On Fri, Mar 21, 2025 at 09:45:02AM -0700, Blaise Boscaccy wrote: > This patch series introduces the Hornet LSM. > > Hornet takes a simple approach to light-skeleton-based eBPF signature Can you define "light-skeleton-based" before using the term. This is the first time in my life when I hear about it. > verification. Signature data can be easily generated for the binary s/easily// Useless word having no measure. > data that is generated via bpftool gen -L. This signature can be I have no idea what that command does. "Signature data can be generated for the binary data as follows: bpftool gen -L <explanation>" Here you'd need to answer to couple of unknowns: 1. What is in exact terms "signature data"? 2. What does "bpftool gen -L" do? This feedback maps to other examples too in the cover letter. BR, Jarkko
