Linux includes a syscall filter since a long time.
It was restricted to a pre-defined set of syscalls.
Since some versions Linux got a more generic filter.
Linux can use a BPF-filter to define actions for syscalls.
This allows a fine granular specification on which syscalls to act.
Also it supports different outcomes assigned to the filter.
This filter can be used to filter out sync operations.
Debian already got a tool to do this called eatmydata
It is pretty limited as it uses a shared library to drop the library functions.
It needs to be available at all times, or it will not do anything.
I wrote a small tool that asks the kernel to filter out sync operations for all children.
It sets a filter with all currently supported sync-like operations and makes them return success.
However it can't filter the O_SYNC
-flag from the open
so it just makes it return an error.
It executes the command given on the command-line after that.
This is just a proof of concept, but lets see.
* Copyright (C) 2013 Bastian Blank <firstname.lastname@example.org>
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
* 1. Redistributions of source code must retain the above copyright notice, this
* list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#define _GNU_SOURCE 1
#define filter_rule_add(action, syscall, count, ...) \
if (seccomp_rule_add(filter, action, syscall, count, ##__VA_ARGS__)) abort();
static int filter_init(void)
if (!(filter = seccomp_init(SCMP_ACT_ALLOW))) abort();
if (seccomp_attr_set(filter, SCMP_FLTATR_CTL_NNP, 1)) abort();
filter_rule_add(SCMP_ACT_ERRNO(EINVAL), SCMP_SYS(open), 1, SCMP_A1(SCMP_CMP_MASKED_EQ, O_SYNC, O_SYNC));
filter_rule_add(SCMP_ACT_ERRNO(0), SCMP_SYS(fsync), 0);
filter_rule_add(SCMP_ACT_ERRNO(0), SCMP_SYS(fdatasync), 0);
filter_rule_add(SCMP_ACT_ERRNO(0), SCMP_SYS(msync), 0);
filter_rule_add(SCMP_ACT_ERRNO(0), SCMP_SYS(sync), 0);
filter_rule_add(SCMP_ACT_ERRNO(0), SCMP_SYS(syncfs), 0);
filter_rule_add(SCMP_ACT_ERRNO(0), SCMP_SYS(sync_file_range), 0);
int main(__attribute__((unused)) int argc, char *argv)
if (argc <= 1)
fprintf(stderr, "usage: %s COMMAND [ARG]...\n", argv);
fprintf(stderr, "%s: can't initialize seccomp filter\n", argv);
if (errno == ENOENT)
fprintf(stderr, "%s: command not found: %s\n", argv, argv);
fprintf(stderr, "%s: failed to execute: %s: %s\n", argv, argv, strerror(errno));