On Wed, Jun 11, 2025 at 3:18 PM James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote: > > On Wed, 2025-06-11 at 14:33 +0200, KP Singh wrote: > > [...] > > I have read and understood the code, there is no technical > > misalignment. > > > > I am talking about a trusted user space loader. You seem to confuse > > the trusted BPF loader program as userspace, no this is not > > userspace, it runs in the kernel context. > > So your criticism isn't that it doesn't cover your use case from the > signature point of view but that it didn't include a loader for it? > > The linked patch was a sketch of how to verify signatures not a full It was a non functional sketch that did not address much of the feedback that was given, that's not how collaboration works. > implementation. The pieces like what the loader looks like and which > keyring gets used are implementation details which can be filled in > later by combining the patch series with review and discussion. It's > not a requirement that one person codes everyone's use case before they > get theirs in, it's usually a collaborative effort ... I mean, why Yeah, it's surely a collaborative effort, but the collaboration has been aggressive and tied to a specific implementation (at least from some folks). Rather than working with the feedback received it has been accusational of mandating and forcing. If the intent is to really collaborate, let's land this base implementation and discuss further. I am not willing to add additional stuff into this base implementation. > would you want Microsoft coding up the loader? If they don't have a > use case for it they don't have much incentive to test it thoroughly > whereas you do. It seems that your incentives are purely aligned with Microsoft and not that of the BPF community at large (this is also visible from the patches and the engagement). FWIW, There is no urgency for my employer to have signed BPF programs, yet I am working on this purely to help you and the community. - KP > > Regards, > > James >
