On Wed, 13 Oct 2021 at 20:56, Jakub Sitnicki <jakub@xxxxxxxxxxxxxx> wrote: > > On Tue, Oct 12, 2021 at 03:59 PM CEST, Lorenz Bauer wrote: > > Some more cleanups around bpf_jit_limit to make it readable via sysctl. > > > > Jakub raised the point that a sysctl toggle is UAPI and therefore > > can't be easily changed later on. I tried to find another place to stick > > the info, but couldn't find a good one. All the current BPF knobs are in > > sysctl. > > > > There are examples of read only sysctls: > > $ sudo find /proc/sys -perm 0444 | wc -l > > 90 > > > > There are no examples of sysctls with mode 0400 however: > > $ sudo find /proc/sys -perm 0400 | wc -l > > 0 > > > > Thoughts? > > I threw this idea out there during LPC already, that it would be cool to > use BPF iterators for that. Pinned/preloaded iterators were made for > dumping kernel data on demand after all. > > What is missing is a BPF iterator type that would run the program just > once (there is just one thing to print), and a BPF helper to lookup > symbol's address. > > I thought this would require a bit of work, but actually getting a PoC > (see below) to work was rather pleasntly straightforward. > > Perhaps a bit of a hack but I'd consider it as an alternative. I spoke to Jakub, I won't have time to work on this myself. So I'll drop this patch from the series and send a v3 with just the fixes to bpf_jit_limit. -- Lorenz Bauer | Systems Engineer 6th Floor, County Hall/The Riverside Building, SE1 7PB, UK www.cloudflare.com
