|
|
|
|
|
|
by lcvw
1096 days ago
|
|
|
1. Using eBPF requires root 2. The verifier checks memory bounds access, guarantees termination in a certain number of instructions, and restricts function calls to a limited number of helper functions provided by the kernel. 3. BPF code runs on a vm, think like the jvm. It’s impossible to express a lot of nasty stuff given the restrictive bytecode language. There have been bugs in the verifier, but overall it works very well, the biggest issue being that it drastically limits the complexity of your program. |
|
|
Unprivileged eBPF has been around for a long time.