Commit 5d8e5aee authored by Stephen Kitt's avatar Stephen Kitt Committed by Jonathan Corbet
Browse files

docs: sysctl/kernel: document BPF entries 



Based on the implementation in kernel/bpf/syscall.c,
kernel/bpf/trampoline.c, include/linux/filter.h, and the documentation
in bpftool-prog.rst.

Signed-off-by: default avatarStephen Kitt <steve@sk2.org>
Link: https://lore.kernel.org/r/20200315122648.20558-1-steve@sk2.org


Signed-off-by: default avatarJonathan Corbet <corbet@lwn.net>
parent 3f11de39

Documentation/admin-guide/sysctl/kernel.rst

+24 −0
Original line number Diff line number Diff line
@@ -102,6 +102,20 @@ See the ``type_of_loader`` and ``ext_loader_ver`` fields in 
:doc:`/x86/boot` for additional information.





bpf_stats_enabled

=================



Controls whether the kernel should collect statistics on BPF programs

(total time spent running, number of times run...). Enabling

statistics causes a slight reduction in performance on each program

run. The statistics can be seen using ``bpftool``.



= ===================================

0 Don't collect statistics (default).

1 Collect statistics.

= ===================================





cap_last_cap

============
@@ -1178,6 +1192,16 @@ NMI switch that most IA32 servers have fires unknown NMI up, for 
example.  If a system hangs up, try pressing the NMI switch.





unprivileged_bpf_disabled

=========================



Writing 1 to this entry will disable unprivileged calls to ``bpf()``;

once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` will return

``-EPERM``.



Once set, this can't be cleared.





watchdog

========