Hi, glad to know it worked. There is some heuristics behind the default bpf_jit_limit [1], it isn't a simple hardcoded value. We may discuss bumping the default in Ubuntu, but I don't think that's a good idea: the in-kernel heuristics has certainly been well thought, and just bumping the number is likely to have other unintended consequences.
My take here is: your setup needs tuning, and that's what those config knobs are for. Note that it's better to add a config file under /etc/sysctl.d rather than modifying the default /etc/sysctl.conf. Let me know if this makes sense for you. I'm leaving this bug marked Incomplete for now. [1] https://github.com/torvalds/linux/blob/8efd0d9c316af470377894a6a0f9ff63ce18c177/kernel/bpf/core.c#L826 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libseccomp in Ubuntu. https://bugs.launchpad.net/bugs/1956954 Title: Can't load seccomp filter Status in libseccomp package in Ubuntu: Incomplete Bug description: After migrating from Ubuntu 20 amd64 to aarch64 I started experiencing "can't load seccomp filter" when doing `apt update && apt upgrade` and "Kernel refuses to turn on BPF filters" when using Puppeteer. I wrote about it more extensively here: https://stackoverflow.com/questions/69892137/after-a-few-days-i-can- no-longer-start-puppeteer-until-i-restart-the-server lsb_release -rd --------------- Description: Ubuntu 20.04.3 LTS Release: 20.04 apt-cache policy seccomp --------------- seccomp: Installed: (none) Candidate: 2.5.1-1ubuntu1~20.04.2 Version table: 2.5.1-1ubuntu1~20.04.2 500 500 http://us-east-1.ec2.ports.ubuntu.com/ubuntu-ports focal-updates/main arm64 Packages 500 http://ports.ubuntu.com/ubuntu-ports focal-security/main arm64 Packages 2.4.3-1ubuntu1 500 500 http://us-east-1.ec2.ports.ubuntu.com/ubuntu-ports focal/main arm64 Packages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1956954/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
