seccomp: set seccompNotifyIsSupported

avagin · gvisor-bot · commit 14c05c175fe7 · 2025-06-24T14:25:02.000-07:00
Otherwise seccomp_user_notify is never used.

PiperOrigin-RevId: 775381191
diff --git a/pkg/sentry/platform/systrap/subprocess.go b/pkg/sentry/platform/systrap/subprocess.go
@@ -187,6 +187,7 @@ func initSeccompNotify() {
 	switch errno {
 	case unix.EFAULT:
 		// seccomp unotify is supported.
+		seccompNotifyIsSupported = true
 	case unix.EINVAL:
 		log.Warningf("Seccomp user-space notification mechanism isn't " +
 			"supported by the kernel (available since Linux 5.0).")
diff --git a/pkg/sentry/platform/systrap/syscall_thread.go b/pkg/sentry/platform/systrap/syscall_thread.go
@@ -224,7 +224,6 @@ func (t *syscallThread) syscall(sysno uintptr, args ...arch.SyscallArgument) (ui
 			return 0, errDeadSubprocess
 		}
 	} else {
-
 		// Notify the syscall thread about a new syscall request.
 		atomic.AddUint32(&sentryMsg.state, 1)
 		futexWakeUint32(&sentryMsg.state)

Original file line number	Diff line number	Diff line change
`@@ -224,7 +224,6 @@ func (t *syscallThread) syscall(sysno uintptr, args ...arch.SyscallArgument) (ui`
`224`	`224`	`return 0, errDeadSubprocess`
`225`	`225`	`}`
`226`	`226`	`} else {`
`227`		`-`
`228`	`227`	`// Notify the syscall thread about a new syscall request.`
`229`	`228`	`atomic.AddUint32(&sentryMsg.state, 1)`
`230`	`229`	`futexWakeUint32(&sentryMsg.state)`