|
|
|
|
|
|
by tptacek
1098 days ago
|
|
|
The track record of eBPF to date has been reasonably strong, and the threat model serious systems give to eBPF is narrow: you care a lot about the formal soundness of the verifier if you're loading untrusted code, and much less if you're never doing that. eBPF has been a pretty important victory for the Linux systems design model. The real goal of eBPF verification is to avoid kernel crashes, and for that goal, eBPF has been unreasonably successful. |
|
|