On Tue, Jun 16, 2020 at 12:49 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote: > > The seccomp constant action bitmap filter evaluation routine depends > on being able to quickly clear the PTE "accessed" bit for a temporary > allocation. Provide access to the existing CPU-local kernel memory TLB > flushing routines. Can you write a better justification? Also, unless I'm just incompetent this morning, I can't find anyone calling this in the series. _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
