Subj : [$] Possible paths for signing BPF programs
To   : All
From : LWN.net
Date : Tue Aug 12 2025 17:45:07

[$] Possible paths for signing BPF programs

Date:
Tue, 12 Aug 2025 16:31:20 +0000

Description:
BPF programs are loaded directly into the kernel.
Even though the verifier protects the kernel from certain kinds of
misbehavior in BPF programs, some people are still justifiably concerned about
adding unsigned code to their kernel. A fully correct BPF program can still be
used to expose sensitive data, for example.
To remedy this, Blaise Boscaccy and KP Singh
have both shared patch sets that add ways to verify cryptographic
signatures of BPF programs, allowing users to configure their kernels to load
only pre-approved BPF programs. This work follows on from the discussion at 
the
Linux Storage, Filesystem, Memory-Management, and BPF Summit (LSFMM+BPF)
in April and Boscaccy's earlier proposal of a Linux Security Module (LSM) to 
accomplish the same goal.
There are
still some fundamental disagreements over the best approach to signing BPF
programs, however.

======================================================================
Link to news story:
https://lwn.net/Articles/1031854/


--- Mystic BBS v1.12 A49 (Linux/64)
 * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)

.