seccomp: add futex_wait syscall (kernel v6.7, libseccomp v2.5.5)

Add this syscall to match the profile in containerd

containerd: https://github.com/containerd/containerd/commit/a6e52c74fa043a63d7dae4ac6998215f6c1bb6ac
libseccomp: https://github.com/seccomp/libseccomp/commit/53267af3fb56eed93a50b8ef92f41825c97a7813
kernel: https://github.com/torvalds/linux/commit/cb8c4312afca1b2dc64107e7e7cea81911055612

    futex: Add sys_futex_wait()

    To complement sys_futex_waitv()/wake(), add sys_futex_wait(). This
    syscall implements what was previously known as FUTEX_WAIT_BITSET
    except it uses 'unsigned long' for the value and bitmask arguments,
    takes timespec and clockid_t arguments for the absolute timeout and
    uses FUTEX2 flags.

    The 'unsigned long' allows FUTEX2_SIZE_U64 on 64bit platforms.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 10d344d176aad1d98900e9c41524a05dc20d8d5b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

profiles/seccomp/default.json

@@ -134,6 +134,7 @@
 				"futex",
 				"futex_requeue",
 				"futex_time64",
+				"futex_wait",
 				"futex_waitv",
 				"futimesat",
 				"getcpu",

profiles/seccomp/default_linux.go

@@ -126,6 +126,7 @@ func DefaultProfile() *Seccomp {
 					"futex",
 					"futex_requeue", // kernel v6.7, libseccomp v2.5.5
 					"futex_time64",
+					"futex_wait", // kernel v6.7, libseccomp v2.5.5
 					"futex_waitv",
 					"futimesat",
 					"getcpu",