Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2174490ybv; Fri, 21 Feb 2020 10:17:19 -0800 (PST) X-Google-Smtp-Source: APXvYqztcikKTxXfqlZEjlAgBv9wiI3NUQpBaI4KUt9OTpmi1XLQYZuL6kPxDGIn7a5T9sv/iRWu X-Received: by 2002:a05:6830:1317:: with SMTP id p23mr29461225otq.3.1582309039116; Fri, 21 Feb 2020 10:17:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582309039; cv=none; d=google.com; s=arc-20160816; b=aHP8yscFIM+K9WJxItNuptVXWW7046JZyNQ3qiPnH3F7P4lFOUxBTjKQ4Px1b9G0Fa IK01xzY5DAIsfm+uV8ly7qnVwV5Ni6XVFQOT2gZfqofJTmkOCzyvNxn6a41GGLBTiQic lPz3j7vZcPH4TuPTqCqTHdLkLyXtwvuyy1p0iqPr8jdNOUjO9HvfyTBUK+UTGBiCNVe4 10fHC+ddO2PtZ6/dpS+MwU6iresDD16sTLQj0zxf4nNz9cmJwzKKlGGyP5AEmB+zlNop 8WujPx+YNqgIm4u24xzPQ4Xc/+UWoQ35kV/IgORutVMgTjY+bgtfS0k6xSY6yajjmhi6 IrUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=tZ7KA7/qc6JWjaoZ7ZYZrjtVugrAAp7uE9zc2TuZ9So=; b=Uryu3MFMO9Qe3yROQKYj8PjLK8ayqKe3utw3XHByfKam8swqDem4NTft3Grc8TrkGP coLJrmgZL2c20nICq9cLIDZ2etbaoXpjIA6PGLuexS5AaftdFpqkxPllsR/jo7Tut3+S hXWJHsIXFoBrHqPBjLNS7iHJFCSBPmsokN0T31Vged3xw+RXGJUscr5dfyxK6n7Dc0R8 ckUKfizMDgoPjN1Nexlw3hEK0rN4CuROrn/a+jqnApEpJUwmvGuJazih09e20G10E7dN xaHcAZczqaoCKxTy/C0kHlGlCVXURApLvyJHC2UNXPjBHQ86AcnARP2oSlk4p7StXNsq 2dLg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l17si1701771otq.59.2020.02.21.10.17.05; Fri, 21 Feb 2020 10:17:19 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728441AbgBUSQ3 (ORCPT + 99 others); Fri, 21 Feb 2020 13:16:29 -0500 Received: from 15.mo1.mail-out.ovh.net ([188.165.38.232]:33316 "EHLO 15.mo1.mail-out.ovh.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725947AbgBUSQ3 (ORCPT ); Fri, 21 Feb 2020 13:16:29 -0500 Received: from player791.ha.ovh.net (unknown [10.110.171.125]) by mo1.mail-out.ovh.net (Postfix) with ESMTP id 68AD11B24DC for ; Fri, 21 Feb 2020 17:58:19 +0100 (CET) Received: from sk2.org (82-65-25-201.subs.proxad.net [82.65.25.201]) (Authenticated sender: steve@sk2.org) by player791.ha.ovh.net (Postfix) with ESMTPSA id 473BFF972430; Fri, 21 Feb 2020 16:58:08 +0000 (UTC) From: Stephen Kitt To: Jonathan Corbet , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , bpf@vger.kernel.org, linux-doc@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Stephen Kitt Subject: [PATCH] docs: sysctl/kernel: document BPF entries Date: Fri, 21 Feb 2020 17:58:01 +0100 Message-Id: <20200221165801.32687-1-steve@sk2.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Ovh-Tracer-Id: 876794555126336901 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedrkeeggdelhecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvffufffkofgggfestdekredtredttdenucfhrhhomhepufhtvghphhgvnhcumfhithhtuceoshhtvghvvgesshhkvddrohhrgheqnecukfhppedtrddtrddtrddtpdekvddrieehrddvhedrvddtudenucevlhhushhtvghrufhiiigvpedunecurfgrrhgrmhepmhhouggvpehsmhhtphdqohhuthdphhgvlhhopehplhgrhigvrhejledurdhhrgdrohhvhhdrnhgvthdpihhnvghtpedtrddtrddtrddtpdhmrghilhhfrhhomhepshhtvghvvgesshhkvddrohhrghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrgh Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Based on the implementation in kernel/bpf/syscall.c, kernel/bpf/trampoline.c, include/linux/filter.h, and the documentation in bpftool-prog.rst. Signed-off-by: Stephen Kitt --- Documentation/admin-guide/sysctl/kernel.rst | 24 +++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst index 1c48ab4bfe30..89c70ea7de7c 100644 --- a/Documentation/admin-guide/sysctl/kernel.rst +++ b/Documentation/admin-guide/sysctl/kernel.rst @@ -102,6 +102,20 @@ See the ``type_of_loader`` and ``ext_loader_ver`` fields in :doc:`/x86/boot` for additional information. +bpf_stats_enabled +================= + +Controls whether the kernel should collect statistics on BPF programs +(total time spent running, number of times run...). Enabling +statistics causes a slight reduction in performance on each program +run. The statistics can be seen using ``bpftool``. + += =================================== +0 Don't collect statistics (default). +1 Collect statistics. += =================================== + + cap_last_cap ============ @@ -1152,6 +1166,16 @@ NMI switch that most IA32 servers have fires unknown NMI up, for example. If a system hangs up, try pressing the NMI switch. +unprivileged_bpf_disabled +========================= + +Writing 1 to this entry will disabled unprivileged calls to ``bpf()``; +once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` will return +``-EPERM``. + +Once set, this can't be cleared. + + watchdog ======== -- 2.20.1