From 9f720f3c64f342840d9b1ada962605133d125621 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Tue, 19 Dec 2017 09:11:33 +0000
Subject: [PATCH] Add SECCOMP_MODE_* flags on Linux

---
 libc-test/build.rs             | 1 +
 src/unix/notbsd/android/mod.rs | 4 ++++
 src/unix/notbsd/linux/mod.rs   | 4 ++++
 3 files changed, 9 insertions(+)

diff --git a/libc-test/build.rs b/libc-test/build.rs
index 249c32ba..b1954642 100644
--- a/libc-test/build.rs
+++ b/libc-test/build.rs
@@ -250,6 +250,7 @@ fn main() {
 
     if linux || android {
         cfg.header("sys/fsuid.h");
+        cfg.header("linux/seccomp.h");
 
         // DCCP support
         if !uclibc && !musl && !emscripten {
diff --git a/src/unix/notbsd/android/mod.rs b/src/unix/notbsd/android/mod.rs
index ae07dd9c..4b35fa5c 100644
--- a/src/unix/notbsd/android/mod.rs
+++ b/src/unix/notbsd/android/mod.rs
@@ -861,6 +861,10 @@ pub const NETLINK_TX_RING: ::c_int = 7;
 pub const GRND_NONBLOCK: ::c_uint = 0x0001;
 pub const GRND_RANDOM: ::c_uint = 0x0002;
 
+pub const SECCOMP_MODE_DISABLED: ::c_uint = 0;
+pub const SECCOMP_MODE_STRICT: ::c_uint = 1;
+pub const SECCOMP_MODE_FILTER: ::c_uint = 2;
+
 pub const NLA_F_NESTED: ::c_int = 1 << 15;
 pub const NLA_F_NET_BYTEORDER: ::c_int = 1 << 14;
 pub const NLA_TYPE_MASK: ::c_int = !(NLA_F_NESTED | NLA_F_NET_BYTEORDER);
diff --git a/src/unix/notbsd/linux/mod.rs b/src/unix/notbsd/linux/mod.rs
index 8f35656c..1c4ef15f 100644
--- a/src/unix/notbsd/linux/mod.rs
+++ b/src/unix/notbsd/linux/mod.rs
@@ -1084,6 +1084,10 @@ pub const PR_CAP_AMBIENT_CLEAR_ALL: ::c_int = 4;
 pub const GRND_NONBLOCK: ::c_uint = 0x0001;
 pub const GRND_RANDOM: ::c_uint = 0x0002;
 
+pub const SECCOMP_MODE_DISABLED: ::c_uint = 0;
+pub const SECCOMP_MODE_STRICT: ::c_uint = 1;
+pub const SECCOMP_MODE_FILTER: ::c_uint = 2;
+
 pub const ITIMER_REAL: ::c_int = 0;
 pub const ITIMER_VIRTUAL: ::c_int = 1;
 pub const ITIMER_PROF: ::c_int = 2;
-- 
GitLab