bpf.2: Minor tweaks to Richard Palethorpe's patch

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2020-04-17 11:49:30 +02:00 · 2020-04-17 11:49:30 +02:00 · 35732aa7a0
parent 821bf91cf6
commit 35732aa7a0
1 changed files with 6 additions and 4 deletions
--- a/man2/bpf.2
+++ b/man2/bpf.2
@ -1124,10 +1124,13 @@ Prior to Linux 4.4, all
 .BR bpf ()
 commands require the caller to have the
 .B CAP_SYS_ADMIN
-capability. From 4.4 onwards an unprivileged user may create limited
-programs of type
+capability.
+From Linux 4.4 onwards,
+.\" commit 1be7f75d1668d6296b80bf35dcf6762393530afc
+an unprivileged user may create limited programs of type
 .BR BPF_PROG_TYPE_SOCKET_FILTER
-and associated maps. However they may not store kernel pointers within
+and associated maps.
+However they may not store kernel pointers within
 the maps and are presently limited to the following helper functions:
 .IP * 3
 get_random
@ -1142,7 +1145,6 @@ ktime_get_ns
 .PP
 Unprivileged access may be blocked by setting the sysctl
 .IR /proc/sys/kernel/unprivileged_bpf_disabled .
-.\" commit 1be7f75d1668d6296b80bf35dcf6762393530afc
 .PP
 eBPF objects (maps and programs) can be shared between processes.
 For example, after