Re: Crash when attaching uretprobes to processes running in Docker
From: Alexei Starovoitov
Date: Wed Jan 15 2025 - 12:56:35 EST
On Wed, Jan 15, 2025 at 7:06 AM Oleg Nesterov <oleg@xxxxxxxxxx> wrote:
>
> Or we can change __secure_computing() to do nothing if
> this_syscall == __NR_uretprobe.
I think that's the best way forward.
seccomp already allowlists sigreturn syscall.
uretprobe syscall is in the same category.
See __secure_computing_strict.