Fix sysctl_unprivileged_bpf_disabled sysctl
There's recent change [1] that adds new config option and sets
unprivileged_bpf_disabled to 2 if the option is enabled
(CONFIG_BPF_UNPRIV_DEFAULT_OFF).
The current RHEL specific behaviour is to set unprivileged_bpf_disabled
to 1 by default and add boot command line argument to enable
unpriv bpf.
The config option is enabled in previous patch, adding the taint
for proc/sysctl unprivileged_bpf_disabled setup.
# sysctl kernel.unprivileged_bpf_disabled
kernel.unprivileged_bpf_disabled = 2
# cat /proc/sys/kernel/tainted
0
# sysctl kernel.unprivileged_bpf_disabled=0
[ 45.751085] Unprivileged BPF has been enabled, tainting the kernel
kernel.unprivileged_bpf_disabled = 0
# sysctl kernel.unprivileged_bpf_disabled=1
kernel.unprivileged_bpf_disabled = 1
# sysctl kernel.unprivileged_bpf_disabled=0
sysctl: setting key "kernel.unprivileged_bpf_disabled": Operation not permitted
# sysctl kernel.unprivileged_bpf_disabled=2
sysctl: setting key "kernel.unprivileged_bpf_disabled": Operation not permitted
# cat /proc/sys/kernel/tainted
2147483648
[1] 08389d888287 ("bpf: Add kconfig knob for disabling unpriv bpf by default")
[2] 607f0e89af7e ("bpf: set unprivileged_bpf_disabled to 1 by default, add a boot parameter")
Fixes: 607f0e89af7e ("bpf: set unprivileged_bpf_disabled to 1 by default, add a boot parameter")
Signed-off-by: Jiri Olsa <jolsa@redhat.com>
Signed-off-by: Jiri Olsa jolsa@redhat.com