MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
bpf
Search

[$] BPF signing LSM hook change rejected

Monday October 27, 2025. 07:46 PM , from LWN.net
BPF lets users load programs into a running kernel.
Even though BPF programs are checked by the verifier to
ensure that they stay inside certain limits, some users would still like to ensure
that only approved BPF programs are loaded. KP Singh's

patches adding that capability to the kernel were accepted
in version 6.18, but not everyone is
satisfied with his implementation. Blaise Boscaccy, who has been working to get
a version of BPF code signing with better auditability
into the kernel for some time, posted

a patch set on top of Singh's changes that alters the loading process to
not invoke security module hooks
until the entire loading process is complete.
The discussion on the patch
set is the continuation of a

long-running disagreement over
the interface for signed BPF programs.
Read more at LWN.net
https://lwn.net/Articles/1042625/

Related News

bpf IBM Cloud stops signing and seeking new customers for its VMware service TheRegisterOct 28
programs New Report Finds Efforts to Slow Climate Change Are Working—Just Not Fast Enough Wired: Tech.Oct 22
kernel Should We Edit Nature to Help It Survive Climate Change? SlashdotOct 20
signing Supreme Court denies Alex Jones' appeal against $1.4bn verdict in Sandy Hook defamation case BoingBoingOct 14
some [$] Debian Technical Committee overrides systemd change LWN.netOct 13
process Google Search Could Change Forever in the UK Wired: Tech.Oct 10
are Microsoft urged to change deadline for end of Windows 10 support ComputerWorldOct 2
not Meet the "grue jay," a climate-change mashup of blue and green jays BoingBoingOct 1
version Energy Dept. to employees: don't say "green," don't say "climate change," definitely don't say "clean energy" BoingBoingOct 1
ensure Climate Change Spurs Rare Hybrid Between Blue Jay and Green Jay SlashdotSep 30
set Walmart CEO Issues Wake-Up Call: 'AI Is Going to Change Literally Every Job' SlashdotSep 28
into The guy running the EPA doesn't believe in climate change BoingBoingSep 25
change Intel Says Blockbuster Nvidia Deal Doesn't Change Its Own Roadmap SlashdotSep 19
hook Cloudflare DDoSed itself with React useEffect hook blunder TheRegisterSep 18
lsm Meta’s New Smart Glasses Got a Subtle Name Change. It Speaks Volumes About What’s Wrong With Them Wired: Tech.Sep 18
bpf Toys can tell us a lot about how tech will change our lives TheRegisterSep 18
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Oct, Tue 28 - 21:59 CET