Dan, On Mon, May 22, 2017 at 12:39 AM, Dan Kaminsky <d...@whiteops.com> wrote: > The thinking is we'd add another SECCOMP_RET type, such that UML didn't need > to depend on ptrace. Ptrace isn't the fastest mechanism, and beyond that, > if we can avoid it it's a lot easier to syscall firewall UML as a whole (and > freeze/restore it with CRIU).
Beside of PTRACE_SYSEMU UML also needs ptrace() for ton of other things, i.e. register read/restore or copy_from/to_user(). So, we won't get rid of ptrace() completely. I'm not sure whether switching from PTRACE_SYSEMU to seccomp will speed things up. Do you have some numbers? -- Thanks, //richard ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ User-mode-linux-user mailing list User-mode-linux-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user