    
    v18: - acked-by, rebase
         - don't mention secure_computing_int() anymore
    v15: - use audit_seccomp/skip
         - pad out error spacing; clean up switch (indan@nul.nu)
    v14: - n/a
    v13: - rebase on to 88ebdda6
    v12: - rebase on to linux-next
    v11: - clarify the comment (indan@nul.nu)
         - s/sigtrap/sigsys
    v10: - use SIGSYS, syscall_get_arch, updates arch/Kconfig
           note suggested-by (though original suggestion had other behaviors)
    v9:  - changes to SIGILL
    v8:  - clean up based on changes to dependent patches
    v7:  - introduction
    Signed-off-by: NJames Morris <james.l.morris@oracle.com>
    bb6ea430
Kconfig 6.7 KB