Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1551324ybh; Sun, 15 Mar 2020 05:37:36 -0700 (PDT) X-Google-Smtp-Source: ADFU+vuVfRVF9RPVyQsuhtsJhnSI2pkeIReVhTmp1sQk5Dml7k91Oa9Aj63vaRJJBRe1uaLd8l2u X-Received: by 2002:aca:ecd0:: with SMTP id k199mr14151716oih.60.1584275856078; Sun, 15 Mar 2020 05:37:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584275856; cv=none; d=google.com; s=arc-20160816; b=v9zpddKWoF6jlQO//JaCVQ8ssFopVoyCsxwdda2z8MKM/BUTESJZLcbU0VFHqrdHAS kAs0A7njFLy2P6HUIzAkLPr21lpTo3rAVZ2MnLmOu2xbCZ+NI/bjzw3ehGpOkMElQg7Z MrmF2Qv0g8ReweVMwr617tsdE99m3w2Vk+jEFpSoRqyTRatsRXkkQ33Z+RNTKeYYDIAh lPS2qmTejlmJMAew6sSJI1tyx+03hqY6SARjZu1ZH9tMM3oJjvYzRhbhBWzyFFTaJmOq uRofZoZTXLK29Ao9z5fHvqiLR1U1DmRejmbTtWty6V4PrwlLEAl8+ews0GtMDicBO5Yy Ry0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=T8RB5OW8omoLueYiSUlVIxYcZIdvzxnoa2utg6gTzsE=; b=Fgb7wtZlwTWv3CXUt+Kjh6DF18yMlg35tbPi8mJgY5TVw5fsAsaIImVgHX8mssnj3f AcWYEwTjL+XSnh8m0I2H2uM/1eRAvXzQzehGBk/8EHCI6fSHz5jwP5F2/rhUlY1Z/Nxs t5xDUxv3WmLyFEmPPauC+f5jxjgU5yVaGCiDI3UbHHaamOU5Jrvy1DPBoqWgaaw3R5Vh 74EvACf2sNxzyGBnelmninqkz6grcU01i/hTQetseYsICUNZZQgBgH09hd/06DwefNDz KnMIWw5XX/H6OlVFVZAHVCdX4LtADWm3dBEdI+TKFXsEBHhtVhjY+h7kuvWsyvOBN6W5 Xa8A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 88si8537652otv.12.2020.03.15.05.37.21; Sun, 15 Mar 2020 05:37:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728504AbgCOMg1 (ORCPT + 99 others); Sun, 15 Mar 2020 08:36:27 -0400 Received: from 10.mo69.mail-out.ovh.net ([46.105.73.241]:52412 "EHLO 10.mo69.mail-out.ovh.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728467AbgCOMg1 (ORCPT ); Sun, 15 Mar 2020 08:36:27 -0400 Received: from player692.ha.ovh.net (unknown [10.110.103.168]) by mo69.mail-out.ovh.net (Postfix) with ESMTP id 06B1184580 for ; Sun, 15 Mar 2020 13:27:09 +0100 (CET) Received: from sk2.org (82-65-25-201.subs.proxad.net [82.65.25.201]) (Authenticated sender: steve@sk2.org) by player692.ha.ovh.net (Postfix) with ESMTPSA id 2285A104E0990; Sun, 15 Mar 2020 12:26:53 +0000 (UTC) From: Stephen Kitt To: Jonathan Corbet , Alexei Starovoitov , Daniel Borkmann , Martin KaFai Lau , Song Liu , Yonghong Song , Andrii Nakryiko , linux-doc@vger.kernel.org Cc: bpf@vger.kernel.org, linux-kernel@vger.kernel.org, Stephen Kitt Subject: [PATCH v4] docs: sysctl/kernel: document BPF entries Date: Sun, 15 Mar 2020 13:26:48 +0100 Message-Id: <20200315122648.20558-1-steve@sk2.org> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Ovh-Tracer-Id: 2241948192757337477 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedrudeftddgudehjecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvffufffkofgggfestdekredtredttdenucfhrhhomhepufhtvghphhgvnhcumfhithhtuceoshhtvghvvgesshhkvddrohhrgheqnecukfhppedtrddtrddtrddtpdekvddrieehrddvhedrvddtudenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhhouggvpehsmhhtphdqohhuthdphhgvlhhopehplhgrhigvrheiledvrdhhrgdrohhvhhdrnhgvthdpihhnvghtpedtrddtrddtrddtpdhmrghilhhfrhhomhepshhtvghvvgesshhkvddrohhrghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrgh Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Based on the implementation in kernel/bpf/syscall.c, kernel/bpf/trampoline.c, include/linux/filter.h, and the documentation in bpftool-prog.rst. Signed-off-by: Stephen Kitt --- Notes: This patch is intended for docs-next, but I'd appreciate reviews from BPF developers. Changes since v3: - moved back to docs-next. Changes since v2: - fixed "will disabled" typo. Changes since v1: - rebased on bpf-next instead of docs-next. Documentation/admin-guide/sysctl/kernel.rst | 24 +++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst index 335696d3360d..88c51c0a5ce6 100644 --- a/Documentation/admin-guide/sysctl/kernel.rst +++ b/Documentation/admin-guide/sysctl/kernel.rst @@ -102,6 +102,20 @@ See the ``type_of_loader`` and ``ext_loader_ver`` fields in :doc:`/x86/boot` for additional information. +bpf_stats_enabled +================= + +Controls whether the kernel should collect statistics on BPF programs +(total time spent running, number of times run...). Enabling +statistics causes a slight reduction in performance on each program +run. The statistics can be seen using ``bpftool``. + += =================================== +0 Don't collect statistics (default). +1 Collect statistics. += =================================== + + cap_last_cap ============ @@ -1166,6 +1180,16 @@ NMI switch that most IA32 servers have fires unknown NMI up, for example. If a system hangs up, try pressing the NMI switch. +unprivileged_bpf_disabled +========================= + +Writing 1 to this entry will disable unprivileged calls to ``bpf()``; +once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` will return +``-EPERM``. + +Once set, this can't be cleared. + + watchdog ======== base-commit: 7d3d3254adaa61cba896f71497f56901deb618e5 -- 2.20.1