Refactor seccomp syscall-list machinery + guard notify/deny overlap

[congwang-mk]

Summary

Three focused, behavior-preserving refactors to the seccomp syscall-list machinery in sandlock-core, plus one defensive correctness guard.

Commits

1. core: move syscall name mapping out of context — relocates syscall_name_to_nr from context.rs into a new seccomp/syscall_names.rs module (it belongs next to the seccomp code, not in context). Callers in sandbox.rs and the FFI are updated to the new path; the in-module import is a plain use (no public re-export).

2. seccomp: guard against notify/deny list overlap — assemble_filter now returns InvalidInput if any syscall appears on both the notification and the deny lists. The BPF layout evaluates notif JEQs before deny JEQs, so an overlapping syscall would RET_USER_NOTIF and silently bypass the kernel-level deny. Failing loud at assembly time prevents that misconfiguration. Also consolidates the duplicated SYS_FACCESSAT2 = 439 constant (previously copied in chroot/dispatch.rs and cow/dispatch.rs) into a single arch::SYS_FACCESSAT2 (439 is the unified syscall number across x86_64/aarch64/riscv64).

3. core: refactor notification syscall list builder — replaces the hand-rolled Vec<u32> + scattered as u32 casts in notif_syscalls with a small SyscallList helper and named per-feature const groups. No change to which syscalls land on the notif list; finish() does the same sort_unstable + dedup as before.

Testing

• cargo check -p sandlock-core clean.
• cargo test -p sandlock-core --lib → 309 passed, 0 failed.
• The notif_syscalls rewrite was diffed group-by-group against the previous inline lists to confirm the set of intercepted syscalls is unchanged (security-critical: a dropped syscall would mean a silent virtualization bypass or broken deny).