helper/seccomp: do not call F_println if not verbose

This (slightly) improves performance.

Signed-off-by: Ophestra <cat@gensokyo.uk>

helper/seccomp/seccomp.go

@@ -28,6 +28,7 @@ var resErr = [...]error{
 type SyscallOpts = C.f_syscall_opts
 
 const (
+	flagVerbose   SyscallOpts = C.F_VERBOSE
 	FlagExt       SyscallOpts = C.F_EXT
 	FlagDenyNS    SyscallOpts = C.F_DENY_NS
 	FlagDenyTTY   SyscallOpts = C.F_DENY_TTY
@@ -64,6 +65,12 @@ func exportFilter(fd uintptr, opts SyscallOpts) error {
 		multiarch = C.SCMP_ARCH_ARM
 	}
 
+	// this removes repeated transitions between C and Go execution
+	// when producing log output via F_println and CPrintln is nil
+	if CPrintln != nil {
+		opts |= flagVerbose
+	}
+
 	res, err := C.f_export_bpf(C.int(fd), arch, multiarch, opts)
 	if re := resErr[res]; re != nil {
 		if err == nil {