From the mailing list I’m reading that kernel maintainers have heard a few companies looking for something like this, so yes?
Edit:
However, to be clear, the Hornet LSM proposed here seems very reasonable to me and I would have no conceptual objections to merging it upstream. Based on off-list discussions I believe there is a lot of demand for something like this, and I believe many people will be happy to have BPF signature verification in-tree.
Is anyone having security issues without this patch?
From the mailing list I’m reading that kernel maintainers have heard a few companies looking for something like this, so yes?
Edit: