caseyweederman

  • 5 Posts
  • 2.39K Comments
Joined 2 years ago
cake
Cake day: August 30th, 2023

help-circle




  • I took it as a parallel to that comic with the flag on the wall, the roommate says “so are you gay or something” but it’s a French flag or something.

    Haha. I went to look for it and got this Evangelion edit:

    Asuka hanging a flag on her wall. Her roommate says “So, are you like, gay or something?”
    Asuka says “What?”
    Her roommate says “What pride flag is that?”
    The angle shifts to view Asuka with a disappointed expression, and we see that the flag she hung up was the German flag.









  • Ah yes, the “extended Berkeley Packet Filter”.
    Wikipedia:

    eBPF is a technology that can run programs in a privileged context such as the operating system kernel.

    Phoronix:

    Hornet uses a similar signature verification scheme similar to that of kernel modules. A pkcs#7 signature is appended to the end of an executable file. During an invocation of bpf_prog_load, the signature is fetched from the current task’s executable file. That signature is used to verify the integrity of the bpf instructions and maps which where passed into the kernel. Additionally, Hornet implicitly trusts any programs which where loaded from inside kernel rather than userspace, which allows BPF_PRELOAD programs along with outputs for BPF_SYSCALL programs to run.

    So this is to make kernel-level instructions from userspace (something that’s already happening) more secure.

    The thread linked by the OP is Jarkko Sakkinen (kernel maintainer) seemingly saying “show your work, your patch is full of nonsense” in a patch submitted for review to the Linux kernel.
    Edit: the OP has edited the link, it used to point to this comment in the mailing list chain.