问题
Why does a process that has gone into seccomp mode always get killed on exit?
$ cat simple.c
#include <stdio.h>
#include <stdlib.h>
#include <linux/prctl.h>
int main( int argc, char **argv )
{
printf("Starting\n");
prctl(PR_SET_SECCOMP, 1);
printf("Running\n");
exit(0);
}
$ cc -o simple simple.c
$ ./simple || echo "Returned $?"
Starting
Running
Killed
Returned 137
回答1:
From the man page, under PR_SET_SECCOMP, the only allowed system calls are read, write, exit, and sigreturn.
When you call exit(0) in the standard library (in recent Linux), you call the exit_group system call, not exit. This is not allowed, so you get a SIGKILL.
(You can see this if you strace the process...)
来源:https://stackoverflow.com/questions/10114583/why-does-a-seccomp-process-always-get-killed