On Fri, Aug 25, 2017 at 10:07:27PM +0200, Daniel Borkmann wrote: > On 08/25/2017 09:52 PM, Chenbo Feng wrote: > > On Fri, Aug 25, 2017 at 12:45 PM, Jeffrey Vander Stoep <jeffv@xxxxxxxxxx> wrote: > > > On Fri, Aug 25, 2017 at 12:26 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > > > > On Fri, 2017-08-25 at 11:01 -0700, Jeffrey Vander Stoep via Selinux > > > > wrote: > > > > > I’d like to get your thoughts on adding LSM permission checks on BPF > > > > > objects. before reinventing the wheel please take a look at landlock work. Everything that was discussed in this thread is covered by it. The patches have been in development for more than a year and most of the early issues have been resolved. It will be presented again during security summit in LA in September.
