Forwarding system calls to userspace
Using Seccomp to intercept system calls and forwarding them to a handler in userspace
- Track: Containers devroom
- Room: UD2.120 (Chavanne)
- Day: Sunday
- Start: 14:40
- End: 15:00
In this talk, I will describe SECCOMPUSERNOTIF, a new seccomp return type under development to forward syscalls to another userspace daemon. This would allow container engines to transparently hook syscalls like mount or modprobe, enabling applications inside containers to use these syscalls without modification.
Speakers
Tycho Andersen |