[PATCH v2 13/13] selftests/bpf: Add test for signed programs

Tue Jul 29 02:30:31 UTC 2025

On Mon, Jul 21, 2025 at 2:20 PM KP Singh <kpsingh at kernel.org> wrote:
> +
> +SEC("fexit/bpf_prog_verify_signature")
> +int BPF_PROG(bpf_sign, struct bpf_prog *prog, union bpf_attr *attr, bool is_kernel, int ret)

I don't understand why it needs to peek into the kernel to
verify that it goes well. The exposed uapi should be good enough.
If the signature was specified and it is loaded fine we're good.
Double checking the kernel decisions goes too far.
Especially since this function can be inlined by the compiler.