Entries on /var/log/messages showing gsch interrupted hooking are normal logging for gsch. It does not mean it is cancelling/interrupting any process. Below is a sample log snippet:
The gsch kernel module is a trap where all process will enter gsch hooks then wait when they invoke system calls. When those waiting processes get any SIGNAL, interruption from kernel happens.
For instance, when you launch an executable and wait for malware scan, initiating "Ctrl + C" command will trigger a signal and will interrupt the executable.
Below is the operation of gsch in this scenario:
- interrupted & wait (timeout=1000)
The waiting process get signals, interrupted. Do a wait with timeout again.
- interrupted & wait: done
Got a result from DSA, the second wait is done.