The recording of my talk at #lsfmmbpf is now online: https://youtu.be/9p4qviq60z8 I talk about a proof of concept which explores how we could make #ebpf safer without having to rely on signing BPF itself. Uses kfuncs, BPF LSM, #fsverity and IMA under the hood.
Cool introduction to ebpfguard and writing Linux security policies in Rust. It's using #eBPF#LSM and https://aya-rs.dev. but without necessity to use them directly - ebpfguard is an abstraction layer built on top of them.
shows 1990s websites side by side web 2.0, gmail, etc
"While the internet has become increasingly dynamic, with the apps we use everyday now living in the browser, the #linux kernel has in some sense remained in the 90s, with little options for dynamic interaction. #eBPF aims to change that."
and like that, I lost all interest in eBPF, and have even become its enemy.