xlat: update SECCOMP_* constants

* xlat/seccomp_ops.in (SECCOMP_GET_NOTIF_SIZES): New constant introduced by Linux kernel commit v5.0-rc1~66^2~1^2~1. * xlat/seccomp_ret_action.in (SECCOMP_RET_USER_NOTIF): Likewise. * xlat/seccomp_filter_flags.in (SECCOMP_FILTER_FLAG_NEW_LISTENER): Likewise. * NEWS: Mention this. * tests/seccomp-filter.c (main): Update expected output. * tests/seccomp-filter-v.c (main): Likewise. * tests/seccomp_get_action_avail.c (main): Check SECCOMP_RET_USER_NOTIF.
2019-01-05 21:14:42 +00:00 · 2019-01-05 21:14:42 +00:00 · be27e07c97
commit be27e07c97
parent 48f74df7d3
7 changed files with 13 additions and 5 deletions
--- a/2
+++ b/2
@ -3,7 +3,7 @@ Noteworthy changes in release ?.?? (????-??-??)

 * Improvements
  * Updated lists of BPF_*, BTRFS_*, KERN_*, KVM_CAP_*, NDA_*, NT_*, PR_*,
-    V4L2_*, and *_MAGIC constants.
+    SECCOMP_*, V4L2_*, and *_MAGIC constants.

 * Bug fixes
  * Fixed strace-k test on alpha.
--- a/tests/seccomp-filter-v.c
+++ b/tests/seccomp-filter-v.c
@ -117,7 +117,8 @@ main(void)
 	prog->len = BPF_MAXINSNS + 1;
 	tprintf("seccomp(SECCOMP_SET_MODE_FILTER, %s, {len=%u, filter=[",
 		"SECCOMP_FILTER_FLAG_TSYNC|SECCOMP_FILTER_FLAG_LOG|"
-		"SECCOMP_FILTER_FLAG_SPEC_ALLOW|0xfffffff8",
+		"SECCOMP_FILTER_FLAG_SPEC_ALLOW|"
+		"SECCOMP_FILTER_FLAG_NEW_LISTENER|0xfffffff0",
 		prog->len);
 	for (i = 0; i < BPF_MAXINSNS; ++i) {
 		if (i)
--- a/tests/seccomp-filter.c
+++ b/tests/seccomp-filter.c
@ -37,12 +37,13 @@ main(void)
 	printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, {len=%u, filter=%p})"
 	       " = %ld %s (%m)\n",
 	       "SECCOMP_FILTER_FLAG_TSYNC|SECCOMP_FILTER_FLAG_LOG|"
-	       "SECCOMP_FILTER_FLAG_SPEC_ALLOW|0xfffffff8",
+	       "SECCOMP_FILTER_FLAG_SPEC_ALLOW|"
+	       "SECCOMP_FILTER_FLAG_NEW_LISTENER|0xfffffff0",
 	       prog->len, prog->filter, rc, errno2name());

-	rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -8L, efault);
+	rc = syscall(__NR_seccomp, SECCOMP_SET_MODE_FILTER, -16L, efault);
 	printf("seccomp(SECCOMP_SET_MODE_FILTER, %s, %p) = %ld %s (%m)\n",
-	       "0xfffffff8 /* SECCOMP_FILTER_FLAG_??? */",
+	       "0xfffffff0 /* SECCOMP_FILTER_FLAG_??? */",
 	       efault, rc, errno2name());

 	puts("+++ exited with 0 +++");
--- a/tests/seccomp_get_action_avail.c
+++ b/tests/seccomp_get_action_avail.c
@ -58,6 +58,9 @@ main(void)
 # ifdef SECCOMP_RET_ERRNO
 		{ ARG_STR(SECCOMP_RET_ERRNO) },
 # endif
+# ifdef SECCOMP_RET_USER_NOTIF
+		{ ARG_STR(SECCOMP_RET_USER_NOTIF) },
+# endif
 # ifdef SECCOMP_RET_TRACE
 		{ ARG_STR(SECCOMP_RET_TRACE) },
 # endif
--- a/xlat/seccomp_filter_flags.in
+++ b/xlat/seccomp_filter_flags.in
@ -1,3 +1,4 @@
 SECCOMP_FILTER_FLAG_TSYNC 1
 SECCOMP_FILTER_FLAG_LOG 2
 SECCOMP_FILTER_FLAG_SPEC_ALLOW 4
+SECCOMP_FILTER_FLAG_NEW_LISTENER 8
--- a/xlat/seccomp_ops.in
+++ b/xlat/seccomp_ops.in
@ -1,3 +1,4 @@
 SECCOMP_SET_MODE_STRICT 0
 SECCOMP_SET_MODE_FILTER 1
 SECCOMP_GET_ACTION_AVAIL 2
+SECCOMP_GET_NOTIF_SIZES 3
--- a/xlat/seccomp_ret_action.in
+++ b/xlat/seccomp_ret_action.in
@ -2,6 +2,7 @@ SECCOMP_RET_KILL_PROCESS 0x80000000U
 SECCOMP_RET_KILL_THREAD	0
 SECCOMP_RET_TRAP	0x00030000U
 SECCOMP_RET_ERRNO	0x00050000U
+SECCOMP_RET_USER_NOTIF	0x7fc00000U
 SECCOMP_RET_TRACE	0x7ff00000U
 SECCOMP_RET_LOG		0x7ffc0000U
 SECCOMP_RET_ALLOW	0x7fff0000U