Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp2695197ybh; Mon, 9 Mar 2020 11:05:11 -0700 (PDT) X-Google-Smtp-Source: ADFU+vsFQ4/91IXg+OiMSK0F8q+hE6Pkp8BnfRAFoEUf0PCutll/66mNMsh1Od41y16lzMAg8PIR X-Received: by 2002:aca:120e:: with SMTP id 14mr25754ois.135.1583777111338; Mon, 09 Mar 2020 11:05:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1583777111; cv=none; d=google.com; s=arc-20160816; b=rTcG5hSR/+Zh3Q8x/vwi17L+Vh/vhgYaA/z6eNlnn4HR6WX9QtiDMOj2cUg4iD6mBx R4cocnTLHyOF4qQMs/j/s9CLHqwdJhrXdwdwByMBrrz6dqkYzAPAMqSOE0yESQn32Mel 4iaQUWx2pDb+2qzMwM49lYd2qH7uHqCxqruztrQ5xMIZz3o0wXRMeF34XRDm0z33mJQ4 14mss58TaGHpP6SiOA7krSzQu8DAdv2QHm5G2FLfoH6zQkDU7JJpI1e6HF+7+QjDC//p diygi9cnMlF/0n/u1nUgVNUq3H6FRiYW/L8DfjuR1XwpmtYIoEe7Yl25vrSssInJsaKq Zx8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=U3rR4Cnkk3YC5EWcR7Buq2wep4QNhvn3W9GDLhbzYwg=; b=mfFDxMvul9vwvfCX9LI6bt0shBatBqNlGfKit5PnTwYp0GivPyEnt+kEIZf6DUO80H wnQ8zdnNJeSUEwfxaDbsg1KQF/pX+xefFmQ39m9SLTv8CF1X2TazemCloV309aWIyvKj B7Wu/4Bw+G0xNmiudWOyBSoPPCSfN5NZHG+JYBEpwHlZl6m2K5W+Ifyk7/yYgq8t8RYK HlErqpkX4SOZ2qutHrgg7KdYnVE4z2UI+ETANYOSVAqdKSnD5jNI17ba4UVG7H7BPeuf omcZRnto3aPp/mvpt1ljAgSRv+DAVSEbt/jjmzk1cfAxSjzoVouq7ZrP2bZG+sZtw5LQ HQnQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j2si1045914oii.195.2020.03.09.11.04.56; Mon, 09 Mar 2020 11:05:11 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727263AbgCISEa (ORCPT + 99 others); Mon, 9 Mar 2020 14:04:30 -0400 Received: from 1.mo6.mail-out.ovh.net ([46.105.56.136]:45623 "EHLO 1.mo6.mail-out.ovh.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726169AbgCISEa (ORCPT ); Mon, 9 Mar 2020 14:04:30 -0400 Received: from player690.ha.ovh.net (unknown [10.110.103.180]) by mo6.mail-out.ovh.net (Postfix) with ESMTP id 10C661FE5B7 for ; Mon, 9 Mar 2020 19:04:28 +0100 (CET) Received: from sk2.org (82-65-25-201.subs.proxad.net [82.65.25.201]) (Authenticated sender: steve@sk2.org) by player690.ha.ovh.net (Postfix) with ESMTPSA id 5FC20101AF5E1; Mon, 9 Mar 2020 18:04:16 +0000 (UTC) From: Stephen Kitt To: Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , bpf@vger.kernel.org Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, Stephen Kitt Subject: [PATCH v2] docs: sysctl/kernel: document BPF entries Date: Mon, 9 Mar 2020 19:03:50 +0100 Message-Id: <20200309180350.21075-1-steve@sk2.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Ovh-Tracer-Id: 9596044907779345695 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedruddukedguddtkecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvffufffkofgggfestdekredtredttdenucfhrhhomhepufhtvghphhgvnhcumfhithhtuceoshhtvghvvgesshhkvddrohhrgheqnecukfhppedtrddtrddtrddtpdekvddrieehrddvhedrvddtudenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhhouggvpehsmhhtphdqohhuthdphhgvlhhopehplhgrhigvrheiledtrdhhrgdrohhvhhdrnhgvthdpihhnvghtpedtrddtrddtrddtpdhmrghilhhfrhhomhepshhtvghvvgesshhkvddrohhrghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrgh Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Based on the implementation in kernel/bpf/syscall.c, kernel/bpf/trampoline.c, include/linux/filter.h, and the documentation in bpftool-prog.rst. The section style doesn't match the surrounding sections; it matches the style of the reworked kernel.rst queued up in docs-next. Signed-off-by: Stephen Kitt --- Notes: Changes since v1: - rebased on bpf-next instead of docs-next. Documentation/admin-guide/sysctl/kernel.rst | 24 +++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst index def074807cee..eea7afd509ac 100644 --- a/Documentation/admin-guide/sysctl/kernel.rst +++ b/Documentation/admin-guide/sysctl/kernel.rst @@ -174,6 +174,20 @@ See the type_of_loader and ext_loader_ver fields in Documentation/x86/boot.rst for additional information. +bpf_stats_enabled +================= + +Controls whether the kernel should collect statistics on BPF programs +(total time spent running, number of times run...). Enabling +statistics causes a slight reduction in performance on each program +run. The statistics can be seen using ``bpftool``. + += =================================== +0 Don't collect statistics (default). +1 Collect statistics. += =================================== + + cap_last_cap: ============= @@ -1123,6 +1137,16 @@ NMI switch that most IA32 servers have fires unknown NMI up, for example. If a system hangs up, try pressing the NMI switch. +unprivileged_bpf_disabled +========================= + +Writing 1 to this entry will disabled unprivileged calls to ``bpf()``; +once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` will return +``-EPERM``. + +Once set, this can't be cleared. + + watchdog: ========= base-commit: 3e7c67d90e3ed2f34fce42699f11b150dd1d3999 -- 2.20.1