Speakers
Description
BPF LSM enables implementing flexible security policies without rebuilding the kernel. However, the flexibility and safety of BPF LSM comes with the limitation that not all kernel functions are available to the BPF programs. The answer to this limitation is BPF kfuncs. Since LPC 2024, a few important kfuncs are added (or being added) for BPF LSM use cases. [1][2][3]
In this talk, we would like to discuss proposals to add more kfuncs for BPF LSM. We will start with some real world use cases, and discuss how to implement the policies properly with BPF LSM and kfuncs.
[1] https://lore.kernel.org/bpf/20231129234417.856536-1-song@kernel.org/
[2] https://lore.kernel.org/bpf/20240730230805.42205-1-song@kernel.org/
[3] https://lore.kernel.org/bpf/20240731110833.1834742-1-mattbobrowski@google.com/