Post Syndicated from original https://lwn.net/Articles/910873/

All memory accesses in a BPF program are
statically checked for safety using the
verifier, which analyzes the program in its
entirety before allowing it to run. While this allows BPF programs to
safely run in kernel space, it restricts how that program is able to use
pointers. Until recently, one such constraint was that the size of a memory
region referenced by a pointer in a BPF program must be statically known
when a BPF program is loaded. A recent
patch set by Joanne Koong enhances BPF to support loading programs with
pointers to dynamically sized memory regions.