On Tue, Jun 02, 2020 at 11:03:31AM -0400, Paul Moore wrote: > Perhaps others will clarify, but from my reading of this thread there > is a performance advantage to be gained by limiting the number of > seccomp filters installed for a given process. Generally speaking, yes, though obviously the size and layout of a single filter (i.e. is it a balanced tree?) will still impact the overhead. -- Kees Cook
