On Thu, Mar 7, 2024 at 4:55 AM Christian Brauner <brauner@xxxxxxxxxx> wrote: > > There's one fundamental question here that we'll need an official answer to: > > Is it ok for an out-of-tree BPF LSM program, that nobody has ever seen > to request access to various helpers in the kernel? Phrased in a slightly different way, and a bit more generalized: do we treat out-of-tree BPF programs the same as we do with out-of-tree kernel modules? I believe that's the real question, and if we answer that, we should also have our answer for the internal helper function question. > Because fundamentally this is what this patchset is asking to be done. > > If the ZFS out-of-tree kernel module were to send us a similar patch > series asking us for a list of 9 functions that they'd like us to export > what would the answer to that be? It would be "no" - on principle alone. > > So what is different between an out-of-tree BPF LSM program that no one > even has ever seen and an out-of-tree kernel module that one can at > least look at in Github? Why should we reject requests from the latter > but are supposed to accept requests from the former? > > If we say yes to the BPF LSM program requests we would have to say yes > to ZFS as well. -- paul-moore.com
