https://lwn.net/Articles/857228/ This is a special feed containing comments posted to the individual LWN article titled "eBPF seccomp() filters". en-us Sat, 18 Oct 2025 18:37:16 +0000 Sat, 18 Oct 2025 18:37:16 +0000 https://www.rssboard.org/rss-specification lwn@lwn.net https://lwn.net/Articles/858207/ https://lwn.net/Articles/858207/ davecb <div class="FormattedComment"> Hmmn, instead of doing an updater (old to new), I wonder if one could simply reject all the dangerous bits, and allow authors to use the newer notation so long as they avoided a particular feature-set?<br> <p> That assumes, of course, that you can tell dangerous from safe syntactically.<br> </div> Thu, 03 Jun 2021 18:21:09 +0000 https://lwn.net/Articles/857944/ https://lwn.net/Articles/857944/ jpsamaroo <div class="FormattedComment"> Minor nitpick:<br> <p> <font class="QuotedText">&gt; Those filter programs, though, run on the &quot;classic&quot; BPF virtual machine</font><br> <p> They actually run on the eBPF virtual machine (see latest update from Kees Cook on the bpf ML); the cBPF programs are just transformed into eBPF programs internally.<br> </div> Wed, 02 Jun 2021 14:22:30 +0000 https://lwn.net/Articles/857775/ https://lwn.net/Articles/857775/ post-factum <div class="FormattedComment"> cgroupv1^WeBPF was a nice proof-of-concept, welcome cgroupv2^WeBPFv2.<br> </div> Tue, 01 Jun 2021 09:49:48 +0000