On Sat, Aug 17, 2019 at 05:16:53PM +0200, Christian Brauner wrote: > On August 17, 2019 5:08:45 PM GMT+02:00, Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote: > >On Sat, Aug 17, 2019 at 12:22:53AM +0200, Christian Brauner wrote: > >> > >> (The one usecase I'd care about is to extend seccomp to do > >pointer-based > >> syscall filtering. Whether or not that'd require (unprivileged) ebpf > >is > >> up for discussion at KSummit.) > > > >Kees have been always against using ebpf in seccomp. I believe he still > >holds this opinion. Until he changes his mind let's stop bringing > >seccomp > >as a use case for unpriv bpf. > > That's why I said "whether or not". > For the record, I do prefer a non-unpriv-ebpf way. > It's still something that will most surely come up in the discussion though. It's very un-kernely way to defer to in-person meetings. If there is anything to discuss please discuss it on the public mailing list.
