From 439d7b14af89ad3af89add849b6505f4e672b5af Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 28 Oct 2019 16:54:23 +0100
Subject: sys/linux: add SECCOMP_FILTER_FLAG_NEW_LISTENER support

---
 executor/defs.h                 | 10 +++---
 executor/syscalls.h             | 35 +++++++++++++++---
 sys/linux/gen/386.go            | 19 +++++++---
 sys/linux/gen/amd64.go          | 80 ++++++++++++++++++++++++++++++++++++++---
 sys/linux/gen/arm.go            | 19 +++++++---
 sys/linux/gen/arm64.go          | 80 ++++++++++++++++++++++++++++++++++++++---
 sys/linux/gen/ppc64le.go        | 80 ++++++++++++++++++++++++++++++++++++++---
 sys/linux/seccomp.txt           | 51 ++++++++++++++++++++++++++
 sys/linux/seccomp_amd64.const   | 16 +++++++++
 sys/linux/seccomp_arm64.const   | 16 +++++++++
 sys/linux/seccomp_ppc64le.const | 16 +++++++++
 sys/linux/sys.txt               |  5 +--
 sys/linux/sys_amd64.const       |  4 ---
 sys/linux/sys_arm64.const       |  4 ---
 sys/linux/sys_ppc64le.const     |  4 ---
 15 files changed, 390 insertions(+), 49 deletions(-)
 create mode 100644 sys/linux/seccomp.txt
 create mode 100644 sys/linux/seccomp_amd64.const
 create mode 100644 sys/linux/seccomp_arm64.const
 create mode 100644 sys/linux/seccomp_ppc64le.const

diff --git a/executor/defs.h b/executor/defs.h
index 32bc694ff..c4d076c85 100644
--- a/executor/defs.h
+++ b/executor/defs.h
@@ -70,7 +70,7 @@
 
 #if GOARCH_386
 #define GOARCH "386"
-#define SYZ_REVISION "b3cf0344785b05724212f0df9042f7bdbd6a78f4"
+#define SYZ_REVISION "b994f3a3d4976dc509587db3a0db64d472a5885e"
 #define SYZ_EXECUTOR_USES_FORK_SERVER 1
 #define SYZ_EXECUTOR_USES_SHMEM 1
 #define SYZ_PAGE_SIZE 4096
@@ -80,7 +80,7 @@
 
 #if GOARCH_amd64
 #define GOARCH "amd64"
-#define SYZ_REVISION "5b7f39fb9e131a82f4df7ed9c65dba8ed0b44fe4"
+#define SYZ_REVISION "10c17bbc2fdd889784093edb7730a8c2fd622f80"
 #define SYZ_EXECUTOR_USES_FORK_SERVER 1
 #define SYZ_EXECUTOR_USES_SHMEM 1
 #define SYZ_PAGE_SIZE 4096
@@ -90,7 +90,7 @@
 
 #if GOARCH_arm
 #define GOARCH "arm"
-#define SYZ_REVISION "c92ceb42033e27c47e6b213d90160284985c1cd6"
+#define SYZ_REVISION "05280f810f6a4dc1aef80e2ee1f67f4a08b39ecd"
 #define SYZ_EXECUTOR_USES_FORK_SERVER 1
 #define SYZ_EXECUTOR_USES_SHMEM 1
 #define SYZ_PAGE_SIZE 4096
@@ -100,7 +100,7 @@
 
 #if GOARCH_arm64
 #define GOARCH "arm64"
-#define SYZ_REVISION "a48a66ee52bdf905e9e2898210508268f1cbf061"
+#define SYZ_REVISION "290f57776c4145e8ec114a3a0ec499a905c41720"
 #define SYZ_EXECUTOR_USES_FORK_SERVER 1
 #define SYZ_EXECUTOR_USES_SHMEM 1
 #define SYZ_PAGE_SIZE 4096
@@ -110,7 +110,7 @@
 
 #if GOARCH_ppc64le
 #define GOARCH "ppc64le"
-#define SYZ_REVISION "dcc8af59c5ba27d0adb5ebdfee14e7b7b7541809"
+#define SYZ_REVISION "b58c16a2d4747e7cb622c547e0c726dcb9a6df7a"
 #define SYZ_EXECUTOR_USES_FORK_SERVER 1
 #define SYZ_EXECUTOR_USES_SHMEM 1
 #define SYZ_PAGE_SIZE 4096
diff --git a/executor/syscalls.h b/executor/syscalls.h
index 09c9b84a3..db97a1e1e 100644
--- a/executor/syscalls.h
+++ b/executor/syscalls.h
@@ -3999,7 +3999,9 @@ const call_t syscalls[] = {
     {"sched_setparam", 154},
     {"sched_setscheduler", 156},
     {"sched_yield", 158},
-    {"seccomp", 354},
+    {"seccomp$SECCOMP_SET_MODE_FILTER", 354},
+    {"seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", 354},
+    {"seccomp$SECCOMP_SET_MODE_STRICT", 354},
     {"select", 82},
     {"semctl$GETALL", 394},
     {"semctl$GETNCNT", 394},
@@ -5905,6 +5907,9 @@ const call_t syscalls[] = {
     {"ioctl$SCSI_IOCTL_STOP_UNIT", 16},
     {"ioctl$SCSI_IOCTL_SYNC", 16},
     {"ioctl$SCSI_IOCTL_TEST_UNIT_READY", 16},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID", 16},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_RECV", 16},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_SEND", 16},
     {"ioctl$SG_EMULATED_HOST", 16},
     {"ioctl$SG_GET_ACCESS_COUNT", 16},
     {"ioctl$SG_GET_COMMAND_Q", 16},
@@ -6822,7 +6827,11 @@ const call_t syscalls[] = {
     {"sched_setparam", 142},
     {"sched_setscheduler", 144},
     {"sched_yield", 24},
-    {"seccomp", 317},
+    {"seccomp$SECCOMP_GET_ACTION_AVAIL", 317},
+    {"seccomp$SECCOMP_GET_NOTIF_SIZES", 317},
+    {"seccomp$SECCOMP_SET_MODE_FILTER", 317},
+    {"seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", 317},
+    {"seccomp$SECCOMP_SET_MODE_STRICT", 317},
     {"select", 23},
     {"semctl$GETALL", 66},
     {"semctl$GETNCNT", 66},
@@ -9600,7 +9609,9 @@ const call_t syscalls[] = {
     {"sched_setparam", 154},
     {"sched_setscheduler", 156},
     {"sched_yield", 158},
-    {"seccomp", 383},
+    {"seccomp$SECCOMP_SET_MODE_FILTER", 383},
+    {"seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", 383},
+    {"seccomp$SECCOMP_SET_MODE_STRICT", 383},
     {"semctl$GETALL", 300},
     {"semctl$GETNCNT", 300},
     {"semctl$GETPID", 300},
@@ -11459,6 +11470,9 @@ const call_t syscalls[] = {
     {"ioctl$SCSI_IOCTL_STOP_UNIT", 29},
     {"ioctl$SCSI_IOCTL_SYNC", 29},
     {"ioctl$SCSI_IOCTL_TEST_UNIT_READY", 29},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID", 29},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_RECV", 29},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_SEND", 29},
     {"ioctl$SG_EMULATED_HOST", 29},
     {"ioctl$SG_GET_ACCESS_COUNT", 29},
     {"ioctl$SG_GET_COMMAND_Q", 29},
@@ -12356,7 +12370,11 @@ const call_t syscalls[] = {
     {"sched_setparam", 118},
     {"sched_setscheduler", 119},
     {"sched_yield", 124},
-    {"seccomp", 277},
+    {"seccomp$SECCOMP_GET_ACTION_AVAIL", 277},
+    {"seccomp$SECCOMP_GET_NOTIF_SIZES", 277},
+    {"seccomp$SECCOMP_SET_MODE_FILTER", 277},
+    {"seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", 277},
+    {"seccomp$SECCOMP_SET_MODE_STRICT", 277},
     {"semctl$GETALL", 191},
     {"semctl$GETNCNT", 191},
     {"semctl$GETPID", 191},
@@ -14213,6 +14231,9 @@ const call_t syscalls[] = {
     {"ioctl$SCSI_IOCTL_STOP_UNIT", 54},
     {"ioctl$SCSI_IOCTL_SYNC", 54},
     {"ioctl$SCSI_IOCTL_TEST_UNIT_READY", 54},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID", 54},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_RECV", 54},
+    {"ioctl$SECCOMP_IOCTL_NOTIF_SEND", 54},
     {"ioctl$SG_EMULATED_HOST", 54},
     {"ioctl$SG_GET_ACCESS_COUNT", 54},
     {"ioctl$SG_GET_COMMAND_Q", 54},
@@ -15119,7 +15140,11 @@ const call_t syscalls[] = {
     {"sched_setparam", 154},
     {"sched_setscheduler", 156},
     {"sched_yield", 158},
-    {"seccomp", 358},
+    {"seccomp$SECCOMP_GET_ACTION_AVAIL", 358},
+    {"seccomp$SECCOMP_GET_NOTIF_SIZES", 358},
+    {"seccomp$SECCOMP_SET_MODE_FILTER", 358},
+    {"seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", 358},
+    {"seccomp$SECCOMP_SET_MODE_STRICT", 358},
     {"select", 82},
     {"semctl$GETALL", 394},
     {"semctl$GETNCNT", 394},
diff --git a/sys/linux/gen/386.go b/sys/linux/gen/386.go
index 2bcb6b17b..6e821289c 100644
--- a/sys/linux/gen/386.go
+++ b/sys/linux/gen/386.go
@@ -82,6 +82,7 @@ var resources_386 = []*ResourceDesc{
 	{Name: "fd_rdma_cm", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rdma_cm"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rfkill", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rfkill"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rtc", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rtc"}, Values: []uint64{18446744073709551615}},
+	{Name: "fd_seccomp", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_seccomp"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_access", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_access"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_attr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_attr"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_context", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_context"}, Values: []uint64{18446744073709551615}},
@@ -42138,10 +42139,20 @@ var syscalls_386 = []*Syscall{
 		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prio", TypeSize: 4}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
 	}},
 	{NR: 158, Name: "sched_yield", CallName: "sched_yield"},
-	{NR: 354, Name: "seccomp", CallName: "seccomp", Args: []Type{
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_op", FldName: "op", TypeSize: 4}}, Vals: []uint64{0, 1}, BitMask: true},
+	{NR: 354, Name: "seccomp$SECCOMP_SET_MODE_FILTER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 4}}, Val: 1},
 		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 4}}, Vals: []uint64{0, 1}, BitMask: true},
-		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prog", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}},
+	{NR: 354, Name: "seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 4}}, Val: 1},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags_listener", FldName: "flags", TypeSize: 4}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}, Ret: &ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "ret", TypeSize: 4, ArgDir: 1}}},
+	{NR: 354, Name: "seccomp$SECCOMP_SET_MODE_STRICT", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", TypeSize: 4}}},
 	}},
 	{NR: 82, Name: "select", CallName: "select", Args: []Type{
 		&LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "n", TypeSize: 4}}, Path: []string{"inp"}},
@@ -55311,4 +55322,4 @@ var consts_386 = []ConstValue{
 	{Name: "bpf_insn_load_imm_dw", Value: 24},
 }
 
-const revision_386 = "b3cf0344785b05724212f0df9042f7bdbd6a78f4"
+const revision_386 = "b994f3a3d4976dc509587db3a0db64d472a5885e"
diff --git a/sys/linux/gen/amd64.go b/sys/linux/gen/amd64.go
index 5879b1b96..3c0afdcd6 100644
--- a/sys/linux/gen/amd64.go
+++ b/sys/linux/gen/amd64.go
@@ -82,6 +82,7 @@ var resources_amd64 = []*ResourceDesc{
 	{Name: "fd_rdma_cm", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rdma_cm"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rfkill", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rfkill"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rtc", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rtc"}, Values: []uint64{18446744073709551615}},
+	{Name: "fd_seccomp", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_seccomp"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_access", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_access"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_attr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_attr"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_context", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_context"}, Values: []uint64{18446744073709551615}},
@@ -162,6 +163,7 @@ var resources_amd64 = []*ResourceDesc{
 	{Name: "rdma_cm_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"rdma_cm_id"}, Values: []uint64{18446744073709551615}},
 	{Name: "rdma_cm_mcast_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"rdma_cm_mcast_id"}, Values: []uint64{18446744073709551615}},
 	{Name: "rfd9p", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "rfd9p"}, Values: []uint64{18446744073709551615}},
+	{Name: "seccomp_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", TypeSize: 8}}}, Kind: []string{"seccomp_id"}, Values: []uint64{0}},
 	{Name: "shmaddr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", TypeSize: 8}}}, Kind: []string{"shmaddr"}, Values: []uint64{0}},
 	{Name: "sock", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "sock"}, Values: []uint64{18446744073709551615}},
 	{Name: "sock_alg", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "sock", "sock_alg"}, Values: []uint64{18446744073709551615}},
@@ -22932,11 +22934,34 @@ var structDescs_amd64 = []*KeyedStruct{
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "stream_id", TypeSize: 2, ArgDir: 2}}},
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "stream_value", TypeSize: 2, ArgDir: 2}}},
 	}}},
+	{Key: StructKey{Name: "seccomp_data", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_data", TypeSize: 64, ArgDir: 1}, Fields: []Type{
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "nr", TypeSize: 4, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "arch", TypeSize: 4, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", FldName: "instruction_pointer", TypeSize: 8, ArgDir: 1}}},
+		&ArrayType{TypeCommon: TypeCommon{TypeName: "array", FldName: "args", TypeSize: 48, ArgDir: 1}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", TypeSize: 8, ArgDir: 1}}}, Kind: 1, RangeBegin: 6, RangeEnd: 6},
+	}}},
 	{Key: StructKey{Name: "seccomp_metadata"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_metadata", TypeSize: 16}, Fields: []Type{
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", FldName: "filter_off", TypeSize: 8}}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "pad", TypeSize: 4}}, IsPad: true},
 	}}},
+	{Key: StructKey{Name: "seccomp_notif", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif", TypeSize: 80, ArgDir: 1}, Fields: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", FldName: "id", TypeSize: 8, ArgDir: 1}},
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "pid", FldName: "pid", TypeSize: 4, ArgDir: 1}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "flags", TypeSize: 4, ArgDir: 1}}},
+		&StructType{Key: StructKey{Name: "seccomp_data", Dir: 1}, FldName: "data"},
+	}}},
+	{Key: StructKey{Name: "seccomp_notif_resp"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif_resp", TypeSize: 24}, Fields: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", FldName: "id", TypeSize: 8}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", FldName: "val", TypeSize: 8}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "error", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
+	}}},
+	{Key: StructKey{Name: "seccomp_notif_sizes", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif_sizes", TypeSize: 6, ArgDir: 1}, Fields: []Type{
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_notif", TypeSize: 2, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_notif_resp", TypeSize: 2, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_data", TypeSize: 2, ArgDir: 1}}},
+	}}},
 	{Key: StructKey{Name: "seg6_genl_policy"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seg6_genl_policy", IsVarlen: true}, Fields: []Type{
 		&StructType{Key: StructKey{Name: "nlattr_t[const[SEG6_ATTR_DST, int16], ipv6_addr]"}, FldName: "SEG6_ATTR_DST"},
 		&StructType{Key: StructKey{Name: "nlattr_t[const[SEG6_ATTR_DSTLEN, int16], int32]"}, FldName: "SEG6_ATTR_DSTLEN"},
@@ -37905,6 +37930,21 @@ var syscalls_amd64 = []*Syscall{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_sg", FldName: "fd", TypeSize: 4}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 2},
 	}},
+	{NR: 16, Name: "ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 2148016386},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", TypeSize: 8}}},
+	}},
+	{NR: 16, Name: "ioctl$SECCOMP_IOCTL_NOTIF_RECV", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 3226476800},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif", Dir: 1}}},
+	}},
+	{NR: 16, Name: "ioctl$SECCOMP_IOCTL_NOTIF_SEND", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 3222806785},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif_resp"}}},
+	}},
 	{NR: 16, Name: "ioctl$SG_EMULATED_HOST", CallName: "ioctl", Args: []Type{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_sg", FldName: "fd", TypeSize: 4}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 8707},
@@ -42671,10 +42711,30 @@ var syscalls_amd64 = []*Syscall{
 		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prio", TypeSize: 8}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
 	}},
 	{NR: 24, Name: "sched_yield", CallName: "sched_yield"},
-	{NR: 317, Name: "seccomp", CallName: "seccomp", Args: []Type{
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_op", FldName: "op", TypeSize: 8}}, Vals: []uint64{0, 1}, BitMask: true},
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 8}}, Vals: []uint64{0, 1}, BitMask: true},
-		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prog", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	{NR: 317, Name: "seccomp$SECCOMP_GET_ACTION_AVAIL", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 2},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
+	}},
+	{NR: 317, Name: "seccomp$SECCOMP_GET_NOTIF_SIZES", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 3},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif_sizes", Dir: 1}}},
+	}},
+	{NR: 317, Name: "seccomp$SECCOMP_SET_MODE_FILTER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 1},
+		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 8}}, Vals: []uint64{0, 1, 2, 4}, BitMask: true},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}},
+	{NR: 317, Name: "seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 1},
+		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags_listener", FldName: "flags", TypeSize: 8}}, Vals: []uint64{8, 10, 12}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}, Ret: &ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "ret", TypeSize: 4, ArgDir: 1}}},
+	{NR: 317, Name: "seccomp$SECCOMP_SET_MODE_STRICT", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", TypeSize: 8}}},
 	}},
 	{NR: 23, Name: "select", CallName: "select", Args: []Type{
 		&LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "n", TypeSize: 8}}, Path: []string{"inp"}},
@@ -52210,7 +52270,17 @@ var consts_amd64 = []ConstValue{
 	{Name: "SECBIT_NOROOT_LOCKED", Value: 2},
 	{Name: "SECBIT_NO_SETUID_FIXUP", Value: 4},
 	{Name: "SECBIT_NO_SETUID_FIXUP_LOCKED", Value: 8},
+	{Name: "SECCOMP_FILTER_FLAG_LOG", Value: 2},
+	{Name: "SECCOMP_FILTER_FLAG_LOG_LISTENER", Value: 10},
+	{Name: "SECCOMP_FILTER_FLAG_NEW_LISTENER", Value: 8},
+	{Name: "SECCOMP_FILTER_FLAG_SPEC_ALLOW", Value: 4},
+	{Name: "SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER", Value: 12},
 	{Name: "SECCOMP_FILTER_FLAG_TSYNC", Value: 1},
+	{Name: "SECCOMP_GET_ACTION_AVAIL", Value: 2},
+	{Name: "SECCOMP_GET_NOTIF_SIZES", Value: 3},
+	{Name: "SECCOMP_IOCTL_NOTIF_ID_VALID", Value: 2148016386},
+	{Name: "SECCOMP_IOCTL_NOTIF_RECV", Value: 3226476800},
+	{Name: "SECCOMP_IOCTL_NOTIF_SEND", Value: 3222806785},
 	{Name: "SECCOMP_MODE_DISABLED"},
 	{Name: "SECCOMP_MODE_FILTER", Value: 2},
 	{Name: "SECCOMP_MODE_STRICT", Value: 1},
@@ -55864,4 +55934,4 @@ var consts_amd64 = []ConstValue{
 	{Name: "bpf_insn_load_imm_dw", Value: 24},
 }
 
-const revision_amd64 = "5b7f39fb9e131a82f4df7ed9c65dba8ed0b44fe4"
+const revision_amd64 = "10c17bbc2fdd889784093edb7730a8c2fd622f80"
diff --git a/sys/linux/gen/arm.go b/sys/linux/gen/arm.go
index 594bec244..04e395a08 100644
--- a/sys/linux/gen/arm.go
+++ b/sys/linux/gen/arm.go
@@ -82,6 +82,7 @@ var resources_arm = []*ResourceDesc{
 	{Name: "fd_rdma_cm", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rdma_cm"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rfkill", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rfkill"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rtc", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rtc"}, Values: []uint64{18446744073709551615}},
+	{Name: "fd_seccomp", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_seccomp"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_access", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_access"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_attr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_attr"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_context", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_context"}, Values: []uint64{18446744073709551615}},
@@ -41799,10 +41800,20 @@ var syscalls_arm = []*Syscall{
 		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prio", TypeSize: 4}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
 	}},
 	{NR: 158, Name: "sched_yield", CallName: "sched_yield"},
-	{NR: 383, Name: "seccomp", CallName: "seccomp", Args: []Type{
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_op", FldName: "op", TypeSize: 4}}, Vals: []uint64{0, 1}, BitMask: true},
+	{NR: 383, Name: "seccomp$SECCOMP_SET_MODE_FILTER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 4}}, Val: 1},
 		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 4}}, Vals: []uint64{0, 1}, BitMask: true},
-		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prog", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}},
+	{NR: 383, Name: "seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 4}}, Val: 1},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags_listener", FldName: "flags", TypeSize: 4}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 4}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}, Ret: &ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "ret", TypeSize: 4, ArgDir: 1}}},
+	{NR: 383, Name: "seccomp$SECCOMP_SET_MODE_STRICT", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", TypeSize: 4}}},
 	}},
 	{NR: 300, Name: "semctl$GETALL", CallName: "semctl", Args: []Type{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "ipc_sem", FldName: "semid", TypeSize: 4}},
@@ -54888,4 +54899,4 @@ var consts_arm = []ConstValue{
 	{Name: "bpf_insn_load_imm_dw", Value: 24},
 }
 
-const revision_arm = "c92ceb42033e27c47e6b213d90160284985c1cd6"
+const revision_arm = "05280f810f6a4dc1aef80e2ee1f67f4a08b39ecd"
diff --git a/sys/linux/gen/arm64.go b/sys/linux/gen/arm64.go
index d4770452c..96325b327 100644
--- a/sys/linux/gen/arm64.go
+++ b/sys/linux/gen/arm64.go
@@ -82,6 +82,7 @@ var resources_arm64 = []*ResourceDesc{
 	{Name: "fd_rdma_cm", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rdma_cm"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rfkill", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rfkill"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rtc", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rtc"}, Values: []uint64{18446744073709551615}},
+	{Name: "fd_seccomp", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_seccomp"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_access", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_access"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_attr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_attr"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_context", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_context"}, Values: []uint64{18446744073709551615}},
@@ -162,6 +163,7 @@ var resources_arm64 = []*ResourceDesc{
 	{Name: "rdma_cm_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"rdma_cm_id"}, Values: []uint64{18446744073709551615}},
 	{Name: "rdma_cm_mcast_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"rdma_cm_mcast_id"}, Values: []uint64{18446744073709551615}},
 	{Name: "rfd9p", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "rfd9p"}, Values: []uint64{18446744073709551615}},
+	{Name: "seccomp_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", TypeSize: 8}}}, Kind: []string{"seccomp_id"}, Values: []uint64{0}},
 	{Name: "shmaddr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", TypeSize: 8}}}, Kind: []string{"shmaddr"}, Values: []uint64{0}},
 	{Name: "sock", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "sock"}, Values: []uint64{18446744073709551615}},
 	{Name: "sock_alg", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "sock", "sock_alg"}, Values: []uint64{18446744073709551615}},
@@ -22749,11 +22751,34 @@ var structDescs_arm64 = []*KeyedStruct{
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "stream_id", TypeSize: 2, ArgDir: 2}}},
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "stream_value", TypeSize: 2, ArgDir: 2}}},
 	}}},
+	{Key: StructKey{Name: "seccomp_data", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_data", TypeSize: 64, ArgDir: 1}, Fields: []Type{
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "nr", TypeSize: 4, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "arch", TypeSize: 4, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", FldName: "instruction_pointer", TypeSize: 8, ArgDir: 1}}},
+		&ArrayType{TypeCommon: TypeCommon{TypeName: "array", FldName: "args", TypeSize: 48, ArgDir: 1}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", TypeSize: 8, ArgDir: 1}}}, Kind: 1, RangeBegin: 6, RangeEnd: 6},
+	}}},
 	{Key: StructKey{Name: "seccomp_metadata"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_metadata", TypeSize: 16}, Fields: []Type{
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", FldName: "filter_off", TypeSize: 8}}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "pad", TypeSize: 4}}, IsPad: true},
 	}}},
+	{Key: StructKey{Name: "seccomp_notif", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif", TypeSize: 80, ArgDir: 1}, Fields: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", FldName: "id", TypeSize: 8, ArgDir: 1}},
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "pid", FldName: "pid", TypeSize: 4, ArgDir: 1}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "flags", TypeSize: 4, ArgDir: 1}}},
+		&StructType{Key: StructKey{Name: "seccomp_data", Dir: 1}, FldName: "data"},
+	}}},
+	{Key: StructKey{Name: "seccomp_notif_resp"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif_resp", TypeSize: 24}, Fields: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", FldName: "id", TypeSize: 8}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", FldName: "val", TypeSize: 8}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "error", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
+	}}},
+	{Key: StructKey{Name: "seccomp_notif_sizes", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif_sizes", TypeSize: 6, ArgDir: 1}, Fields: []Type{
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_notif", TypeSize: 2, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_notif_resp", TypeSize: 2, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_data", TypeSize: 2, ArgDir: 1}}},
+	}}},
 	{Key: StructKey{Name: "seg6_genl_policy"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seg6_genl_policy", IsVarlen: true}, Fields: []Type{
 		&StructType{Key: StructKey{Name: "nlattr_t[const[SEG6_ATTR_DST, int16], ipv6_addr]"}, FldName: "SEG6_ATTR_DST"},
 		&StructType{Key: StructKey{Name: "nlattr_t[const[SEG6_ATTR_DSTLEN, int16], int32]"}, FldName: "SEG6_ATTR_DSTLEN"},
@@ -37502,6 +37527,21 @@ var syscalls_arm64 = []*Syscall{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_sg", FldName: "fd", TypeSize: 4}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 2},
 	}},
+	{NR: 29, Name: "ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 2148016386},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", TypeSize: 8}}},
+	}},
+	{NR: 29, Name: "ioctl$SECCOMP_IOCTL_NOTIF_RECV", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 3226476800},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif", Dir: 1}}},
+	}},
+	{NR: 29, Name: "ioctl$SECCOMP_IOCTL_NOTIF_SEND", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 3222806785},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif_resp"}}},
+	}},
 	{NR: 29, Name: "ioctl$SG_EMULATED_HOST", CallName: "ioctl", Args: []Type{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_sg", FldName: "fd", TypeSize: 4}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 8707},
@@ -42182,10 +42222,30 @@ var syscalls_arm64 = []*Syscall{
 		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prio", TypeSize: 8}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
 	}},
 	{NR: 124, Name: "sched_yield", CallName: "sched_yield"},
-	{NR: 277, Name: "seccomp", CallName: "seccomp", Args: []Type{
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_op", FldName: "op", TypeSize: 8}}, Vals: []uint64{0, 1}, BitMask: true},
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 8}}, Vals: []uint64{0, 1}, BitMask: true},
-		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prog", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	{NR: 277, Name: "seccomp$SECCOMP_GET_ACTION_AVAIL", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 2},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
+	}},
+	{NR: 277, Name: "seccomp$SECCOMP_GET_NOTIF_SIZES", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 3},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif_sizes", Dir: 1}}},
+	}},
+	{NR: 277, Name: "seccomp$SECCOMP_SET_MODE_FILTER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 1},
+		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 8}}, Vals: []uint64{0, 1, 2, 4}, BitMask: true},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}},
+	{NR: 277, Name: "seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 1},
+		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags_listener", FldName: "flags", TypeSize: 8}}, Vals: []uint64{8, 10, 12}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}, Ret: &ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "ret", TypeSize: 4, ArgDir: 1}}},
+	{NR: 277, Name: "seccomp$SECCOMP_SET_MODE_STRICT", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", TypeSize: 8}}},
 	}},
 	{NR: 191, Name: "semctl$GETALL", CallName: "semctl", Args: []Type{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "ipc_sem", FldName: "semid", TypeSize: 4}},
@@ -51603,7 +51663,17 @@ var consts_arm64 = []ConstValue{
 	{Name: "SECBIT_NOROOT_LOCKED", Value: 2},
 	{Name: "SECBIT_NO_SETUID_FIXUP", Value: 4},
 	{Name: "SECBIT_NO_SETUID_FIXUP_LOCKED", Value: 8},
+	{Name: "SECCOMP_FILTER_FLAG_LOG", Value: 2},
+	{Name: "SECCOMP_FILTER_FLAG_LOG_LISTENER", Value: 10},
+	{Name: "SECCOMP_FILTER_FLAG_NEW_LISTENER", Value: 8},
+	{Name: "SECCOMP_FILTER_FLAG_SPEC_ALLOW", Value: 4},
+	{Name: "SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER", Value: 12},
 	{Name: "SECCOMP_FILTER_FLAG_TSYNC", Value: 1},
+	{Name: "SECCOMP_GET_ACTION_AVAIL", Value: 2},
+	{Name: "SECCOMP_GET_NOTIF_SIZES", Value: 3},
+	{Name: "SECCOMP_IOCTL_NOTIF_ID_VALID", Value: 2148016386},
+	{Name: "SECCOMP_IOCTL_NOTIF_RECV", Value: 3226476800},
+	{Name: "SECCOMP_IOCTL_NOTIF_SEND", Value: 3222806785},
 	{Name: "SECCOMP_MODE_DISABLED"},
 	{Name: "SECCOMP_MODE_FILTER", Value: 2},
 	{Name: "SECCOMP_MODE_STRICT", Value: 1},
@@ -55216,4 +55286,4 @@ var consts_arm64 = []ConstValue{
 	{Name: "bpf_insn_load_imm_dw", Value: 24},
 }
 
-const revision_arm64 = "a48a66ee52bdf905e9e2898210508268f1cbf061"
+const revision_arm64 = "290f57776c4145e8ec114a3a0ec499a905c41720"
diff --git a/sys/linux/gen/ppc64le.go b/sys/linux/gen/ppc64le.go
index 906cfea93..245ee194f 100644
--- a/sys/linux/gen/ppc64le.go
+++ b/sys/linux/gen/ppc64le.go
@@ -82,6 +82,7 @@ var resources_ppc64le = []*ResourceDesc{
 	{Name: "fd_rdma_cm", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rdma_cm"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rfkill", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rfkill"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_rtc", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_rtc"}, Values: []uint64{18446744073709551615}},
+	{Name: "fd_seccomp", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_seccomp"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_access", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_access"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_attr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_attr"}, Values: []uint64{18446744073709551615}},
 	{Name: "fd_selinux_context", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "fd_selinux_context"}, Values: []uint64{18446744073709551615}},
@@ -162,6 +163,7 @@ var resources_ppc64le = []*ResourceDesc{
 	{Name: "rdma_cm_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"rdma_cm_id"}, Values: []uint64{18446744073709551615}},
 	{Name: "rdma_cm_mcast_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"rdma_cm_mcast_id"}, Values: []uint64{18446744073709551615}},
 	{Name: "rfd9p", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "rfd9p"}, Values: []uint64{18446744073709551615}},
+	{Name: "seccomp_id", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", TypeSize: 8}}}, Kind: []string{"seccomp_id"}, Values: []uint64{0}},
 	{Name: "shmaddr", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", TypeSize: 8}}}, Kind: []string{"shmaddr"}, Values: []uint64{0}},
 	{Name: "sock", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "sock"}, Values: []uint64{18446744073709551615}},
 	{Name: "sock_alg", Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}, Kind: []string{"fd", "sock", "sock_alg"}, Values: []uint64{18446744073709551615}},
@@ -22701,11 +22703,34 @@ var structDescs_ppc64le = []*KeyedStruct{
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "stream_id", TypeSize: 2, ArgDir: 2}}},
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "stream_value", TypeSize: 2, ArgDir: 2}}},
 	}}},
+	{Key: StructKey{Name: "seccomp_data", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_data", TypeSize: 64, ArgDir: 1}, Fields: []Type{
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "nr", TypeSize: 4, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "arch", TypeSize: 4, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", FldName: "instruction_pointer", TypeSize: 8, ArgDir: 1}}},
+		&ArrayType{TypeCommon: TypeCommon{TypeName: "array", FldName: "args", TypeSize: 48, ArgDir: 1}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", TypeSize: 8, ArgDir: 1}}}, Kind: 1, RangeBegin: 6, RangeEnd: 6},
+	}}},
 	{Key: StructKey{Name: "seccomp_metadata"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_metadata", TypeSize: 16}, Fields: []Type{
 		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "intptr", FldName: "filter_off", TypeSize: 8}}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "pad", TypeSize: 4}}, IsPad: true},
 	}}},
+	{Key: StructKey{Name: "seccomp_notif", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif", TypeSize: 80, ArgDir: 1}, Fields: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", FldName: "id", TypeSize: 8, ArgDir: 1}},
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "pid", FldName: "pid", TypeSize: 4, ArgDir: 1}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "flags", TypeSize: 4, ArgDir: 1}}},
+		&StructType{Key: StructKey{Name: "seccomp_data", Dir: 1}, FldName: "data"},
+	}}},
+	{Key: StructKey{Name: "seccomp_notif_resp"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif_resp", TypeSize: 24}, Fields: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", FldName: "id", TypeSize: 8}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int64", FldName: "val", TypeSize: 8}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", FldName: "error", TypeSize: 4}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 4}}},
+	}}},
+	{Key: StructKey{Name: "seccomp_notif_sizes", Dir: 1}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seccomp_notif_sizes", TypeSize: 6, ArgDir: 1}, Fields: []Type{
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_notif", TypeSize: 2, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_notif_resp", TypeSize: 2, ArgDir: 1}}},
+		&IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int16", FldName: "seccomp_data", TypeSize: 2, ArgDir: 1}}},
+	}}},
 	{Key: StructKey{Name: "seg6_genl_policy"}, Desc: &StructDesc{TypeCommon: TypeCommon{TypeName: "seg6_genl_policy", IsVarlen: true}, Fields: []Type{
 		&StructType{Key: StructKey{Name: "nlattr_t[const[SEG6_ATTR_DST, int16], ipv6_addr]"}, FldName: "SEG6_ATTR_DST"},
 		&StructType{Key: StructKey{Name: "nlattr_t[const[SEG6_ATTR_DSTLEN, int16], int32]"}, FldName: "SEG6_ATTR_DSTLEN"},
@@ -37423,6 +37448,21 @@ var syscalls_ppc64le = []*Syscall{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_sg", FldName: "fd", TypeSize: 4}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 2},
 	}},
+	{NR: 54, Name: "ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 1074274562},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &ResourceType{TypeCommon: TypeCommon{TypeName: "seccomp_id", TypeSize: 8}}},
+	}},
+	{NR: 54, Name: "ioctl$SECCOMP_IOCTL_NOTIF_RECV", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 3226476800},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif", Dir: 1}}},
+	}},
+	{NR: 54, Name: "ioctl$SECCOMP_IOCTL_NOTIF_SEND", CallName: "ioctl", Args: []Type{
+		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "fd", TypeSize: 4}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 3222806785},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif_resp"}}},
+	}},
 	{NR: 54, Name: "ioctl$SG_EMULATED_HOST", CallName: "ioctl", Args: []Type{
 		&ResourceType{TypeCommon: TypeCommon{TypeName: "fd_sg", FldName: "fd", TypeSize: 4}},
 		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "cmd", TypeSize: 8}}, Val: 8707},
@@ -42134,10 +42174,30 @@ var syscalls_ppc64le = []*Syscall{
 		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prio", TypeSize: 8}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
 	}},
 	{NR: 158, Name: "sched_yield", CallName: "sched_yield"},
-	{NR: 358, Name: "seccomp", CallName: "seccomp", Args: []Type{
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_op", FldName: "op", TypeSize: 8}}, Vals: []uint64{0, 1}, BitMask: true},
-		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 8}}, Vals: []uint64{0, 1}, BitMask: true},
-		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "prog", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	{NR: 358, Name: "seccomp$SECCOMP_GET_ACTION_AVAIL", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 2},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &IntType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "int32", TypeSize: 4}}}},
+	}},
+	{NR: 358, Name: "seccomp$SECCOMP_GET_NOTIF_SIZES", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 3},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "seccomp_notif_sizes", Dir: 1}}},
+	}},
+	{NR: 358, Name: "seccomp$SECCOMP_SET_MODE_FILTER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 1},
+		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags", FldName: "flags", TypeSize: 8}}, Vals: []uint64{0, 1, 2, 4}, BitMask: true},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}},
+	{NR: 358, Name: "seccomp$SECCOMP_SET_MODE_FILTER_LISTENER", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}, Val: 1},
+		&FlagsType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "seccomp_flags_listener", FldName: "flags", TypeSize: 8}}, Vals: []uint64{8, 10, 12}},
+		&PtrType{TypeCommon: TypeCommon{TypeName: "ptr", FldName: "arg", TypeSize: 8}, Type: &StructType{Key: StructKey{Name: "sock_fprog"}}},
+	}, Ret: &ResourceType{TypeCommon: TypeCommon{TypeName: "fd_seccomp", FldName: "ret", TypeSize: 4, ArgDir: 1}}},
+	{NR: 358, Name: "seccomp$SECCOMP_SET_MODE_STRICT", CallName: "seccomp", Args: []Type{
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "op", TypeSize: 8}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "flags", TypeSize: 8}}},
+		&ConstType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "const", FldName: "arg", TypeSize: 8}}},
 	}},
 	{NR: 82, Name: "select", CallName: "select", Args: []Type{
 		&LenType{IntTypeCommon: IntTypeCommon{TypeCommon: TypeCommon{TypeName: "len", FldName: "n", TypeSize: 8}}, Path: []string{"inp"}},
@@ -51596,7 +51656,17 @@ var consts_ppc64le = []ConstValue{
 	{Name: "SECBIT_NOROOT_LOCKED", Value: 2},
 	{Name: "SECBIT_NO_SETUID_FIXUP", Value: 4},
 	{Name: "SECBIT_NO_SETUID_FIXUP_LOCKED", Value: 8},
+	{Name: "SECCOMP_FILTER_FLAG_LOG", Value: 2},
+	{Name: "SECCOMP_FILTER_FLAG_LOG_LISTENER", Value: 10},
+	{Name: "SECCOMP_FILTER_FLAG_NEW_LISTENER", Value: 8},
+	{Name: "SECCOMP_FILTER_FLAG_SPEC_ALLOW", Value: 4},
+	{Name: "SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER", Value: 12},
 	{Name: "SECCOMP_FILTER_FLAG_TSYNC", Value: 1},
+	{Name: "SECCOMP_GET_ACTION_AVAIL", Value: 2},
+	{Name: "SECCOMP_GET_NOTIF_SIZES", Value: 3},
+	{Name: "SECCOMP_IOCTL_NOTIF_ID_VALID", Value: 1074274562},
+	{Name: "SECCOMP_IOCTL_NOTIF_RECV", Value: 3226476800},
+	{Name: "SECCOMP_IOCTL_NOTIF_SEND", Value: 3222806785},
 	{Name: "SECCOMP_MODE_DISABLED"},
 	{Name: "SECCOMP_MODE_FILTER", Value: 2},
 	{Name: "SECCOMP_MODE_STRICT", Value: 1},
@@ -55181,4 +55251,4 @@ var consts_ppc64le = []ConstValue{
 	{Name: "bpf_insn_load_imm_dw", Value: 24},
 }
 
-const revision_ppc64le = "dcc8af59c5ba27d0adb5ebdfee14e7b7b7541809"
+const revision_ppc64le = "b58c16a2d4747e7cb622c547e0c726dcb9a6df7a"
diff --git a/sys/linux/seccomp.txt b/sys/linux/seccomp.txt
new file mode 100644
index 000000000..e56332dab
--- /dev/null
+++ b/sys/linux/seccomp.txt
@@ -0,0 +1,51 @@
+# Copyright 2019 syzkaller project authors. All rights reserved.
+# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+include <uapi/linux/seccomp.h>
+include <asm/ioctls.h>
+
+resource fd_seccomp[fd]
+resource seccomp_id[int64]
+
+seccomp$SECCOMP_SET_MODE_STRICT(op const[SECCOMP_SET_MODE_STRICT], flags const[0], arg const[0])
+seccomp$SECCOMP_SET_MODE_FILTER(op const[SECCOMP_SET_MODE_FILTER], flags flags[seccomp_flags], arg ptr[in, sock_fprog])
+seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(op const[SECCOMP_SET_MODE_FILTER], flags flags[seccomp_flags_listener], arg ptr[in, sock_fprog]) fd_seccomp
+seccomp$SECCOMP_GET_ACTION_AVAIL(op const[SECCOMP_GET_ACTION_AVAIL], flags const[0], arg ptr[in, int32])
+seccomp$SECCOMP_GET_NOTIF_SIZES(op const[SECCOMP_GET_NOTIF_SIZES], flags const[0], arg ptr[out, seccomp_notif_sizes])
+
+ioctl$SECCOMP_IOCTL_NOTIF_RECV(fd fd_seccomp, cmd const[SECCOMP_IOCTL_NOTIF_RECV], arg ptr[out, seccomp_notif])
+ioctl$SECCOMP_IOCTL_NOTIF_SEND(fd fd_seccomp, cmd const[SECCOMP_IOCTL_NOTIF_SEND], arg ptr[in, seccomp_notif_resp])
+ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(fd fd_seccomp, cmd const[SECCOMP_IOCTL_NOTIF_ID_VALID], arg ptr[in, seccomp_id])
+
+seccomp_notif_sizes {
+	seccomp_notif		int16
+	seccomp_notif_resp	int16
+	seccomp_data		int16
+}
+
+seccomp_notif {
+	id	seccomp_id
+	pid	pid
+	flags	int32
+	data	seccomp_data
+}
+
+seccomp_data {
+	nr			int32
+	arch			int32
+	instruction_pointer	int64
+	args			array[int64, 6]
+}
+
+seccomp_notif_resp {
+	id	seccomp_id
+	val	int64
+	error	int32
+	flags	const[0, int32]
+}
+
+seccomp_flags = 0, SECCOMP_FILTER_FLAG_TSYNC, SECCOMP_FILTER_FLAG_LOG, SECCOMP_FILTER_FLAG_SPEC_ALLOW
+seccomp_flags_listener = SECCOMP_FILTER_FLAG_NEW_LISTENER, SECCOMP_FILTER_FLAG_LOG_LISTENER, SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER
+
+define SECCOMP_FILTER_FLAG_LOG_LISTENER	SECCOMP_FILTER_FLAG_LOG | SECCOMP_FILTER_FLAG_NEW_LISTENER
+define SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER	SECCOMP_FILTER_FLAG_SPEC_ALLOW | SECCOMP_FILTER_FLAG_NEW_LISTENER
diff --git a/sys/linux/seccomp_amd64.const b/sys/linux/seccomp_amd64.const
new file mode 100644
index 000000000..dd9017c03
--- /dev/null
+++ b/sys/linux/seccomp_amd64.const
@@ -0,0 +1,16 @@
+# AUTOGENERATED FILE
+SECCOMP_FILTER_FLAG_LOG = 2
+SECCOMP_FILTER_FLAG_LOG_LISTENER = 10
+SECCOMP_FILTER_FLAG_NEW_LISTENER = 8
+SECCOMP_FILTER_FLAG_SPEC_ALLOW = 4
+SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER = 12
+SECCOMP_FILTER_FLAG_TSYNC = 1
+SECCOMP_GET_ACTION_AVAIL = 2
+SECCOMP_GET_NOTIF_SIZES = 3
+SECCOMP_IOCTL_NOTIF_ID_VALID = 2148016386
+SECCOMP_IOCTL_NOTIF_RECV = 3226476800
+SECCOMP_IOCTL_NOTIF_SEND = 3222806785
+SECCOMP_SET_MODE_FILTER = 1
+SECCOMP_SET_MODE_STRICT = 0
+__NR_ioctl = 16
+__NR_seccomp = 317
diff --git a/sys/linux/seccomp_arm64.const b/sys/linux/seccomp_arm64.const
new file mode 100644
index 000000000..41d117a26
--- /dev/null
+++ b/sys/linux/seccomp_arm64.const
@@ -0,0 +1,16 @@
+# AUTOGENERATED FILE
+SECCOMP_FILTER_FLAG_LOG = 2
+SECCOMP_FILTER_FLAG_LOG_LISTENER = 10
+SECCOMP_FILTER_FLAG_NEW_LISTENER = 8
+SECCOMP_FILTER_FLAG_SPEC_ALLOW = 4
+SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER = 12
+SECCOMP_FILTER_FLAG_TSYNC = 1
+SECCOMP_GET_ACTION_AVAIL = 2
+SECCOMP_GET_NOTIF_SIZES = 3
+SECCOMP_IOCTL_NOTIF_ID_VALID = 2148016386
+SECCOMP_IOCTL_NOTIF_RECV = 3226476800
+SECCOMP_IOCTL_NOTIF_SEND = 3222806785
+SECCOMP_SET_MODE_FILTER = 1
+SECCOMP_SET_MODE_STRICT = 0
+__NR_ioctl = 29
+__NR_seccomp = 277
diff --git a/sys/linux/seccomp_ppc64le.const b/sys/linux/seccomp_ppc64le.const
new file mode 100644
index 000000000..46f2a8ac1
--- /dev/null
+++ b/sys/linux/seccomp_ppc64le.const
@@ -0,0 +1,16 @@
+# AUTOGENERATED FILE
+SECCOMP_FILTER_FLAG_LOG = 2
+SECCOMP_FILTER_FLAG_LOG_LISTENER = 10
+SECCOMP_FILTER_FLAG_NEW_LISTENER = 8
+SECCOMP_FILTER_FLAG_SPEC_ALLOW = 4
+SECCOMP_FILTER_FLAG_SPEC_ALLOW_LISTENER = 12
+SECCOMP_FILTER_FLAG_TSYNC = 1
+SECCOMP_GET_ACTION_AVAIL = 2
+SECCOMP_GET_NOTIF_SIZES = 3
+SECCOMP_IOCTL_NOTIF_ID_VALID = 1074274562
+SECCOMP_IOCTL_NOTIF_RECV = 3226476800
+SECCOMP_IOCTL_NOTIF_SEND = 3222806785
+SECCOMP_SET_MODE_FILTER = 1
+SECCOMP_SET_MODE_STRICT = 0
+__NR_ioctl = 54
+__NR_seccomp = 358
diff --git a/sys/linux/sys.txt b/sys/linux/sys.txt
index e32d3d338..092bde54a 100644
--- a/sys/linux/sys.txt
+++ b/sys/linux/sys.txt
@@ -24,7 +24,6 @@ include <linux/fadvise.h>
 include <linux/falloc.h>
 include <linux/futex.h>
 include <linux/kexec.h>
-include <linux/seccomp.h>
 include <linux/elf.h>
 include <linux/fiemap.h>
 include <linux/kd.h>
@@ -51,6 +50,7 @@ include <linux/membarrier.h>
 include <uapi/linux/kcov.h>
 include <uapi/linux/membarrier.h>
 include <uapi/linux/capability.h>
+include <uapi/linux/seccomp.h>
 include <uapi/linux/suspend_ioctls.h>
 
 resource fd[int32]: -1
@@ -212,7 +212,6 @@ seccomp_metadata {
 
 capget(hdr ptr[in, cap_header], data ptr[in, cap_data])
 capset(hdr ptr[in, cap_header], data ptr[in, cap_data])
-seccomp(op flags[seccomp_op], flags flags[seccomp_flags], prog ptr[in, sock_fprog])
 
 resource fd_mq[fd]
 mq_open(name ptr[in, string], flags flags[mq_open_flags], mode flags[open_mode], attr ptr[in, mq_attr]) fd_mq
@@ -884,8 +883,6 @@ linkat_flags = AT_EMPTY_PATH, AT_SYMLINK_FOLLOW
 unlinkat_flags = 0, AT_REMOVEDIR
 renameat2_flags = RENAME_EXCHANGE, RENAME_NOREPLACE, RENAME_WHITEOUT
 flock_op = LOCK_SH, LOCK_EX, LOCK_UN, LOCK_NB
-seccomp_op = SECCOMP_SET_MODE_STRICT, SECCOMP_SET_MODE_FILTER
-seccomp_flags = 0, SECCOMP_FILTER_FLAG_TSYNC
 statx_flags = AT_SYMLINK_NOFOLLOW, AT_SYMLINK_FOLLOW, AT_NO_AUTOMOUNT, AT_EMPTY_PATH, AT_STATX_SYNC_TYPE, AT_STATX_SYNC_AS_STAT, AT_STATX_FORCE_SYNC, AT_STATX_DONT_SYNC
 statx_mask = STATX_TYPE, STATX_MODE, STATX_NLINK, STATX_UID, STATX_GID, STATX_ATIME, STATX_MTIME, STATX_CTIME, STATX_INO, STATX_SIZE, STATX_BLOCKS, STATX_BASIC_STATS, STATX_BTIME, STATX_ALL
 name_to_handle_at_flags = AT_EMPTY_PATH, AT_SYMLINK_FOLLOW
diff --git a/sys/linux/sys_amd64.const b/sys/linux/sys_amd64.const
index 041d5f071..9cae7e471 100644
--- a/sys/linux/sys_amd64.const
+++ b/sys/linux/sys_amd64.const
@@ -440,9 +440,6 @@ SCHED_FLAG_RESET_ON_FORK = 1
 SCHED_IDLE = 5
 SCHED_NORMAL = 0
 SCHED_RR = 2
-SECCOMP_FILTER_FLAG_TSYNC = 1
-SECCOMP_SET_MODE_FILTER = 1
-SECCOMP_SET_MODE_STRICT = 0
 SEEK_CUR = 1
 SEEK_DATA = 3
 SEEK_END = 2
@@ -713,7 +710,6 @@ __NR_sched_setattr = 314
 __NR_sched_setparam = 142
 __NR_sched_setscheduler = 144
 __NR_sched_yield = 24
-__NR_seccomp = 317
 __NR_select = 23
 __NR_sendfile = 40
 # __NR_sendfile64 is not set
diff --git a/sys/linux/sys_arm64.const b/sys/linux/sys_arm64.const
index 6b0ef3efb..09e2855a9 100644
--- a/sys/linux/sys_arm64.const
+++ b/sys/linux/sys_arm64.const
@@ -440,9 +440,6 @@ SCHED_FLAG_RESET_ON_FORK = 1
 SCHED_IDLE = 5
 SCHED_NORMAL = 0
 SCHED_RR = 2
-SECCOMP_FILTER_FLAG_TSYNC = 1
-SECCOMP_SET_MODE_FILTER = 1
-SECCOMP_SET_MODE_STRICT = 0
 SEEK_CUR = 1
 SEEK_DATA = 3
 SEEK_END = 2
@@ -713,7 +710,6 @@ __NR_sched_setattr = 274
 __NR_sched_setparam = 118
 __NR_sched_setscheduler = 119
 __NR_sched_yield = 124
-__NR_seccomp = 277
 # __NR_select is not set
 __NR_sendfile = 71
 # __NR_sendfile64 is not set
diff --git a/sys/linux/sys_ppc64le.const b/sys/linux/sys_ppc64le.const
index 1c3e14677..6bf815ca5 100644
--- a/sys/linux/sys_ppc64le.const
+++ b/sys/linux/sys_ppc64le.const
@@ -440,9 +440,6 @@ SCHED_FLAG_RESET_ON_FORK = 1
 SCHED_IDLE = 5
 SCHED_NORMAL = 0
 SCHED_RR = 2
-SECCOMP_FILTER_FLAG_TSYNC = 1
-SECCOMP_SET_MODE_FILTER = 1
-SECCOMP_SET_MODE_STRICT = 0
 SEEK_CUR = 1
 SEEK_DATA = 3
 SEEK_END = 2
@@ -713,7 +710,6 @@ __NR_sched_setattr = 355
 __NR_sched_setparam = 154
 __NR_sched_setscheduler = 156
 __NR_sched_yield = 158
-__NR_seccomp = 358
 __NR_select = 82
 __NR_sendfile = 186
 # __NR_sendfile64 is not set
-- 
cgit mrf-deployment