ClumsyPilot

This looks very similar to webassembly work going on right now, both use a secure VM, and both run in kernel space.

Would webassembly be a more general purpose way of accomplishing something like this?

TickleSteve

A BPF interpreter can literally be ~100 LoC. A WebAssembly VM on the other hand will likely be ~1million LoC (without checking).

One is suitable for embedding into a kernel, the other isn't.

sanxiyn
Where did you get ~1million number? https://github.com/bytecodealliance/wasm-micro-runtime is less than 100K LoC for example.