Security with eBPF

How eBPF enforces policy and observes behavior without kernel patches.

Seccomp

Restrict system calls with flexible logic beyond static tables.

Linux Security Module (LSM)

Insert custom access control checks through BPF without writing a module.

Landlock

User space sandboxing where apps define their own file access rules.

bpf_send_signal

Helper that can raise signals in misbehaving tasks from inside BPF code.

Tetragon

CNCF project using eBPF to monitor and enforce runtime security policies.

Bpfilter

A work-in-progress kernel module that translates iptables and nftables rules into eBPF bytecode so the firewall runs through the BPF verifier instead of legacy netfilter tables.