webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-05 03:18:00 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b119887b50675121a30d889fdbfc6c342e068c5a
bpfire/config/etc/sysctl-x86_64.conf
Peter Müller 45022af1b8 sysctl.conf: Turn on BPF JIT hardening, if the JIT is enabled 
The second version of this patch splits this up into different
architecture-specific sysctl config files, as i586 does not support BPF
JIT, hence the net.core.bpf_jit_harden does not exist on that
architecture.

Fixes: #12384

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2021-04-10 13:16:28 +00:00

7 lines
171 B
Plaintext
Raw Blame History

# Improve KASLR effectiveness for mmap
vm.mmap_rnd_bits = 32
vm.mmap_rnd_compat_bits = 16
# Turn on BPF JIT hardening, if the JIT is enabled.
net.core.bpf_jit_harden = 2
Reference in New Issue View Git Blame Copy Permalink