Worked on security hardening and kernel compatibility within the netdata/libbpf repository, focusing on enforcing Memfd Noexec Seal during memory file descriptor creation. Implemented the MFD_NOEXEC_SEAL flag in C to prevent execution from in-memory regions, addressing both security risks and kernel warnings. Developed a robust fallback mechanism for older kernels lacking support for this flag, ensuring broad compatibility without introducing instability. The work demonstrated expertise in kernel development and system programming, delivering a targeted feature with minimal risk and code complexity. This approach maintained the library’s reliability while enhancing its security posture across a wide range of Linux kernel versions.