What's the reason to embed BPF programs with the kernel itself?
What's the reason to embed BPF programs with the kernel itself?
Posted Jun 12, 2024 20:18 UTC (Wed) by ringerc (subscriber, #3071)In reply to: What's the reason to embed BPF programs with the kernel itself? by Wol
Parent article: Securing BPF programs before and after verification
Right. Most of all of the endpoint "security" vendors like CrowdStrike, Vanta, SolarWinds, IBM etc seem to have very opaque and secret kernel modules that do god-knows-what to the system, for example.