Open m1m1k4tz opened 10 months ago
ipr
commented
9 months ago seccomp changes are already in the kernel. syscalls are different from normal function calls in that they cause interrupt that is trapped by kernel to handle switch from userspace to kernelspace. emulating it in userspace would mean modifying executable code so that interrupt is not taken and that would trip some integrity checks. so it is less desirable than having the (already existing) support in-kernel.
ipr
commented
9 months ago See description of this patch from 2020: https://lore.kernel.org/lkml/50a9e680-6be1-ff50-5c82-1bf54c7484a9@gmail.com/T/
Performance is also important factor.
m1m1k4tz
commented
9 months ago Performance is also important factor.
With all due respect, the title of the video is “Efficent syscall emulation on Linux”
ipr
commented
9 months ago Performance is also important factor.
With all due respect, the title of the video is “Efficent syscall emulation on Linux”
"fast" or "efficient" are not absolute values, they are always in comparison to something.
Either way, looks like kernel has merged this (in 6.4 I think): https://www.kernel.org/doc/html/latest/admin-guide/syscall-user-dispatch.html
Feature Request
I confirm:
Description
I think it would be useful to use syscall emulation to try and support kernel level anticheats in Linux there’s already work being done by collabora but I’m not sure if it’s ready yet
https://youtube.com/watch?v=B35XhcmBDDI
Justification [optional]
There is a syscall emulation patch in wine staging but it’s not merged yet and I haven’t tested if it works
Risks [optional]
References [optional]