Alexei Starovoitov <alexei.starovoi...@gmail.com> writes: > History repeats itself. > 1. the problem is hard. > 2. you're only interested in addressing your own use case. > There is no end-to-end design here and no attempt to > think it through how it will work for others. >
Well, I suppose anything worth doing is going to be hard :) The end-to-end design for this is the same end-to-end design that exists for signing kernel modules today. We envisioned it working for others the same way module signing works for others. > Hacking into bpf internal objects like maps is not acceptable. We've heard your concerns about kern_sys_bpf and we agree that the LSM should not be calling it. The proposal in this email should meet both of our needs https://lore.kernel.org/bpf/874iypjl8t....@microsoft.com/ -blaise
