On Thu, Sep 24, 2020 at 3:15 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote: > I was trying to be helpful: you hadn't seen the RFC, and it was missing > the emulator piece, which I wanted to be small, so I put got it out the > door today. I didn't want you to think you needed to port the larger > emulator over, for example. There's no architecture-dependent code in the emulator. It just has to iterate through all the arch numbers. So I don't know what you are referring to by "port ... over". The logic is simple. If the emulator determines the filter must be an allow for a given arch / syscall pair, then it is "cached by bitmap". > I'm open to ideas, but I want to have a non-optional performance > improvement as the first step. :) How about "performance improvement by default"? It's not like most end users / distros would turn off something that's enabled by default when they upgrade to a new kernel. YiFei Zhu
