seccomp: don't commit to an api just yet

I'm not sure that I want to be married (to this layout) just yet.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

diff --git a/src/lxc/lxccontainer.h b/src/lxc/lxccontainer.h
index e2e788993d580d7b41867a7915fb5e949794094e..c367af81af50c3b6111ecabf891e4790586c7729 100644 (file)
--- a/src/lxc/lxccontainer.h
+++ b/src/lxc/lxccontainer.h
@@ -31,11 +31,6 @@
 
 #include <lxc/attach_options.h>
 
-#ifdef SCMP_ACT_USER_NOTIF
-#include <linux/seccomp.h>
-#include <seccomp.h>
-#endif
-
 #ifdef  __cplusplus
 extern "C" {
 #endif
@@ -70,16 +65,6 @@ enum {
        LXC_SECCOMP_NOTIFY_MAX,
 };
 
-#ifdef SCMP_ACT_USER_NOTIF
-struct seccomp_notify_proxy_msg {
-       uint32_t version;
-       struct seccomp_notif req;
-       struct seccomp_notif_resp resp;
-       pid_t monitor_pid;
-       pid_t init_pid;
-};
-#endif
-
 /*!
  * An LXC container.
  *

diff --git a/src/lxc/lxcseccomp.h b/src/lxc/lxcseccomp.h
index afb3e73527d8a9de317ee679a217ab3ad07d0814..97394dfef1e251a96ffb56fa56cac5bf967df374 100644 (file)
--- a/src/lxc/lxcseccomp.h
+++ b/src/lxc/lxcseccomp.h
@@ -47,7 +47,17 @@ struct lxc_handler;
 
 #ifdef HAVE_SECCOMP
 
+
 #if HAVE_DECL_SECCOMP_NOTIF_GET_FD
+
+struct seccomp_notify_proxy_msg {
+       uint32_t version;
+       struct seccomp_notif req;
+       struct seccomp_notif_resp resp;
+       pid_t monitor_pid;
+       pid_t init_pid;
+} __attribute__((packed, aligned(8)));
+
 struct seccomp_notify {
        bool wants_supervision;
        int notify_fd;