seccomp branch queue

-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJUYjWAAAoJEP0M/1sS+L0v4HwH/A6R8sgBFI04xvN3fl6AKpey
 wQPkmQ2UhrTG0vOAcVmUY+1X5c0JSjxkkNaFRU1XQxGFXiuAGnvmt2pfzbclSnh3
 D6FpkHTky9yf56hlSqXfYshe+nwnfm7SDy4WDeHwFOUFnghf7cPd0npBIgsiWpSu
 lsaHVM/rsHBLeWEbOI/nnH892wKSBi//EnizBo/eCsmAHGO6+VcREzdsMWvG1USP
 jjveNLeGyZ6Bf1WJrc5BXgf1ZaH9CH2U+fjnGx15BapOvROCh0DWysemcvxoNfH3
 21JpVam+4yJ1drVLtG0CcrYDeva5Gm7j57c+50SN5zHoBwM2BnUwR6mqfHj76fM=
 =EI+2
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/otubo/tags/pull-seccomp-20141111' into staging

seccomp branch queue

# gpg: Signature made Tue 11 Nov 2014 16:12:48 GMT using RSA key ID 12F8BD2F
# gpg: Can't check signature: public key not found

* remotes/otubo/tags/pull-seccomp-20141111:
  seccomp: change configure to avoid arm 32 to break
  seccomp: whitelist syscalls fallocate(), fadvise64(), inotify_init1() and inotify_add_watch()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

configure

@@ -1823,7 +1823,8 @@ fi
 # libseccomp check
 
 if test "$seccomp" != "no" ; then
-    if $pkg_config --atleast-version=2.1.0 libseccomp; then
+    if test "$cpu" = "i386" || test "$cpu" = "x86_64" &&
+        $pkg_config --atleast-version=2.1.1 libseccomp; then
         libs_softmmu="$libs_softmmu `$pkg_config --libs libseccomp`"
         QEMU_CFLAGS="$QEMU_CFLAGS `$pkg_config --cflags libseccomp`"
 	seccomp="yes"

qemu-seccomp.c

@@ -231,7 +231,11 @@ static const struct QemuSeccompSyscall seccomp_whitelist[] = {
     { SCMP_SYS(shmctl), 240 },
     { SCMP_SYS(mlock), 240 },
     { SCMP_SYS(munlock), 240 },
-    { SCMP_SYS(semctl), 240 }
+    { SCMP_SYS(semctl), 240 },
+    { SCMP_SYS(fallocate), 240 },
+    { SCMP_SYS(fadvise64), 240 },
+    { SCMP_SYS(inotify_init1), 240 },
+    { SCMP_SYS(inotify_add_watch), 240 }
 };
 
 int seccomp_start(void)