From f73adb35fbbd164c2bfc975dc4a8b7e8292f4e37 Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Wed, 12 Jun 2019 13:42:25 +0200
Subject: [PATCH] seccomp: do not set SECCOMP_FILTER_FLAG_NEW_LISTENER

Do not set SECCOMP_FILTER_FLAG_NEW_LISTENER as seccomp attribute.
Prior to libseccomp merging support for SECCOMP_RET_USER_NOTIF there was a
libseccomp specific attribute that needed to be set before
SECCOMP_RET_USER_NOTIF could be used. This has been removed.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/seccomp.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/lxc/seccomp.c b/src/lxc/seccomp.c
index d49596fdf..1e688a451 100644
--- a/src/lxc/seccomp.c
+++ b/src/lxc/seccomp.c
@@ -944,11 +944,6 @@ static int parse_config_v2(FILE *f, char *line, size_t *line_bufsz, struct lxc_c
 #if HAVE_DECL_SECCOMP_NOTIFY_FD
 		if ((rule.action == SCMP_ACT_NOTIFY) &&
 		    !conf->seccomp.notifier.wants_supervision) {
-			ret = seccomp_attr_set(conf->seccomp.seccomp_ctx,
-					       SECCOMP_FILTER_FLAG_NEW_LISTENER, 1);
-			if (ret)
-				goto bad_rule;
-
 			conf->seccomp.notifier.wants_supervision = true;
 			TRACE("Set SECCOMP_FILTER_FLAG_NEW_LISTENER attribute");
 		}
-- 
2.47.2