On Tue, Mar 26, 2024 at 09:47:36AM -0700, Darrick J. Wong wrote: > There's not much reason. Now that memfd_create has existed for a decade > and the other flags for even longer, I'll drop all these configure > checks. The only really new and at the same time important/new one is MFD_NOEXEC_SEAL. That's why I'd love to just defined it if it isn't defined so that any recent kernel (including disto backports) gets the flag and we avoid having executable memory as much as possible.
