docs: sysctl/kernel: document BPF entries
Based on the implementation in kernel/bpf/syscall.c, kernel/bpf/trampoline.c, include/linux/filter.h, and the documentation in bpftool-prog.rst. Signed-off-by: Stephen Kitt <steve@sk2.org> Link: https://lore.kernel.org/r/20200315122648.20558-1-steve@sk2.org Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit is contained in:
parent
3f11de39c4
commit
5d8e5aee0e
@ -102,6 +102,20 @@ See the ``type_of_loader`` and ``ext_loader_ver`` fields in
|
||||
:doc:`/x86/boot` for additional information.
|
||||
|
||||
|
||||
bpf_stats_enabled
|
||||
=================
|
||||
|
||||
Controls whether the kernel should collect statistics on BPF programs
|
||||
(total time spent running, number of times run...). Enabling
|
||||
statistics causes a slight reduction in performance on each program
|
||||
run. The statistics can be seen using ``bpftool``.
|
||||
|
||||
= ===================================
|
||||
0 Don't collect statistics (default).
|
||||
1 Collect statistics.
|
||||
= ===================================
|
||||
|
||||
|
||||
cap_last_cap
|
||||
============
|
||||
|
||||
@ -1178,6 +1192,16 @@ NMI switch that most IA32 servers have fires unknown NMI up, for
|
||||
example. If a system hangs up, try pressing the NMI switch.
|
||||
|
||||
|
||||
unprivileged_bpf_disabled
|
||||
=========================
|
||||
|
||||
Writing 1 to this entry will disable unprivileged calls to ``bpf()``;
|
||||
once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` will return
|
||||
``-EPERM``.
|
||||
|
||||
Once set, this can't be cleared.
|
||||
|
||||
|
||||
watchdog
|
||||
========
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user