On 14/07/2021 17:02, Michael wrote:
However, I'm no dev so I have no idea what the potential for BPF harming Linux security might be. Other more knowledgeable M/L contributors may chime in to explain better.
The main thing I know is that the verifier enforces "forward progress". If it can't *prove* that the BPF program will terminate, it fails verification and is blocked, so it can't be used for a "denial of service" attack.
Cheers, Wol
