Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
bpf: don't catch the -1 syscall in the x32/x86_64 check
The -1 syscall can be used by a tracing process to skip a syscall, which up until Linux v4.8 was of no concern for libseccomp since the seccomp filter was only executed at the start of the syscall and not after the tracing process was notified, however recent kernels also execute the seccomp filter after the tracing process finishes its syscall handling; this caused problems on x86_64 systems that didn't explicitly add an x32 architecture to their filters. This patch fixes the x32 check to treat the -1 syscall like any other syscall. Signed-off-by: Paul Moore <paul@paul-moore.com>
- Loading branch information