https://bugs.winehq.org/show_bug.cgi?id=48291
--- Comment #43 from qsniyg qsniyg@mail.com --- (In reply to Zebediah Figura from comment #42)
Partly as stated above
Ah my apologies, for some reason I forgot to ctrl+f before asking haha
Solving this in a non-generic fashion isn't pretty and probably isn't sustainable either; solving it in a generic fashion would mean trapping *every* syscall before using heuristics to determine whose it is, which is of course a big performance problem. The fact that seccomp can't be removed once applied rules out the approach of turning it off whenever we exit PE code, and even if we could that would require a syscall at every transition.
Right, for some reason it eluded me that seccomp would also affect wine's syscalls haha. Turning it off and on would also likely incur a performance cost as well.
I guess an experiment could be to replace all IPC with syscalls (possibly through an inline function or macro, so as to allow an IPC fallback without a ton of #ifdefs), so the PE'd process would never actually run any posix functions. It would be interesting to see what the performance implications are.
Obviously quite a few components of wine would have to be rewritten to allow for this (shell32 comes to mind).
If I have time, I'll try taking a crack at this myself, but I think this will have to be more than just a one person job, as quite a lot of code would have to be rewritten for this.