Open vadorovsky opened 2 years ago
https://lore.kernel.org/bpf/20220328181644.1748789-1-sdf@google.com/
There is a kernel patchset which allows to attach BPF LSM programs to cgroups.
If I understand it correctly, that would allow us to get rid of "container monitoring" logic.
https://lore.kernel.org/bpf/20220328181644.1748789-1-sdf@google.com/
There is a kernel patchset which allows to attach BPF LSM programs to cgroups.
If I understand it correctly, that would allow us to get rid of "container monitoring" logic.