On Thu, 2024-12-05 at 22:51 +0900, Hajime Tazaki wrote: > > > > I don't understand why this behaves differently with and without > > zpoline, it seems it shouldn't need to. Anyway, still think zpoline is > > future work. > > I will remove the zpoline part. > When zpoline is used, SIGSYS signal is a sign of unexpected syscall > invocation, and raise this signal to userspace (with printing > message). >
But why? We already established that zpoline cannot translate everything, e.g. JIT code and similar. So even if you have zpoline you can just have seccomp handle the syscall as a fallback, to catch cases like that rather than failing, no? johannes
