I actually tested this with a proof of concept. Trapping with seccomp/SIGSYS adds only ~0.75µs of overhead to every syscall.
-
-
-
Seems hard to believe. How fast is your box? 750ns does not sound plausible for the round-trips needed.
- 6 more replies
New conversation -
-
-
What is the intended usecase here? On a tangent, Landlock LSM support is building up and its better to gear towards that for sec stuff
-
M:N scheduling (a la Windows User Mode Scheduling) on Linux in a way that doesn’t break everything.
- 1 more reply
New conversation -
-
-
I guess I need to finish that Rust library I started the other week to more or less reimplement Chromium's seccomp-bpf compiler.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.