From: Matteo Croce <teknoraver@meta.com>
Date: Thu, 24 Jul 2025 12:43:23 +0000 (+0200)
Subject: NEWS: document BPF delegate options
X-Git-Tag: v258-rc2~97
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=afef98ecf84ee1a94a16710a99ecc6498556ad26;p=thirdparty%2Fsystemd.git

NEWS: document BPF delegate options

Document the new BPF delegate options, AKA BPF tokens.
---

diff --git a/NEWS b/NEWS
index c35d38c99b1..8286a3a5bbe 100644
--- a/NEWS
+++ b/NEWS
@@ -366,6 +366,12 @@ CHANGES WITH 258 in spe:
         * A new PrivateBPF= switch has been added for unit files, which may be
           used to mount a private bpffs instance for the unit's processes.
 
+        * Four new options added to mount the bpffs with the delegate options:
+          BPFDelegateCommands= BPFDelegateMaps=
+          BPFDelegatePrograms= BPFDelegateAttachments=
+          These allow an unprivileged container to use some BPF functionalities.
+          See also https://lwn.net/Articles/947173/
+
         * New user manager services systemd-nspawn@.service and
           systemd-vmspawn@.service and a machines.target unit to manage them
           have been added.