[PATCH bpf-next 00/13] Signed BPF + IPE Policies
Blaise Boscaccy
bboscaccy at linux.microsoft.com
Sat May 23 15:43:09 UTC 2026
Paul Moore <paul at paul-moore.com> writes:
> On May 23, 2026 7:40:42 AM Paul Moore <paul at paul-moore.com> wrote:
>> On May 23, 2026 3:40:46 AM Alexei Starovoitov
>> <alexei.starovoitov at gmail.com> wrote:
>>>
>>> sashiko spotted it too.
>>> All other sashiko bugs were ignored as well.
>>
>> Link? I didn't see any feedback from sashiko feedback on list and to the
>> best of my knowledge it hasn't been enabled for LSM patches.
>
> https://sashiko.dev/#/patchset/20260507191416.2984054-1-bboscaccy%40linux.microsoft.com
>
> Blaise, I know you've got another patch coming soon - please take a look at
> the link above and see if there is anything else that needs to be addressed.
>
Yeah, it found a few things I corrected. It's hooked into the bpf list,
not the lsm list currently. With all melodrama and bravado aside, The
TOCTOU issue it found wasn't the actual attack vector and it completely
missed the real one that Eric found. It seems to be lacking the
multi-step reasoning that vuln researchers actually use.
Most of it looked like AI slop, and I'm not too keen on providing more
free training material for AI folks to run inference on, so I didn't
respond directly to the bot spam emails.
Sashiko seems to take major issue with the existing user keyring
verification too *shrug*.
I'll take a second look when I'm back home next week and see if there is
anything real leftover after this patchset.
-blaise
> --
> paul-moore.com
More information about the Linux-security-module-archive
mailing list