While messing with the JIT, it's useful to have it turned off by default; since systemd runs some bpf on startup, if we break the JIT we'll end up not being able to boot.
note: CONFIG_BPF_JIT_DEFAULT_ON is automatically selected by ARCH_WANT_DEFAULT_BPF_JIT and cannot be selected as part of a defconfig, hence the approach here.
Once booted, turn on the JIT via:
echo "2" > /proc/sys/net/core/bpf_jit_enable
Signed-off-by: Zachary Leaf zachary.leaf@arm.com --- kernel/bpf/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index fe254ae035fe..93b7dd22236c 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -555,7 +555,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp)
#ifdef CONFIG_BPF_JIT /* All BPF JIT sysctl knobs here. */ -int bpf_jit_enable __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_DEFAULT_ON); +int bpf_jit_enable __read_mostly = 0; int bpf_jit_kallsyms __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_DEFAULT_ON); int bpf_jit_harden __read_mostly; long bpf_jit_limit __read_mostly;