Hi, I've been toying with the seccomp vs syscall return value problems, and wonder if something like this approach could give us a simpler alternative. Basically all the core code uses -errno return value, then we convert it to the powerpc convention at the last minute when returning.
This seems to pass the seccomp_bpf test cases when applied with the set syscall info ptrace patches https://lore.kernel.org/lkml/20250113171054.ga...@strace.io/ With patch 1 of that series reverted. One concern is working out exact details of what tracers can see and trying to ensure it doesn't break some corner case. This could possibly be done for the other weird archs too, if it works out for powerpc Thanks, Nick Nicholas Piggin (2): powerpc/signal: Clean up pt_regs access powerpc/syscall: rework syscall return value handling arch/powerpc/include/asm/ptrace.h | 13 +--- arch/powerpc/include/asm/syscall.h | 31 +-------- arch/powerpc/kernel/interrupt.c | 16 +++-- arch/powerpc/kernel/signal.c | 67 ++++++++++--------- arch/powerpc/kernel/signal_64.c | 5 +- tools/testing/selftests/seccomp/seccomp_bpf.c | 16 +++++ 6 files changed, 69 insertions(+), 79 deletions(-) -- 2.47.1
