[$] Code signing for BPF programs
The Linux kernel can be configured so that
kernel modules must be signed or
otherwise authenticated to be loaded
into the kernel. Some BPF developers want that to be an option for BPF programs
as well — after all, if those are going to run as part of the kernel,
they should be subject to the same code-signing requirements. Blaise Boscaccy
and Cong Wang presented two different visions for how BPF code signing could
work at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit.