Re: [RFC 00/11] Reintroduce Hornet LSM

Next message: Alexandre Courbot: "Re: [PATCH v3 3/3] rust: Add SoC Driver Sample"
Previous message: Allan Wang: "[PATCH] linux-firmware: update firmware for MT7925 WiFi device"
Next in thread: Blaise Boscaccy: "Re: [RFC 00/11] Reintroduce Hornet LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Paul Moore

Date: Tue Dec 16 2025 - 21:28:12 EST

On Mon, Dec 15, 2025 at 12:26 PM ryan foster <foster.ryan.r@xxxxxxxxx> wrote:
>
> Hi all,
>
> I want to confirm I understand the current semantics, and specific issues this series is addressing.

I don't want to speak for Blaise (or James for that matter), but my
understanding is that Hornet is focused on ensuring BPF program
integrity at load time; similar to KP's signature scheme which has
recently found its way into Linus tree. Where KP's and Blaise's
scheme differ is in how they perform the integrity checks.

--
paul-moore.com