Hello,
Currently I am developing a "syscall monitoring program using libseccomp".
When a new syscall found, libseccomp generates SIGTRAP syscall. It is
possible to identify the new syscall using the signal-handler given in the
example (http://outflux.net/teach-seccomp). I am trying to figure out a
method to pause the execution of the process until the user makes his
decision to allow/deny the new syscall. If user allows the execution, the
execution of the process needs to be resumed. Will it be possible to resume
the process from where it was trapped due to the SIGTRAP syscall? According
to my knowledge, when a SIGTRAP signal is generated, the process will be
terminated with a core dump. and the stack will be flushed.
Please kindly suggest me a solution to overcome the above issue. Further I
would highly appreciate if you can direct me to a good C programing
resource material so that I can program the above task correctly.
Thank you.
Kind regards,
Kushan Sharma.
------------------------------------------------------------------------------
How fast is your code?
3 out of 4 devs don\\\'t know how their code performs in production.
Find out how slow your code is with AppDynamics Lite.
http://ad.doubleclick.net/clk;262219672;13503038;z?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html
_______________________________________________
libseccomp-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libseccomp-discuss
