From 0d724ab4f4b2611f5d93525ef8ef4f1c6d91334d Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Mon, 2 Nov 2020 16:48:02 +0100
Subject: [PATCH] seccomp: log aborted system calls

Suggested-by: Jann Horn <jann@thejh.net>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/seccomp.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index e303561bf..ba6811d90 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -1390,7 +1390,10 @@ int seccomp_notify_handler(int fd, uint32_t events, void *data,
 	memset(req, 0, conf->seccomp.notifier.sizes.seccomp_notif);
 	ret = seccomp_notify_receive(fd, req);
 	if (ret) {
-		SYSERROR("Failed to read seccomp notification");
+		if (errno == ENOENT)
+			TRACE("Intercepted system call aborted");
+		else
+			SYSERROR("Failed to read seccomp notification");
 		goto out;
 	}
 
-- 
2.47.2