Changes

In this example, you could have a filter that validates that the syscall is for the correct architecture (rather than trying to use invoke an OS -emulation feature or 32/64-bit translation, where the syscall numbers could have different meanings), then check the syscall number against each entry on a whitelist and allow the call if it matches, and finally kill the process if it didn't match any whitelist entry. === Complex filters === The BPF language doesn't allow loops (branches can only skip instructions, not jump back), but more complex computations than a simple whitelist check are possible. For example, the Chromium codebase contains modules that translate a more abstract representation of filter predicates (ErrorCode) into a basic block graph and then into a linear sequence of BPF instructions (CodeGen); this includes constructing a binary search tree to dispatch on the system call number in O(log n) time. It is also possible to implement a "warn-only" mode by having the filter program check the instruction pointer (program counter) and allow all syscalls where the machine instruction that performed the call is at a specific address. This way, if a syscall would have been rejected, it instead raises SIGSYS and the signal handler logs the syscall before re-issuing it by jumping to the always-allowed syscall gate. This offers basically no security, as an attacker who compromises the process could issue arbitrary syscalls by jumping to that location, but it can simplify testing and developing a sandbox policy.