On August 17, 2019 5:08:45 PM GMT+02:00, Alexei Starovoitov <alexei.starovoi...@gmail.com> wrote: >On Sat, Aug 17, 2019 at 12:22:53AM +0200, Christian Brauner wrote: >> >> (The one usecase I'd care about is to extend seccomp to do >pointer-based >> syscall filtering. Whether or not that'd require (unprivileged) ebpf >is >> up for discussion at KSummit.) > >Kees have been always against using ebpf in seccomp. I believe he still >holds this opinion. Until he changes his mind let's stop bringing >seccomp >as a use case for unpriv bpf.
That's why I said "whether or not". For the record, I do prefer a non-unpriv-ebpf way. It's still something that will most surely come up in the discussion though.
