Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

config: enable CONFIG_BPF_SYSCALL and CONFIG_CGROUP_BPF #2454

Merged
merged 1 commit into from
Feb 1, 2018
Merged

config: enable CONFIG_BPF_SYSCALL and CONFIG_CGROUP_BPF #2454

merged 1 commit into from
Feb 1, 2018

Conversation

HiassofT
Copy link
Member

CGROUP_BPF is needed by systemd firewalling. Enabling the
option removes the systemd warning ("Proceeding WITHOUT
firewalling in effect!") during boot.

Note: only tested on RPi2 so far

@HiassofT
config: enable CONFIG_BPF_SYSCALL and CONFIG_CGROUP_BPF
9ee2140 
CGROUP_BPF is needed by systemd firewalling. Enabling the
option removes the systemd warning ("Proceeding WITHOUT
firewalling in effect!") during boot.

Signed-off-by: Matthias Reichl <hias@horus.com>
@MilhouseVH
Copy link
Contributor

Fyi: systemd/systemd#7188, fixed in 236 (and 237 released yesterday).

Unless we need the systemd firewall would it be better to accept the one-off log noise?

@HiassofT
Copy link
Member Author

That systemd issue is where I got the CGROUP_BPF hint from (we tried BPF_SYSCALL=y without success before - as another user in the issue thread).

I'm not sure if we want or need the systemd firewall, but as systemd wants the firewall - IPAddressDeny is in 6 service files - IMHO it's better to make it happy and just enable the option.

BTW: We'll still get the warning on Amlogic devices as their kernel is too old and doesn't support BPF_SYSCALL

@HiassofT
Copy link
Member Author

HiassofT commented Feb 1, 2018

RPi and RPi2 Milhouse builds work fine with this, feel free to merge

@MilhouseVH MilhouseVH merged commit 60c8c40 into LibreELEC:master Feb 1, 2018
@HiassofT HiassofT deleted the le9-cgroup-bpf branch May 1, 2018 09:32
@HiassofT HiassofT mentioned this pull request Mar 7, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MilhouseVH MilhouseVH MilhouseVH approved these changes

Assignees
No one assigned
Labels
BUGFIX LE 9.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@HiassofT @MilhouseVH