[$] Taming the BPF superpowers

Work toward the signing of BPF programs hasbeen finding its way into recent mainline kernel releases; it is intendedto improve security by limiting the BPF programs that can be successfullyloaded into the kernel. As John Fastabend described in his "Watchingthe super powers" session at the 2021 Linux Plumbers Conference,this new feature has the potential to completely break his tools. Butrather than just complain, he decided to investigate solutions; the resultis an outline for an auditing mechanism that brings greater flexibility tothe problem of controlling which programs can be run.