[$] Reconsidering unprivileged BPF

The BPF virtual machine within the kernel has seen a great deal of workover the last few years; as that has happened, its use has expanded to manydifferent kernel subsystems. One of the objectives of that work in thepast has been to make it safe to allow unprivileged users to load at least some types ofBPF programs into the kernel. A recent discussion has made it clear,though, that the goal of opening up BPF to unprivileged users has beenabandoned as unachievable, and that further work in that direction will notbe accepted by the BPF maintainer.