memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set

Goal

make the kernel warning/message go away and stay secure & compatible with upstream kernel

Technical details

API change, described at: https://lwn.net/Articles/918106/

Additional information

i'm using pve-qemu-kvm 8.1.2-6 on 6.5.11-7-pve kernel