Wondering; Was the pointer needed? (wondering because IIRC, omitempty also omits 0, in which case the default for an uint would be a meaningful value (no override)

I think we need the pointer here as specifying ErrnoRet = 0 has a different meaning (report success), while the default with ErrnoRet unspecified is EPERM.

I've done a test for omitempty and it seems pointers are omitted only if they are nil: https://play.golang.org/p/wnzK9EQNCOS

Wouldn't ErrnoRet = 0 conflict with the purpose of LinuxSeccompAction ?

I think the combination SCMP_ACT_ERRNO and ErrnoRet = 0 is useful and it is different than SCMP_ACT_ALLOW, since the syscall is not performed but it is reported as successful.

Ah, gotcha, yes, that makes sense

Yeah, it's critical that it be clear whether errnoRet was unset (-EPERM) or 0 (a "success" but the syscall isn't run). As an aside, this trick is used for the relatively-new seccomp syscall emulation.

I assumed it would only be used with > 0 values (0 meaning; don't change the default); thx!

All good, it's definitely not the intended use for seccomp. ;)