Gregory's Server@jhaar @mjg59 @jfmezei True, though I do think mjg’s point still stands since the crash there was really as a result of bugs in Red Hat’s backported kernel code for BPF handling, and not because of CrowdStrike’s actual BPF code.
It’s just extremely unfortunate timing for people making the “eBPF would solve this” argument that this BPF handling bug surfaced recently and of all things it was CrowdStrike that managed to trigger it. :blobcatfacepalm:
@alexhaydock Longer term Crowdstrike is probably doing eBPF a favor: giving it a strong workout - discovering bugs/etc. In fact, the same thing happened after Apple stopped allowing kext modules in MacOS. Crowdstrike flipped over to use the new Mac telemetry APIs and hit bugs there too, ...and then Apple fixed them.