From 197c1120a9f9f9a38548e4341d12b404fe72fde9 Mon Sep 17 00:00:00 2001
From: madaidan <50278627+madaidan@users.noreply.github.com>
Date: Sun, 5 May 2019 14:35:42 +0000
Subject: [PATCH] Create harden_bpf.conf

---
 etc/sysctl.d/harden_bpf.conf | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 etc/sysctl.d/harden_bpf.conf

diff --git a/etc/sysctl.d/harden_bpf.conf b/etc/sysctl.d/harden_bpf.conf
new file mode 100644
index 0000000..a039bfd
--- /dev/null
+++ b/etc/sysctl.d/harden_bpf.conf
@@ -0,0 +1,3 @@
+# Hardens the BPF JIT compiler and restricts it to root.
+kernel.unprivileged_bpf_disabled=1
+net.core.bpf_jit_harden=2