Hello everyone, Are there any plans on extending the cgroup program types to include more probe types (or possibly allow restricting any probe type to a specific cgroup)? For a use case example, this will allow attaching programs to the "docker" cgroup and thus tracing events from containers only (or even enforcing eBPF LSM on docker containers only). Another use case that I can think of is shared cloud infrastructure - attaching eBPF probes in those environments is risky from the security point of view since one cannot restrict tracing to its own resources only (containers, etc.). Allowing restricting bpf probes to a cgroup may allow creating a cgroup for each user's resources and allowing it to attach programs to its cgroup only. Thanks, Gilad Reti
