On Fri, Oct 20, 2017 at 09:08:48AM +0100, David Howells wrote: > Hi Joey, > > Should I just lock down sys_bpf() entirely for now? We can always free it up > somewhat later. > > David
OK~~ Please just remove my patch until we find out a way to verify bpf code or protect sensitive data in memory. I think that we don't need to lock down sys_bpf() now because we didn't lock down other interfaces for reading arbitrary address like /dev/mem and /dev/kmem. Thanks a lot! Joey Lee
