virt inclusion category: other bugzilla: https://gitee.com/openeuler/kernel/issues/IDC3UF ------------------------------------------------------------------------ The presence of unprivileged BPF facilitates the exploitation of hardware vulnerabilities such as Spectre-BHB. Therefore, unprivileged BPF is disabled by default. Signed-off-by: Jinqian Yang <yangjinqian1@huawei.com> --- arch/arm64/configs/openeuler_defconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/configs/openeuler_defconfig b/arch/arm64/configs/openeuler_defconfig index d4237341e76d..37925fe351db 100644 --- a/arch/arm64/configs/openeuler_defconfig +++ b/arch/arm64/configs/openeuler_defconfig @@ -85,7 +85,7 @@ CONFIG_BPF_SYSCALL=y CONFIG_BPF_JIT=y CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_BPF_JIT_DEFAULT_ON=y -# CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set +CONFIG_BPF_UNPRIV_DEFAULT_OFF=y # CONFIG_BPF_PRELOAD is not set CONFIG_BPF_LSM=y CONFIG_BPF_SCHED=y -- 2.33.0