https://bugs.winehq.org/show_bug.cgi?id=48291
--- Comment #49 from Zebediah Figura z.figura12@gmail.com --- (In reply to qsniyg from comment #48)
(In reply to Zebediah Figura from comment #47)
You proposed that the implementation of ntdll be moved to wineserver. That's a separate process; how exactly are you proposing we communicate with it? We currently do so via sockets; that's IPC and requires system calls.
If seccomp is used, ntdll uses syscalls, as (afaics) that's how windows works: https://j00ru.vexillium.org/syscalls/nt/64/ . IPC isn't used.
Okay, now I'm even more confused. As I described, this approach means we trap on every syscall, which isn't performant.
If seccomp is not used, IPC is used, and it doesn't matter that it uses linux syscalls because syscalls aren't being trapped :)
...so what do we do about the syscalls that the application makes, if we're not trapping them?