std: rename from comp

Seccomp lookup tables are going to be relocated here, and PNR constants.

Signed-off-by: Ophestra <cat@gensokyo.uk>

container/std/bits.go

@@ -0,0 +1,32 @@
+// Package std contains constants from container packages without depending on cgo.
+package std
+
+const (
+	// BindOptional skips nonexistent host paths.
+	BindOptional = 1 << iota
+	// BindWritable mounts filesystem read-write.
+	BindWritable
+	// BindDevice allows access to devices (special files) on this filesystem.
+	BindDevice
+	// BindEnsure attempts to create the host path if it does not exist.
+	BindEnsure
+)
+
+// FilterPreset specifies parts of the syscall filter preset to enable.
+type FilterPreset int
+
+const (
+	// PresetExt are project-specific extensions.
+	PresetExt FilterPreset = 1 << iota
+	// PresetDenyNS denies namespace setup syscalls.
+	PresetDenyNS
+	// PresetDenyTTY denies faking input.
+	PresetDenyTTY
+	// PresetDenyDevel denies development-related syscalls.
+	PresetDenyDevel
+	// PresetLinux32 sets PER_LINUX32.
+	PresetLinux32
+
+	// PresetStrict is a strict preset useful as a default value.
+	PresetStrict = PresetExt | PresetDenyNS | PresetDenyTTY | PresetDenyDevel
+)