Merge 69e0affa (automated)

1 files changed, 4 insertions, 5 deletions

diff --git a/pkg/sentry/syscalls/linux/sys_seccomp.go b/pkg/sentry/syscalls/linux/sys_seccomp.go
index 4885b5e40..18510ead8 100644
--- a/pkg/sentry/syscalls/linux/sys_seccomp.go
+++ b/pkg/sentry/syscalls/linux/sys_seccomp.go
@@ -15,13 +15,12 @@
 package linux
 
 import (
-	"syscall"
-
 	"gvisor.dev/gvisor/pkg/abi/linux"
 	"gvisor.dev/gvisor/pkg/bpf"
 	"gvisor.dev/gvisor/pkg/sentry/arch"
 	"gvisor.dev/gvisor/pkg/sentry/kernel"
 	"gvisor.dev/gvisor/pkg/sentry/usermem"
+	"gvisor.dev/gvisor/pkg/syserror"
 )
 
 // userSockFprog is equivalent to Linux's struct sock_fprog on amd64.
@@ -43,7 +42,7 @@ func seccomp(t *kernel.Task, mode, flags uint64, addr usermem.Addr) error {
 	// We only support SECCOMP_SET_MODE_FILTER at the moment.
 	if mode != linux.SECCOMP_SET_MODE_FILTER {
 		// Unsupported mode.
-		return syscall.EINVAL
+		return syserror.EINVAL
 	}
 
 	tsync := flags&linux.SECCOMP_FILTER_FLAG_TSYNC != 0
@@ -51,7 +50,7 @@ func seccomp(t *kernel.Task, mode, flags uint64, addr usermem.Addr) error {
 	// The only flag we support now is SECCOMP_FILTER_FLAG_TSYNC.
 	if flags&^linux.SECCOMP_FILTER_FLAG_TSYNC != 0 {
 		// Unsupported flag.
-		return syscall.EINVAL
+		return syserror.EINVAL
 	}
 
 	var fprog userSockFprog
@@ -65,7 +64,7 @@ func seccomp(t *kernel.Task, mode, flags uint64, addr usermem.Addr) error {
 	compiledFilter, err := bpf.Compile(filter)
 	if err != nil {
 		t.Debugf("Invalid seccomp-bpf filter: %v", err)
-		return syscall.EINVAL
+		return syserror.EINVAL
 	}
 
 	return t.AppendSyscallFilter(compiledFilter, tsync)