[$] Sending packets directly from BPF
Date:
Tue, 14 Jul 2026 13:16:52 +0000
Description:
Tetragon , the BPF-based security monitoring tool,
uses BPF to monitor different aspects of a running kernel and
enforce user-specified policies. It sends its data to a user-space process, which forwards the data to a central monitoring service elsewhere in the network, however. This
presents a point of vulnerability: if an attacker can kill Tetragon's user-space
agent, it won't be able to properly report on the situation. Song Liu, Mah Tardy, and Liam Wiseheart spoke about their work removing the need for the user-space agent at the 2026 Linux Storage, Filesystem, Memory-Management, and BPF Summit .
======================================================================
Link to news story:
https://lwn.net/Articles/1081696/
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)