Nikolay Marchuk's GSoC status report - #8 of 13
Eugene Syromiatnikov
esyr at redhat.com
Tue Jul 25 12:05:25 UTC 2017
On Tue, Jul 25, 2017 at 06:26:06PM +0700, Nikolay Marchuk wrote:
> Hello, strace community!
>
> Project: Advanced syscall filtering syntax.
>
>
> Accomplishments: this week I've been working on improvements of fd
> filtering. Unfortunately, I haven't found good solution for the issue
> with negative fds, but I've found and fixed other issues of fd
> filtering. In my opinion, the only solution for the issue with negative
> fds is to rewrite number_set, because bitsets are not suitable for
> storing negative numbers, but I want to collect feedback on this solution.
Thinking of this, I'd prefer seeing some B*-tree/trie based approach for
storing these masks (looks like only 3 levels needed in order to store
32-bit mask and 6 for 64-bit mask), which then can also be used for filtering
*ctl commands in the future, but I think that the negative fd issue is
not that critical anyway (as fds are unsigned in kernel and checked against
rlimit which can't be greater than INT_MAX, the case of filtering for
negative fds is pretty exotic).
More information about the Strace-devel
mailing list