From a80c06cf02012da1ef869231f158300f5807c6ea Mon Sep 17 00:00:00 2001
From: Matteo Croce <teknoraver@meta.com>
Date: Thu, 5 Jun 2025 10:00:05 +0200
Subject: [PATCH] nspawn: create mountpoint for bpffs

When we mount a tmpfs as /sys, create a mountpoint for bpf, as we
already do for cgroup
---
 src/nspawn/nspawn-mount.c | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
index 2c538562721..be1c01caf9f 100644
--- a/src/nspawn/nspawn-mount.c
+++ b/src/nspawn/nspawn-mount.c
@@ -509,12 +509,14 @@ int mount_sysfs(const char *dest, MountSettingsMask mount_settings) {
         if (rmdir(full) < 0)
                 return log_error_errno(errno, "Failed to remove %s: %m", full);
 
-        /* Create mountpoint for cgroups. Otherwise we are not allowed since we remount /sys/ read-only. */
-        _cleanup_free_ char *x = path_join(top, "/fs/cgroup");
-        if (!x)
-                return log_oom();
+        /* Create mountpoints. Otherwise we are not allowed since we remount /sys/ read-only. */
+        FOREACH_STRING(p, "/fs/cgroup", "/fs/bpf") {
+                _cleanup_free_ char *x = path_join(top, p);
+                if (!x)
+                        return log_oom();
 
-        (void) mkdir_p(x, 0755);
+                (void) mkdir_p(x, 0755);
+        }
 
         return mount_nofollow_verbose(LOG_ERR, NULL, top, NULL,
                                       MS_BIND|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT|extra_flags, NULL);
-- 
2.47.3