mirror of https://github.com/mkerrisk/man-pages
bpf.2: Kernel 4.15 added CONFIG_BPF_JIT_ALWAYS_ON
This causes the JIT compiler to be always on and forces bpf_jit_enable to 1. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
036b0619f7
commit
5a29959a67
14
man2/bpf.2
14
man2/bpf.2
|
@ -1152,7 +1152,8 @@ files in the kernel source tree.
|
|||
.PP
|
||||
The kernel contains a just-in-time (JIT) compiler that translates
|
||||
eBPF bytecode into native machine code for better performance.
|
||||
The JIT compiler is disabled by default,
|
||||
In kernels before Linux 4.15,
|
||||
the JIT compiler is disabled by default,
|
||||
but its operation can be controlled by writing one of the
|
||||
following integer strings to the file
|
||||
.IR /proc/sys/net/core/bpf_jit_enable :
|
||||
|
@ -1167,6 +1168,17 @@ These opcodes can then be disassembled using the program
|
|||
.IR tools/net/bpf_jit_disasm.c
|
||||
provided in the kernel source tree.
|
||||
.PP
|
||||
Since Linux 4.15,
|
||||
.\" commit 290af86629b25ffd1ed6232c4e9107da031705cb
|
||||
the kernel may configured with the
|
||||
.B CONFIG_BPF_JIT_ALWAYS_ON
|
||||
option.
|
||||
In this case, the JIT compiler is always enabled, and the
|
||||
.I bpf_jit_enable
|
||||
is initialized to 1 and is immutable.
|
||||
(This kernel configuration option was provided as a mitigation for
|
||||
one of the Spectre attacks against the BPF interpreter.)
|
||||
.PP
|
||||
JIT compiler for eBPF is currently available for the x86-64, arm64,
|
||||
and s390 architectures.
|
||||
.SH SEE ALSO
|
||||
|
|
Loading…
Reference in New Issue