From 77169ed09bb088d9b931a42788c3cbfda9078a92 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 16 Jun 2020 11:42:16 +0200
Subject: [PATCH] update TODO

---
 TODO | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/TODO b/TODO
index da248ff296..860e86f5af 100644
--- a/TODO
+++ b/TODO
@@ -62,6 +62,14 @@ Features:
 * pid1: also remove PID files of a service when the service starts, not just
   when it exits
 
+* seccomp: when SystemCallArchitectures=native is set then don't install any
+  other seccomp filters for any of the other archs, in order to reduce the
+  number of seccomp filters we install needlessly.
+
+* seccomp: maybe use seccomp_merge() to merge our filters per-arch if we can.
+  Apparently kernel performance is much better with fewer larger seccomp
+  filters than with more smaller seccomp filters.
+
 * systemd-path: add ESP and XBOOTLDR path. Add "private" runtime/state/cache dir enum,
   mapping to $RUNTIME_DIRECTORY, $STATE_DIRECTORY and such