[LTP] [PATCH 1/1] bpf_prog0[5-7]: Run with kernel.unprivileged_bpf_disabled = 0
Cyril Hrubis
chrubis@suse.cz
Fri Aug 19 13:00:40 CEST 2022
Hi!
> I.e. 1 or 2 kernel.unprivileged_bpf_disabled results bpf() returning EPERM for
> *all* users including root. 0 allows running again for all users, but we need
> root to set it 0 via .save_restore:
>
> tst_sys_conf.c:106: TBROK: Failed to open FILE '/proc/sys/kernel/unprivileged_bpf_disabled' for writing: EACCES (13)
>
> Maybe we could change tst_sys_conf_save() not to write the value if value can be
> read and is the same (and not run tst_sys_conf_restore() if value was the same).
That would be a good idea either way.
The unprivileged_bpf_disabled is more complicated that this though. It's
a three state as:
0 - enabled
1 - disabled and can't be enabled
2 - disabled and can be enabled
So either we add special handling for 'cannot be changed' value to
save_restore or we have to move that code to the test setup and check
it manually.
> That way we would not need to require root if value is the same.
>
> But it'd be nice to have some tag saying: maybe root is needed, depend on sysfs
> value...
I wouldn't overly complicate the situation and just require root here.
--
Cyril Hrubis
chrubis@suse.cz
More information about the ltp
mailing list