bpfloader - add writeProcSysFile failure mode comment

as discovered on some sunfish 4.14 kernels Note that CONFIG_BPF_JIT=y is required for 4.14-r, but sunfish was 4.14-q and thus missed VINTF enforcement of this (it was enabled for b1c1[blueline/crosshatch]/bonito & floral[flame/coral]). Bug: 262115216 Test: N/A, comment only Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: If6ee9f7f9e449526602fd0e5cffd49f132e681a2
2022-12-12 00:15:53 +00:00 · 2022-12-12 00:15:53 +00:00 · 052cda1973
commit 052cda1973
parent b909fed62a
1 changed files with 4 additions and 0 deletions
--- a/bpfloader/BpfLoader.cpp
+++ b/bpfloader/BpfLoader.cpp
@ -264,9 +264,13 @@ int main(int argc, char** argv) {

    // Enable the eBPF JIT -- but do note that on 64-bit kernels it is likely
    // already force enabled by the kernel config option BPF_JIT_ALWAYS_ON
+    // (Note: this (open) will fail with ENOENT 'No such file or directory' if
+    //  kernel does not have CONFIG_BPF_JIT=y)
    if (writeProcSysFile("/proc/sys/net/core/bpf_jit_enable", "1\n")) return 1;

    // Enable JIT kallsyms export for privileged users only
+    // (Note: this (open) will fail with ENOENT 'No such file or directory' if
+    //  kernel does not have CONFIG_HAVE_EBPF_JIT=y)
    if (writeProcSysFile("/proc/sys/net/core/bpf_jit_kallsyms", "1\n")) return 1;

    // This is ugly... but this allows InProcessTethering which runs as system_server,