bpfloader.rc: set /proc/sys/kernel/unprivileged_bpf_disabled to 0 Needed to not have to carry https://android-review.googlesource.com/c/kernel/common/+/1886896 for 5.16-rc1+ kernels We set this before the bpfloader even executes so it will always be ready before anyone has a chance to use it. Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I418a534d6550c5b57286e261e6988d2debdf237f

commit: fa03239a811490fdd479fecf35bfad7f0adba406 [log] [tgz]
author: Maciej Żenczykowski <maze@google.com> Wed Nov 10 17:06:14 2021 -0800
committer: Maciej Żenczykowski <maze@google.com> Thu Nov 11 01:53:39 2021 +0000
tree: 1fc10b18c767cacb728e38aba8d5545df8f2304f
parent: 25c028576d83a068aae724c21b2b1abb368d2fec [diff]
diff --git a/bpfloader/bpfloader.rc b/bpfloader/bpfloader.rc
index 3c56c43..53219f4 100644
--- a/bpfloader/bpfloader.rc
+++ b/bpfloader/bpfloader.rc

@@ -15,6 +15,9 @@
 # considered to have booted successfully.
 #
 on load_bpf_programs
+    # Linux 5.16-rc1 has changed the default to 2 (disabled but changeable),
+    # but we need 0
+    write /proc/sys/kernel/unprivileged_bpf_disabled 0
     # Enable the eBPF JIT -- but do note that on 64-bit kernels it is likely
     # already force enabled by the kernel config option BPF_JIT_ALWAYS_ON
     write /proc/sys/net/core/bpf_jit_enable 1
commit	fa03239a811490fdd479fecf35bfad7f0adba406	[log] [tgz]
author	Maciej Żenczykowski <maze@google.com>	Wed Nov 10 17:06:14 2021 -0800
committer	Maciej Żenczykowski <maze@google.com>	Thu Nov 11 01:53:39 2021 +0000
tree	1fc10b18c767cacb728e38aba8d5545df8f2304f
parent	25c028576d83a068aae724c21b2b1abb368d2fec [diff]