[$] No hardware memory isolation for BPF programs
Date:
Wed, 25 Feb 2026 15:27:45 +0000
Description:
On February12, Yeoreum Yun posted a suggestion for an improvement to the security of the kernel's BPF implementation: use memory protection keys to prevent unauthorized access to memory by BPF
programs.
Yun wanted to put the topic on the list for discussion at the Linux
Storage, Filesystem, Memory Management, and BPF Summit in May, but the
lack of engagement makes that unlikely. They also have a patch set implementing
some of the proposed changes, but has not yet shared that with the mailing list.
Yun's proposal does not seem likely to be accepted in its
current form, but the kernel has added hardware-based hardening options in the past, sometimes after substantial discussion.
======================================================================
Link to news story:
https://lwn.net/Articles/1059218/
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)