[LTP] [PATCH 1/1] bpf_prog0[5-7]: Run with kernel.unprivileged_bpf_disabled = 0

[Cyril Hrubis]

Hi!
> I.e. 1 or 2 kernel.unprivileged_bpf_disabled results bpf() returning EPERM for
> *all* users including root. 0 allows running again for all users, but we need
> root to set it 0 via .save_restore:
> 
> tst_sys_conf.c:106: TBROK: Failed to open FILE '/proc/sys/kernel/unprivileged_bpf_disabled' for writing: EACCES (13)
> 
> Maybe we could change tst_sys_conf_save() not to write the value if value can be
> read and is the same (and not run tst_sys_conf_restore() if value was the same).

That would be a good idea either way.

The unprivileged_bpf_disabled is more complicated that this though. It's
a three state as:

0 - enabled
1 - disabled and can't be enabled
2 - disabled and can be enabled

So either we add special handling for 'cannot be changed' value to
save_restore or we have to move that code to the test setup and check
it manually.

> That way we would not need to require root if value is the same.
> 
> But it'd be nice to have some tag saying: maybe root is needed, depend on sysfs
> value...

I wouldn't overly complicate the situation and just require root here.

-- 
Cyril Hrubis
chrubis@suse.cz