Revert BPF token-related functionality

This patch includes the following revert (one conflicting BPF FS patch and three token patch sets, represented by merge commits): - revert 0f5d5454c7 "Merge branch 'bpf-fs-mount-options-parsing-follow-ups'"; - revert 750e785796 "bpf: Support uid and gid when mounting bpffs"; - revert 733763285a "Merge branch 'bpf-token-support-in-libbpf-s-bpf-object'"; - revert c35919dcce "Merge branch 'bpf-token-and-bpf-fs-based-delegation'". Link: https://lore.kernel.org/bpf/CAHk-=wg7JuFYwGy=GOMbRCtOL+jwSQsdUaBsRWkDVYbxipbM5A@mail.gmail.com Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
2025-11-04 10:40:15 +02:00 · 2023-12-19 07:37:35 -08:00 · 2023-12-19 07:37:35 -08:00 · d17aff807f
commit d17aff807f
parent 2130c519a4
40 changed files with 640 additions and 2924 deletions
--- a/drivers/media/rc/bpf-lirc.c
+++ b/drivers/media/rc/bpf-lirc.c
@ -110,7 +110,7 @@ lirc_mode2_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_get_prandom_u32:
 		return &bpf_get_prandom_u32_proto;
 	case BPF_FUNC_trace_printk:
-		if (bpf_token_capable(prog->aux->token, CAP_PERFMON))
+		if (perfmon_capable())
 			return bpf_get_trace_printk_proto();
 		fallthrough;
 	default:
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@ -52,10 +52,6 @@ struct module;
 struct bpf_func_state;
 struct ftrace_ops;
 struct cgroup;
 struct bpf_token;
 struct user_namespace;
 struct super_block;
 struct inode;
 extern struct idr btf_idr;
 extern spinlock_t btf_idr_lock;
@ -1488,7 +1484,6 @@ struct bpf_prog_aux {
 #ifdef CONFIG_SECURITY
 	void *security;
 #endif
 	struct bpf_token *token;
 	struct bpf_prog_offload *offload;
 	struct btf *btf;
 	struct bpf_func_info *func_info;
@ -1613,31 +1608,6 @@ struct bpf_link_primer {
 	u32 id;
 };
 struct bpf_mount_opts {
 	kuid_t uid;
 	kgid_t gid;
 	umode_t mode;
 	/* BPF token-related delegation options */
 	u64 delegate_cmds;
 	u64 delegate_maps;
 	u64 delegate_progs;
 	u64 delegate_attachs;
 };
 struct bpf_token {
 	struct work_struct work;
 	atomic64_t refcnt;
 	struct user_namespace *userns;
 	u64 allowed_cmds;
 	u64 allowed_maps;
 	u64 allowed_progs;
 	u64 allowed_attachs;
 #ifdef CONFIG_SECURITY
 	void *security;
 #endif
 };
 struct bpf_struct_ops_value;
 struct btf_member;
@ -2097,7 +2067,6 @@ static inline void bpf_enable_instrumentation(void)
 	migrate_enable();
 }
 extern const struct super_operations bpf_super_ops;
 extern const struct file_operations bpf_map_fops;
 extern const struct file_operations bpf_prog_fops;
 extern const struct file_operations bpf_iter_fops;
@ -2232,26 +2201,24 @@ static inline void bpf_map_dec_elem_count(struct bpf_map *map)
 extern int sysctl_unprivileged_bpf_disabled;
-bool bpf_token_capable(const struct bpf_token *token, int cap);
+static inline bool bpf_allow_ptr_leaks(void)
 static inline bool bpf_allow_ptr_leaks(const struct bpf_token *token)
 {
-	return bpf_token_capable(token, CAP_PERFMON);
+	return perfmon_capable();
 }
-static inline bool bpf_allow_uninit_stack(const struct bpf_token *token)
+static inline bool bpf_allow_uninit_stack(void)
 {
-	return bpf_token_capable(token, CAP_PERFMON);
+	return perfmon_capable();
 }
-static inline bool bpf_bypass_spec_v1(const struct bpf_token *token)
+static inline bool bpf_bypass_spec_v1(void)
 {
-	return cpu_mitigations_off() || bpf_token_capable(token, CAP_PERFMON);
+	return cpu_mitigations_off() || perfmon_capable();
 }
-static inline bool bpf_bypass_spec_v4(const struct bpf_token *token)
+static inline bool bpf_bypass_spec_v4(void)
 {
-	return cpu_mitigations_off() || bpf_token_capable(token, CAP_PERFMON);
+	return cpu_mitigations_off() || perfmon_capable();
 }
 int bpf_map_new_fd(struct bpf_map *map, int flags);
@ -2268,21 +2235,8 @@ int bpf_link_new_fd(struct bpf_link *link);
 struct bpf_link *bpf_link_get_from_fd(u32 ufd);
 struct bpf_link *bpf_link_get_curr_or_next(u32 *id);
 void bpf_token_inc(struct bpf_token *token);
 void bpf_token_put(struct bpf_token *token);
 int bpf_token_create(union bpf_attr *attr);
 struct bpf_token *bpf_token_get_from_fd(u32 ufd);
 bool bpf_token_allow_cmd(const struct bpf_token *token, enum bpf_cmd cmd);
 bool bpf_token_allow_map_type(const struct bpf_token *token, enum bpf_map_type type);
 bool bpf_token_allow_prog_type(const struct bpf_token *token,
 			       enum bpf_prog_type prog_type,
 			       enum bpf_attach_type attach_type);
 int bpf_obj_pin_user(u32 ufd, int path_fd, const char __user *pathname);
 int bpf_obj_get_user(int path_fd, const char __user *pathname, int flags);
 struct inode *bpf_get_inode(struct super_block *sb, const struct inode *dir,
 			    umode_t mode);
 #define BPF_ITER_FUNC_PREFIX "bpf_iter_"
 #define DEFINE_BPF_ITER_FUNC(target, args...)			\
@ -2526,8 +2480,7 @@ const char *btf_find_decl_tag_value(const struct btf *btf, const struct btf_type
 struct bpf_prog *bpf_prog_by_id(u32 id);
 struct bpf_link *bpf_link_by_id(u32 id);
-const struct bpf_func_proto *bpf_base_func_proto(enum bpf_func_id func_id,
+const struct bpf_func_proto *bpf_base_func_proto(enum bpf_func_id func_id);
 						 const struct bpf_prog *prog);
 void bpf_task_storage_free(struct task_struct *task);
 void bpf_cgrp_storage_free(struct cgroup *cgroup);
 bool bpf_prog_has_kfunc_call(const struct bpf_prog *prog);
@ -2646,24 +2599,6 @@ static inline int bpf_obj_get_user(const char __user *pathname, int flags)
 	return -EOPNOTSUPP;
 }
 static inline bool bpf_token_capable(const struct bpf_token *token, int cap)
 {
 	return capable(cap) || (cap != CAP_SYS_ADMIN && capable(CAP_SYS_ADMIN));
 }
 static inline void bpf_token_inc(struct bpf_token *token)
 {
 }
 static inline void bpf_token_put(struct bpf_token *token)
 {
 }
 static inline struct bpf_token *bpf_token_get_from_fd(u32 ufd)
 {
 	return ERR_PTR(-EOPNOTSUPP);
 }
 static inline void __dev_flush(void)
 {
 }
@ -2787,7 +2722,7 @@ static inline int btf_struct_access(struct bpf_verifier_log *log,
 }
 static inline const struct bpf_func_proto *
-bpf_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
+bpf_base_func_proto(enum bpf_func_id func_id)
 {
 	return NULL;
 }
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@ -1139,7 +1139,7 @@ static inline bool bpf_jit_blinding_enabled(struct bpf_prog *prog)
 		return false;
 	if (!bpf_jit_harden)
 		return false;
-	if (bpf_jit_harden == 1 && bpf_token_capable(prog->aux->token, CAP_BPF))
+	if (bpf_jit_harden == 1 && bpf_capable())
 		return false;
 	return true;
--- a/include/linux/lsm_hook_defs.h
+++ b/include/linux/lsm_hook_defs.h
@ -398,17 +398,10 @@ LSM_HOOK(void, LSM_RET_VOID, audit_rule_free, void *lsmrule)
 LSM_HOOK(int, 0, bpf, int cmd, union bpf_attr *attr, unsigned int size)
 LSM_HOOK(int, 0, bpf_map, struct bpf_map *map, fmode_t fmode)
 LSM_HOOK(int, 0, bpf_prog, struct bpf_prog *prog)
-LSM_HOOK(int, 0, bpf_map_create, struct bpf_map *map, union bpf_attr *attr,
+LSM_HOOK(int, 0, bpf_map_alloc_security, struct bpf_map *map)
-	 struct bpf_token *token)
+LSM_HOOK(void, LSM_RET_VOID, bpf_map_free_security, struct bpf_map *map)
-LSM_HOOK(void, LSM_RET_VOID, bpf_map_free, struct bpf_map *map)
+LSM_HOOK(int, 0, bpf_prog_alloc_security, struct bpf_prog_aux *aux)
-LSM_HOOK(int, 0, bpf_prog_load, struct bpf_prog *prog, union bpf_attr *attr,
+LSM_HOOK(void, LSM_RET_VOID, bpf_prog_free_security, struct bpf_prog_aux *aux)
 	 struct bpf_token *token)
 LSM_HOOK(void, LSM_RET_VOID, bpf_prog_free, struct bpf_prog *prog)
 LSM_HOOK(int, 0, bpf_token_create, struct bpf_token *token, union bpf_attr *attr,
 	 struct path *path)
 LSM_HOOK(void, LSM_RET_VOID, bpf_token_free, struct bpf_token *token)
 LSM_HOOK(int, 0, bpf_token_cmd, const struct bpf_token *token, enum bpf_cmd cmd)
 LSM_HOOK(int, 0, bpf_token_capable, const struct bpf_token *token, int cap)
 #endif /* CONFIG_BPF_SYSCALL */
 LSM_HOOK(int, 0, locked_down, enum lockdown_reason what)
--- a/include/linux/security.h
+++ b/include/linux/security.h
@ -32,7 +32,6 @@
 #include <linux/string.h>
 #include <linux/mm.h>
 #include <linux/sockptr.h>
 #include <linux/bpf.h>
 struct linux_binprm;
 struct cred;
@ -2021,22 +2020,15 @@ static inline void securityfs_remove(struct dentry *dentry)
 union bpf_attr;
 struct bpf_map;
 struct bpf_prog;
-struct bpf_token;
+struct bpf_prog_aux;
 #ifdef CONFIG_SECURITY
 extern int security_bpf(int cmd, union bpf_attr *attr, unsigned int size);
 extern int security_bpf_map(struct bpf_map *map, fmode_t fmode);
 extern int security_bpf_prog(struct bpf_prog *prog);
-extern int security_bpf_map_create(struct bpf_map *map, union bpf_attr *attr,
+extern int security_bpf_map_alloc(struct bpf_map *map);
 				   struct bpf_token *token);
 extern void security_bpf_map_free(struct bpf_map *map);
-extern int security_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr,
+extern int security_bpf_prog_alloc(struct bpf_prog_aux *aux);
-				  struct bpf_token *token);
+extern void security_bpf_prog_free(struct bpf_prog_aux *aux);
 extern void security_bpf_prog_free(struct bpf_prog *prog);
 extern int security_bpf_token_create(struct bpf_token *token, union bpf_attr *attr,
 				     struct path *path);
 extern void security_bpf_token_free(struct bpf_token *token);
 extern int security_bpf_token_cmd(const struct bpf_token *token, enum bpf_cmd cmd);
 extern int security_bpf_token_capable(const struct bpf_token *token, int cap);
 #else
 static inline int security_bpf(int cmd, union bpf_attr *attr,
 					     unsigned int size)
@ -2054,8 +2046,7 @@ static inline int security_bpf_prog(struct bpf_prog *prog)
 	return 0;
 }
-static inline int security_bpf_map_create(struct bpf_map *map, union bpf_attr *attr,
+static inline int security_bpf_map_alloc(struct bpf_map *map)
 					  struct bpf_token *token)
 {
 	return 0;
 }
@ -2063,33 +2054,13 @@ static inline int security_bpf_map_create(struct bpf_map *map, union bpf_attr *a
 static inline void security_bpf_map_free(struct bpf_map *map)
 { }
-static inline int security_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr,
+static inline int security_bpf_prog_alloc(struct bpf_prog_aux *aux)
 					 struct bpf_token *token)
 {
 	return 0;
 }
-static inline void security_bpf_prog_free(struct bpf_prog *prog)
+static inline void security_bpf_prog_free(struct bpf_prog_aux *aux)
 { }
 static inline int security_bpf_token_create(struct bpf_token *token, union bpf_attr *attr,
 				     struct path *path)
 {
 	return 0;
 }
 static inline void security_bpf_token_free(struct bpf_token *token)
 { }
 static inline int security_bpf_token_cmd(const struct bpf_token *token, enum bpf_cmd cmd)
 {
 	return 0;
 }
 static inline int security_bpf_token_capable(const struct bpf_token *token, int cap)
 {
 	return 0;
 }
 #endif /* CONFIG_SECURITY */
 #endif /* CONFIG_BPF_SYSCALL */
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@ -847,36 +847,6 @@ union bpf_iter_link_info {
 *		Returns zero on success. On error, -1 is returned and *errno*
 *		is set appropriately.
 *
 * BPF_TOKEN_CREATE
 *	Description
 *		Create BPF token with embedded information about what
 *		BPF-related functionality it allows:
 *		- a set of allowed bpf() syscall commands;
 *		- a set of allowed BPF map types to be created with
 *		BPF_MAP_CREATE command, if BPF_MAP_CREATE itself is allowed;
 *		- a set of allowed BPF program types and BPF program attach
 *		types to be loaded with BPF_PROG_LOAD command, if
 *		BPF_PROG_LOAD itself is allowed.
 *
 *		BPF token is created (derived) from an instance of BPF FS,
 *		assuming it has necessary delegation mount options specified.
 *		This BPF token can be passed as an extra parameter to various
 *		bpf() syscall commands to grant BPF subsystem functionality to
 *		unprivileged processes.
 *
 *		When created, BPF token is "associated" with the owning
 *		user namespace of BPF FS instance (super block) that it was
 *		derived from, and subsequent BPF operations performed with
 *		BPF token would be performing capabilities checks (i.e.,
 *		CAP_BPF, CAP_PERFMON, CAP_NET_ADMIN, CAP_SYS_ADMIN) within
 *		that user namespace. Without BPF token, such capabilities
 *		have to be granted in init user namespace, making bpf()
 *		syscall incompatible with user namespace, for the most part.
 *
 *	Return
 *		A new file descriptor (a nonnegative integer), or -1 if an
 *		error occurred (in which case, *errno* is set appropriately).
 *
 * NOTES
 *	eBPF objects (maps and programs) can be shared between processes.
 *
@ -931,8 +901,6 @@ enum bpf_cmd {
 	BPF_ITER_CREATE,
 	BPF_LINK_DETACH,
 	BPF_PROG_BIND_MAP,
 	BPF_TOKEN_CREATE,
 	__MAX_BPF_CMD,
 };
 enum bpf_map_type {
@ -983,7 +951,6 @@ enum bpf_map_type {
 	BPF_MAP_TYPE_BLOOM_FILTER,
 	BPF_MAP_TYPE_USER_RINGBUF,
 	BPF_MAP_TYPE_CGRP_STORAGE,
 	__MAX_BPF_MAP_TYPE
 };
 /* Note that tracing related programs such as
@ -1028,7 +995,6 @@ enum bpf_prog_type {
 	BPF_PROG_TYPE_SK_LOOKUP,
 	BPF_PROG_TYPE_SYSCALL, /* a program that can execute syscalls */
 	BPF_PROG_TYPE_NETFILTER,
 	__MAX_BPF_PROG_TYPE
 };
 enum bpf_attach_type {
@ -1437,7 +1403,6 @@ union bpf_attr {
 		 * to using 5 hash functions).
 		 */
 		__u64	map_extra;
 		__u32	map_token_fd;
 	};
 	struct { /* anonymous struct used by BPF_MAP_*_ELEM commands */
@ -1507,7 +1472,6 @@ union bpf_attr {
 		 * truncated), or smaller (if log buffer wasn't filled completely).
 		 */
 		__u32		log_true_size;
 		__u32		prog_token_fd;
 	};
 	struct { /* anonymous struct used by BPF_OBJ_* commands */
@ -1620,7 +1584,6 @@ union bpf_attr {
 		 * truncated), or smaller (if log buffer wasn't filled completely).
 		 */
 		__u32		btf_log_true_size;
 		__u32		btf_token_fd;
 	};
 	struct {
@ -1751,11 +1714,6 @@ union bpf_attr {
 		__u32		flags;		/* extra flags */
 	} prog_bind_map;
 	struct { /* struct used by BPF_TOKEN_CREATE command */
 		__u32		flags;
 		__u32		bpffs_fd;
 	} token_create;
 } __attribute__((aligned(8)));
 /* The description below is an attempt at providing documentation to eBPF
--- a/kernel/bpf/Makefile
+++ b/kernel/bpf/Makefile
@ -6,7 +6,7 @@ cflags-nogcse-$(CONFIG_X86)$(CONFIG_CC_IS_GCC) := -fno-gcse
 endif
 CFLAGS_core.o += $(call cc-disable-warning, override-init) $(cflags-nogcse-yy)
-obj-$(CONFIG_BPF_SYSCALL) += syscall.o verifier.o inode.o helpers.o tnum.o log.o token.o
+obj-$(CONFIG_BPF_SYSCALL) += syscall.o verifier.o inode.o helpers.o tnum.o log.o
 obj-$(CONFIG_BPF_SYSCALL) += bpf_iter.o map_iter.o task_iter.o prog_iter.o link_iter.o
 obj-$(CONFIG_BPF_SYSCALL) += hashtab.o arraymap.o percpu_freelist.o bpf_lru_list.o lpm_trie.o map_in_map.o bloom_filter.o
 obj-$(CONFIG_BPF_SYSCALL) += local_storage.o queue_stack_maps.o ringbuf.o
--- a/kernel/bpf/arraymap.c
+++ b/kernel/bpf/arraymap.c
@ -82,7 +82,7 @@ static struct bpf_map *array_map_alloc(union bpf_attr *attr)
 	bool percpu = attr->map_type == BPF_MAP_TYPE_PERCPU_ARRAY;
 	int numa_node = bpf_map_attr_numa_node(attr);
 	u32 elem_size, index_mask, max_entries;
-	bool bypass_spec_v1 = bpf_bypass_spec_v1(NULL);
+	bool bypass_spec_v1 = bpf_bypass_spec_v1();
 	u64 array_size, mask64;
 	struct bpf_array *array;
--- a/kernel/bpf/bpf_lsm.c
+++ b/kernel/bpf/bpf_lsm.c
@ -260,15 +260,9 @@ bpf_lsm_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 BTF_SET_START(sleepable_lsm_hooks)
 BTF_ID(func, bpf_lsm_bpf)
 BTF_ID(func, bpf_lsm_bpf_map)
-BTF_ID(func, bpf_lsm_bpf_map_create)
+BTF_ID(func, bpf_lsm_bpf_map_alloc_security)
-BTF_ID(func, bpf_lsm_bpf_map_free)
+BTF_ID(func, bpf_lsm_bpf_map_free_security)
 BTF_ID(func, bpf_lsm_bpf_prog)
 BTF_ID(func, bpf_lsm_bpf_prog_load)
 BTF_ID(func, bpf_lsm_bpf_prog_free)
 BTF_ID(func, bpf_lsm_bpf_token_create)
 BTF_ID(func, bpf_lsm_bpf_token_free)
 BTF_ID(func, bpf_lsm_bpf_token_cmd)
 BTF_ID(func, bpf_lsm_bpf_token_capable)
 BTF_ID(func, bpf_lsm_bprm_check_security)
 BTF_ID(func, bpf_lsm_bprm_committed_creds)
 BTF_ID(func, bpf_lsm_bprm_committing_creds)
@ -363,8 +357,9 @@ BTF_ID(func, bpf_lsm_userns_create)
 BTF_SET_END(sleepable_lsm_hooks)
 BTF_SET_START(untrusted_lsm_hooks)
-BTF_ID(func, bpf_lsm_bpf_map_free)
+BTF_ID(func, bpf_lsm_bpf_map_free_security)
-BTF_ID(func, bpf_lsm_bpf_prog_free)
+BTF_ID(func, bpf_lsm_bpf_prog_alloc_security)
 BTF_ID(func, bpf_lsm_bpf_prog_free_security)
 BTF_ID(func, bpf_lsm_file_alloc_security)
 BTF_ID(func, bpf_lsm_file_free_security)
 #ifdef CONFIG_SECURITY_NETWORK
--- a/kernel/bpf/cgroup.c
+++ b/kernel/bpf/cgroup.c
@ -1630,7 +1630,7 @@ cgroup_dev_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_perf_event_output:
 		return &bpf_event_output_data_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
@ -2191,7 +2191,7 @@ sysctl_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_perf_event_output:
 		return &bpf_event_output_data_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
@ -2348,7 +2348,7 @@ cg_sockopt_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_perf_event_output:
 		return &bpf_event_output_data_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@ -682,7 +682,7 @@ static bool bpf_prog_kallsyms_candidate(const struct bpf_prog *fp)
 void bpf_prog_kallsyms_add(struct bpf_prog *fp)
 {
 	if (!bpf_prog_kallsyms_candidate(fp) ||
-	    !bpf_token_capable(fp->aux->token, CAP_BPF))
+	    !bpf_capable())
 		return;
 	bpf_prog_ksym_set_addr(fp);
@ -2779,7 +2779,6 @@ void bpf_prog_free(struct bpf_prog *fp)
 	if (aux->dst_prog)
 		bpf_prog_put(aux->dst_prog);
 	bpf_token_put(aux->token);
 	INIT_WORK(&aux->work, bpf_prog_free_deferred);
 	schedule_work(&aux->work);
 }
--- a/kernel/bpf/helpers.c
+++ b/kernel/bpf/helpers.c
@ -1679,7 +1679,7 @@ const struct bpf_func_proto bpf_probe_read_kernel_str_proto __weak;
 const struct bpf_func_proto bpf_task_pt_regs_proto __weak;
 const struct bpf_func_proto *
-bpf_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
+bpf_base_func_proto(enum bpf_func_id func_id)
 {
 	switch (func_id) {
 	case BPF_FUNC_map_lookup_elem:
@ -1730,7 +1730,7 @@ bpf_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		break;
 	}
-	if (!bpf_token_capable(prog->aux->token, CAP_BPF))
+	if (!bpf_capable())
 		return NULL;
 	switch (func_id) {
@ -1788,7 +1788,7 @@ bpf_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		break;
 	}
-	if (!bpf_token_capable(prog->aux->token, CAP_PERFMON))
+	if (!perfmon_capable())
 		return NULL;
 	switch (func_id) {
--- a/kernel/bpf/inode.c
+++ b/kernel/bpf/inode.c
@ -20,7 +20,6 @@
 #include <linux/filter.h>
 #include <linux/bpf.h>
 #include <linux/bpf_trace.h>
 #include <linux/kstrtox.h>
 #include "preload/bpf_preload.h"
 enum bpf_type {
@ -99,7 +98,7 @@ static const struct inode_operations bpf_prog_iops = { };
 static const struct inode_operations bpf_map_iops  = { };
 static const struct inode_operations bpf_link_iops  = { };
-struct inode *bpf_get_inode(struct super_block *sb,
+static struct inode *bpf_get_inode(struct super_block *sb,
 				   const struct inode *dir,
 				   umode_t mode)
 {
@ -595,183 +594,15 @@ struct bpf_prog *bpf_prog_get_type_path(const char *name, enum bpf_prog_type typ
 }
 EXPORT_SYMBOL(bpf_prog_get_type_path);
 struct bpffs_btf_enums {
 	const struct btf *btf;
 	const struct btf_type *cmd_t;
 	const struct btf_type *map_t;
 	const struct btf_type *prog_t;
 	const struct btf_type *attach_t;
 };
 static int find_bpffs_btf_enums(struct bpffs_btf_enums *info)
 {
 	const struct btf *btf;
 	const struct btf_type *t;
 	const char *name;
 	int i, n;
 	memset(info, 0, sizeof(*info));
 	btf = bpf_get_btf_vmlinux();
 	if (IS_ERR(btf))
 		return PTR_ERR(btf);
 	if (!btf)
 		return -ENOENT;
 	info->btf = btf;
 	for (i = 1, n = btf_nr_types(btf); i < n; i++) {
 		t = btf_type_by_id(btf, i);
 		if (!btf_type_is_enum(t))
 			continue;
 		name = btf_name_by_offset(btf, t->name_off);
 		if (!name)
 			continue;
 		if (strcmp(name, "bpf_cmd") == 0)
 			info->cmd_t = t;
 		else if (strcmp(name, "bpf_map_type") == 0)
 			info->map_t = t;
 		else if (strcmp(name, "bpf_prog_type") == 0)
 			info->prog_t = t;
 		else if (strcmp(name, "bpf_attach_type") == 0)
 			info->attach_t = t;
 		else
 			continue;
 		if (info->cmd_t && info->map_t && info->prog_t && info->attach_t)
 			return 0;
 	}
 	return -ESRCH;
 }
 static bool find_btf_enum_const(const struct btf *btf, const struct btf_type *enum_t,
 				const char *prefix, const char *str, int *value)
 {
 	const struct btf_enum *e;
 	const char *name;
 	int i, n, pfx_len = strlen(prefix);
 	*value = 0;
 	if (!btf || !enum_t)
 		return false;
 	for (i = 0, n = btf_vlen(enum_t); i < n; i++) {
 		e = &btf_enum(enum_t)[i];
 		name = btf_name_by_offset(btf, e->name_off);
 		if (!name || strncasecmp(name, prefix, pfx_len) != 0)
 			continue;
 		/* match symbolic name case insensitive and ignoring prefix */
 		if (strcasecmp(name + pfx_len, str) == 0) {
 			*value = e->val;
 			return true;
 		}
 	}
 	return false;
 }
 static void seq_print_delegate_opts(struct seq_file *m,
 				    const char *opt_name,
 				    const struct btf *btf,
 				    const struct btf_type *enum_t,
 				    const char *prefix,
 				    u64 delegate_msk, u64 any_msk)
 {
 	const struct btf_enum *e;
 	bool first = true;
 	const char *name;
 	u64 msk;
 	int i, n, pfx_len = strlen(prefix);
 	delegate_msk &= any_msk; /* clear unknown bits */
 	if (delegate_msk == 0)
 		return;
 	seq_printf(m, ",%s", opt_name);
 	if (delegate_msk == any_msk) {
 		seq_printf(m, "=any");
 		return;
 	}
 	if (btf && enum_t) {
 		for (i = 0, n = btf_vlen(enum_t); i < n; i++) {
 			e = &btf_enum(enum_t)[i];
 			name = btf_name_by_offset(btf, e->name_off);
 			if (!name || strncasecmp(name, prefix, pfx_len) != 0)
 				continue;
 			msk = 1ULL << e->val;
 			if (delegate_msk & msk) {
 				/* emit lower-case name without prefix */
 				seq_printf(m, "%c", first ? '=' : ':');
 				name += pfx_len;
 				while (*name) {
 					seq_printf(m, "%c", tolower(*name));
 					name++;
 				}
 				delegate_msk &= ~msk;
 				first = false;
 			}
 		}
 	}
 	if (delegate_msk)
 		seq_printf(m, "%c0x%llx", first ? '=' : ':', delegate_msk);
 }
 /*
 * Display the mount options in /proc/mounts.
 */
 static int bpf_show_options(struct seq_file *m, struct dentry *root)
 {
-	struct bpf_mount_opts *opts = root->d_sb->s_fs_info;
+	umode_t mode = d_inode(root)->i_mode & S_IALLUGO & ~S_ISVTX;
 	struct inode *inode = d_inode(root);
 	umode_t mode = inode->i_mode & S_IALLUGO & ~S_ISVTX;
 	u64 mask;
 	if (!uid_eq(inode->i_uid, GLOBAL_ROOT_UID))
 		seq_printf(m, ",uid=%u",
 			   from_kuid_munged(&init_user_ns, inode->i_uid));
 	if (!gid_eq(inode->i_gid, GLOBAL_ROOT_GID))
 		seq_printf(m, ",gid=%u",
 			   from_kgid_munged(&init_user_ns, inode->i_gid));
 	if (mode != S_IRWXUGO)
 		seq_printf(m, ",mode=%o", mode);
 	if (opts->delegate_cmds || opts->delegate_maps ||
 	    opts->delegate_progs || opts->delegate_attachs) {
 		struct bpffs_btf_enums info;
 		/* ignore errors, fallback to hex */
 		(void)find_bpffs_btf_enums(&info);
 		mask = (1ULL << __MAX_BPF_CMD) - 1;
 		seq_print_delegate_opts(m, "delegate_cmds",
 					info.btf, info.cmd_t, "BPF_",
 					opts->delegate_cmds, mask);
 		mask = (1ULL << __MAX_BPF_MAP_TYPE) - 1;
 		seq_print_delegate_opts(m, "delegate_maps",
 					info.btf, info.map_t, "BPF_MAP_TYPE_",
 					opts->delegate_maps, mask);
 		mask = (1ULL << __MAX_BPF_PROG_TYPE) - 1;
 		seq_print_delegate_opts(m, "delegate_progs",
 					info.btf, info.prog_t, "BPF_PROG_TYPE_",
 					opts->delegate_progs, mask);
 		mask = (1ULL << __MAX_BPF_ATTACH_TYPE) - 1;
 		seq_print_delegate_opts(m, "delegate_attachs",
 					info.btf, info.attach_t, "BPF_",
 					opts->delegate_attachs, mask);
 	}
 	return 0;
 }
@ -786,7 +617,7 @@ static void bpf_free_inode(struct inode *inode)
 	free_inode_nonrcu(inode);
 }
-const struct super_operations bpf_super_ops = {
+static const struct super_operations bpf_super_ops = {
 	.statfs		= simple_statfs,
 	.drop_inode	= generic_delete_inode,
 	.show_options	= bpf_show_options,
@ -794,33 +625,23 @@ const struct super_operations bpf_super_ops = {
 };
 enum {
 	OPT_UID,
 	OPT_GID,
 	OPT_MODE,
 	OPT_DELEGATE_CMDS,
 	OPT_DELEGATE_MAPS,
 	OPT_DELEGATE_PROGS,
 	OPT_DELEGATE_ATTACHS,
 };
 static const struct fs_parameter_spec bpf_fs_parameters[] = {
 	fsparam_u32	("uid",				OPT_UID),
 	fsparam_u32	("gid",				OPT_GID),
 	fsparam_u32oct	("mode",			OPT_MODE),
 	fsparam_string	("delegate_cmds",		OPT_DELEGATE_CMDS),
 	fsparam_string	("delegate_maps",		OPT_DELEGATE_MAPS),
 	fsparam_string	("delegate_progs",		OPT_DELEGATE_PROGS),
 	fsparam_string	("delegate_attachs",		OPT_DELEGATE_ATTACHS),
 	{}
 };
 struct bpf_mount_opts {
 	umode_t mode;
 };
 static int bpf_parse_param(struct fs_context *fc, struct fs_parameter *param)
 {
-	struct bpf_mount_opts *opts = fc->s_fs_info;
+	struct bpf_mount_opts *opts = fc->fs_private;
 	struct fs_parse_result result;
-	kuid_t uid;
+	int opt;
 	kgid_t gid;
 	int opt, err;
 	opt = fs_parse(fc, bpf_fs_parameters, param, &result);
 	if (opt < 0) {
@ -841,104 +662,12 @@ static int bpf_parse_param(struct fs_context *fc, struct fs_parameter *param)
 	}
 	switch (opt) {
 	case OPT_UID:
 		uid = make_kuid(current_user_ns(), result.uint_32);
 		if (!uid_valid(uid))
 			goto bad_value;
 		/*
 		 * The requested uid must be representable in the
 		 * filesystem's idmapping.
 		 */
 		if (!kuid_has_mapping(fc->user_ns, uid))
 			goto bad_value;
 		opts->uid = uid;
 		break;
 	case OPT_GID:
 		gid = make_kgid(current_user_ns(), result.uint_32);
 		if (!gid_valid(gid))
 			goto bad_value;
 		/*
 		 * The requested gid must be representable in the
 		 * filesystem's idmapping.
 		 */
 		if (!kgid_has_mapping(fc->user_ns, gid))
 			goto bad_value;
 		opts->gid = gid;
 		break;
 	case OPT_MODE:
 		opts->mode = result.uint_32 & S_IALLUGO;
 		break;
 	case OPT_DELEGATE_CMDS:
 	case OPT_DELEGATE_MAPS:
 	case OPT_DELEGATE_PROGS:
 	case OPT_DELEGATE_ATTACHS: {
 		struct bpffs_btf_enums info;
 		const struct btf_type *enum_t;
 		const char *enum_pfx;
 		u64 *delegate_msk, msk = 0;
 		char *p;
 		int val;
 		/* ignore errors, fallback to hex */
 		(void)find_bpffs_btf_enums(&info);
 		switch (opt) {
 		case OPT_DELEGATE_CMDS:
 			delegate_msk = &opts->delegate_cmds;
 			enum_t = info.cmd_t;
 			enum_pfx = "BPF_";
 			break;
 		case OPT_DELEGATE_MAPS:
 			delegate_msk = &opts->delegate_maps;
 			enum_t = info.map_t;
 			enum_pfx = "BPF_MAP_TYPE_";
 			break;
 		case OPT_DELEGATE_PROGS:
 			delegate_msk = &opts->delegate_progs;
 			enum_t = info.prog_t;
 			enum_pfx = "BPF_PROG_TYPE_";
 			break;
 		case OPT_DELEGATE_ATTACHS:
 			delegate_msk = &opts->delegate_attachs;
 			enum_t = info.attach_t;
 			enum_pfx = "BPF_";
 			break;
 		default:
 			return -EINVAL;
 		}
 		while ((p = strsep(&param->string, ":"))) {
 			if (strcmp(p, "any") == 0) {
 				msk |= ~0ULL;
 			} else if (find_btf_enum_const(info.btf, enum_t, enum_pfx, p, &val)) {
 				msk |= 1ULL << val;
 			} else {
 				err = kstrtou64(p, 0, &msk);
 				if (err)
 					return err;
 			}
 		}
 		/* Setting delegation mount options requires privileges */
 		if (msk && !capable(CAP_SYS_ADMIN))
 			return -EPERM;
 		*delegate_msk |= msk;
 		break;
 	}
 	default:
 		/* ignore unknown mount options */
 		break;
 	}
 	return 0;
 bad_value:
 	return invalfc(fc, "Bad value for '%s'", param->key);
 }
 struct bpf_preload_ops *bpf_preload_ops;
@ -1010,14 +739,10 @@ static int populate_bpffs(struct dentry *parent)
 static int bpf_fill_super(struct super_block *sb, struct fs_context *fc)
 {
 	static const struct tree_descr bpf_rfiles[] = { { "" } };
-	struct bpf_mount_opts *opts = sb->s_fs_info;
+	struct bpf_mount_opts *opts = fc->fs_private;
 	struct inode *inode;
 	int ret;
 	/* Mounting an instance of BPF FS requires privileges */
 	if (fc->user_ns != &init_user_ns && !capable(CAP_SYS_ADMIN))
 		return -EPERM;
 	ret = simple_fill_super(sb, BPF_FS_MAGIC, bpf_rfiles);
 	if (ret)
 		return ret;
@ -1025,8 +750,6 @@ static int bpf_fill_super(struct super_block *sb, struct fs_context *fc)
 	sb->s_op = &bpf_super_ops;
 	inode = sb->s_root->d_inode;
 	inode->i_uid = opts->uid;
 	inode->i_gid = opts->gid;
 	inode->i_op = &bpf_dir_iops;
 	inode->i_mode &= ~S_IALLUGO;
 	populate_bpffs(sb->s_root);
@ -1041,7 +764,7 @@ static int bpf_get_tree(struct fs_context *fc)
 static void bpf_free_fc(struct fs_context *fc)
 {
-	kfree(fc->s_fs_info);
+	kfree(fc->fs_private);
 }
 static const struct fs_context_operations bpf_context_ops = {
@ -1062,35 +785,18 @@ static int bpf_init_fs_context(struct fs_context *fc)
 		return -ENOMEM;
 	opts->mode = S_IRWXUGO;
 	opts->uid = current_fsuid();
 	opts->gid = current_fsgid();
-	/* start out with no BPF token delegation enabled */
+	fc->fs_private = opts;
 	opts->delegate_cmds = 0;
 	opts->delegate_maps = 0;
 	opts->delegate_progs = 0;
 	opts->delegate_attachs = 0;
 	fc->s_fs_info = opts;
 	fc->ops = &bpf_context_ops;
 	return 0;
 }
 static void bpf_kill_super(struct super_block *sb)
 {
 	struct bpf_mount_opts *opts = sb->s_fs_info;
 	kill_litter_super(sb);
 	kfree(opts);
 }
 static struct file_system_type bpf_fs_type = {
 	.owner		= THIS_MODULE,
 	.name		= "bpf",
 	.init_fs_context = bpf_init_fs_context,
 	.parameters	= bpf_fs_parameters,
-	.kill_sb	= bpf_kill_super,
+	.kill_sb	= kill_litter_super,
 	.fs_flags	= FS_USERNS_MOUNT,
 };
 static int __init bpf_init(void)
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@ -1011,8 +1011,8 @@ int map_check_no_btf(const struct bpf_map *map,
 	return -ENOTSUPP;
 }
-static int map_check_btf(struct bpf_map *map, struct bpf_token *token,
+static int map_check_btf(struct bpf_map *map, const struct btf *btf,
-			 const struct btf *btf, u32 btf_key_id, u32 btf_value_id)
+			 u32 btf_key_id, u32 btf_value_id)
 {
 	const struct btf_type *key_type, *value_type;
 	u32 key_size, value_size;
@ -1040,7 +1040,7 @@ static int map_check_btf(struct bpf_map *map, struct bpf_token *token,
 	if (!IS_ERR_OR_NULL(map->record)) {
 		int i;
-		if (!bpf_token_capable(token, CAP_BPF)) {
+		if (!bpf_capable()) {
 			ret = -EPERM;
 			goto free_map_tab;
 		}
@ -1123,17 +1123,11 @@ static int map_check_btf(struct bpf_map *map, struct bpf_token *token,
 	return ret;
 }
-static bool bpf_net_capable(void)
+#define BPF_MAP_CREATE_LAST_FIELD map_extra
 {
 	return capable(CAP_NET_ADMIN) || capable(CAP_SYS_ADMIN);
 }
 #define BPF_MAP_CREATE_LAST_FIELD map_token_fd
 /* called via syscall */
 static int map_create(union bpf_attr *attr)
 {
 	const struct bpf_map_ops *ops;
 	struct bpf_token *token = NULL;
 	int numa_node = bpf_map_attr_numa_node(attr);
 	u32 map_type = attr->map_type;
 	struct bpf_map *map;
@ -1184,32 +1178,14 @@ static int map_create(union bpf_attr *attr)
 	if (!ops->map_mem_usage)
 		return -EINVAL;
 	if (attr->map_token_fd) {
 		token = bpf_token_get_from_fd(attr->map_token_fd);
 		if (IS_ERR(token))
 			return PTR_ERR(token);
 		/* if current token doesn't grant map creation permissions,
 		 * then we can't use this token, so ignore it and rely on
 		 * system-wide capabilities checks
 		 */
 		if (!bpf_token_allow_cmd(token, BPF_MAP_CREATE) ||
 		    !bpf_token_allow_map_type(token, attr->map_type)) {
 			bpf_token_put(token);
 			token = NULL;
 		}
 	}
 	err = -EPERM;
 	/* Intent here is for unprivileged_bpf_disabled to block BPF map
 	 * creation for unprivileged users; other actions depend
 	 * on fd availability and access to bpffs, so are dependent on
 	 * object creation success. Even with unprivileged BPF disabled,
 	 * capability checks are still carried out.
 	 */
-	if (sysctl_unprivileged_bpf_disabled && !bpf_token_capable(token, CAP_BPF))
+	if (sysctl_unprivileged_bpf_disabled && !bpf_capable())
-		goto put_token;
+		return -EPERM;
 	/* check privileged map type permissions */
 	switch (map_type) {
@ -1242,27 +1218,25 @@ static int map_create(union bpf_attr *attr)
 	case BPF_MAP_TYPE_LRU_PERCPU_HASH:
 	case BPF_MAP_TYPE_STRUCT_OPS:
 	case BPF_MAP_TYPE_CPUMAP:
-		if (!bpf_token_capable(token, CAP_BPF))
+		if (!bpf_capable())
-			goto put_token;
+			return -EPERM;
 		break;
 	case BPF_MAP_TYPE_SOCKMAP:
 	case BPF_MAP_TYPE_SOCKHASH:
 	case BPF_MAP_TYPE_DEVMAP:
 	case BPF_MAP_TYPE_DEVMAP_HASH:
 	case BPF_MAP_TYPE_XSKMAP:
-		if (!bpf_token_capable(token, CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN))
-			goto put_token;
+			return -EPERM;
 		break;
 	default:
 		WARN(1, "unsupported map type %d", map_type);
-		goto put_token;
+		return -EPERM;
 	}
 	map = ops->map_alloc(attr);
-	if (IS_ERR(map)) {
+	if (IS_ERR(map))
-		err = PTR_ERR(map);
+		return PTR_ERR(map);
 		goto put_token;
 	}
 	map->ops = ops;
 	map->map_type = map_type;
@ -1299,7 +1273,7 @@ static int map_create(union bpf_attr *attr)
 		map->btf = btf;
 		if (attr->btf_value_type_id) {
-			err = map_check_btf(map, token, btf, attr->btf_key_type_id,
+			err = map_check_btf(map, btf, attr->btf_key_type_id,
 					    attr->btf_value_type_id);
 			if (err)
 				goto free_map;
@ -1311,16 +1285,15 @@ static int map_create(union bpf_attr *attr)
 			attr->btf_vmlinux_value_type_id;
 	}
-	err = security_bpf_map_create(map, attr, token);
+	err = security_bpf_map_alloc(map);
 	if (err)
-		goto free_map_sec;
+		goto free_map;
 	err = bpf_map_alloc_id(map);
 	if (err)
 		goto free_map_sec;
 	bpf_map_save_memcg(map);
 	bpf_token_put(token);
 	err = bpf_map_new_fd(map, f_flags);
 	if (err < 0) {
@ -1341,8 +1314,6 @@ static int map_create(union bpf_attr *attr)
 free_map:
 	btf_put(map->btf);
 	map->ops->map_free(map);
 put_token:
 	bpf_token_put(token);
 	return err;
 }
@ -2173,7 +2144,7 @@ static void __bpf_prog_put_rcu(struct rcu_head *rcu)
 	kvfree(aux->func_info);
 	kfree(aux->func_info_aux);
 	free_uid(aux->user);
-	security_bpf_prog_free(aux->prog);
+	security_bpf_prog_free(aux);
 	bpf_prog_free(aux->prog);
 }
@ -2619,15 +2590,13 @@ static bool is_perfmon_prog_type(enum bpf_prog_type prog_type)
 }
 /* last field in 'union bpf_attr' used by this command */
-#define BPF_PROG_LOAD_LAST_FIELD prog_token_fd
+#define	BPF_PROG_LOAD_LAST_FIELD log_true_size
 static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 {
 	enum bpf_prog_type type = attr->prog_type;
 	struct bpf_prog *prog, *dst_prog = NULL;
 	struct btf *attach_btf = NULL;
 	struct bpf_token *token = NULL;
 	bool bpf_cap;
 	int err;
 	char license[128];
@ -2644,31 +2613,10 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 				 BPF_F_TEST_REG_INVARIANTS))
 		return -EINVAL;
 	bpf_prog_load_fixup_attach_type(attr);
 	if (attr->prog_token_fd) {
 		token = bpf_token_get_from_fd(attr->prog_token_fd);
 		if (IS_ERR(token))
 			return PTR_ERR(token);
 		/* if current token doesn't grant prog loading permissions,
 		 * then we can't use this token, so ignore it and rely on
 		 * system-wide capabilities checks
 		 */
 		if (!bpf_token_allow_cmd(token, BPF_PROG_LOAD) ||
 		    !bpf_token_allow_prog_type(token, attr->prog_type,
 					       attr->expected_attach_type)) {
 			bpf_token_put(token);
 			token = NULL;
 		}
 	}
 	bpf_cap = bpf_token_capable(token, CAP_BPF);
 	err = -EPERM;
 	if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) &&
 	    (attr->prog_flags & BPF_F_ANY_ALIGNMENT) &&
-	    !bpf_cap)
+	    !bpf_capable())
-		goto put_token;
+		return -EPERM;
 	/* Intent here is for unprivileged_bpf_disabled to block BPF program
 	 * creation for unprivileged users; other actions depend
@ -2677,23 +2625,21 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 	 * capability checks are still carried out for these
 	 * and other operations.
 	 */
-	if (sysctl_unprivileged_bpf_disabled && !bpf_cap)
+	if (sysctl_unprivileged_bpf_disabled && !bpf_capable())
-		goto put_token;
+		return -EPERM;
 	if (attr->insn_cnt == 0 ||
-	    attr->insn_cnt > (bpf_cap ? BPF_COMPLEXITY_LIMIT_INSNS : BPF_MAXINSNS)) {
+	    attr->insn_cnt > (bpf_capable() ? BPF_COMPLEXITY_LIMIT_INSNS : BPF_MAXINSNS))
-		err = -E2BIG;
+		return -E2BIG;
 		goto put_token;
 	}
 	if (type != BPF_PROG_TYPE_SOCKET_FILTER &&
 	    type != BPF_PROG_TYPE_CGROUP_SKB &&
-	    !bpf_cap)
+	    !bpf_capable())
-		goto put_token;
+		return -EPERM;
-	if (is_net_admin_prog_type(type) && !bpf_token_capable(token, CAP_NET_ADMIN))
+	if (is_net_admin_prog_type(type) && !capable(CAP_NET_ADMIN) && !capable(CAP_SYS_ADMIN))
-		goto put_token;
+		return -EPERM;
-	if (is_perfmon_prog_type(type) && !bpf_token_capable(token, CAP_PERFMON))
+	if (is_perfmon_prog_type(type) && !perfmon_capable())
-		goto put_token;
+		return -EPERM;
 	/* attach_prog_fd/attach_btf_obj_fd can specify fd of either bpf_prog
 	 * or btf, we need to check which one it is
@ -2703,33 +2649,27 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 		if (IS_ERR(dst_prog)) {
 			dst_prog = NULL;
 			attach_btf = btf_get_by_fd(attr->attach_btf_obj_fd);
-			if (IS_ERR(attach_btf)) {
+			if (IS_ERR(attach_btf))
-				err = -EINVAL;
+				return -EINVAL;
 				goto put_token;
 			}
 			if (!btf_is_kernel(attach_btf)) {
 				/* attaching through specifying bpf_prog's BTF
 				 * objects directly might be supported eventually
 				 */
 				btf_put(attach_btf);
-				err = -ENOTSUPP;
+				return -ENOTSUPP;
 				goto put_token;
 			}
 		}
 	} else if (attr->attach_btf_id) {
 		/* fall back to vmlinux BTF, if BTF type ID is specified */
 		attach_btf = bpf_get_btf_vmlinux();
-		if (IS_ERR(attach_btf)) {
+		if (IS_ERR(attach_btf))
-			err = PTR_ERR(attach_btf);
+			return PTR_ERR(attach_btf);
-			goto put_token;
+		if (!attach_btf)
-		}
+			return -EINVAL;
 		if (!attach_btf) {
 			err = -EINVAL;
 			goto put_token;
 		}
 		btf_get(attach_btf);
 	}
 	bpf_prog_load_fixup_attach_type(attr);
 	if (bpf_prog_load_check_attach(type, attr->expected_attach_type,
 				       attach_btf, attr->attach_btf_id,
 				       dst_prog)) {
@ -2737,8 +2677,7 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 			bpf_prog_put(dst_prog);
 		if (attach_btf)
 			btf_put(attach_btf);
-		err = -EINVAL;
+		return -EINVAL;
 		goto put_token;
 	}
 	/* plain bpf_prog allocation */
@ -2748,8 +2687,7 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 			bpf_prog_put(dst_prog);
 		if (attach_btf)
 			btf_put(attach_btf);
-		err = -EINVAL;
+		return -ENOMEM;
 		goto put_token;
 	}
 	prog->expected_attach_type = attr->expected_attach_type;
@ -2760,9 +2698,9 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 	prog->aux->sleepable = attr->prog_flags & BPF_F_SLEEPABLE;
 	prog->aux->xdp_has_frags = attr->prog_flags & BPF_F_XDP_HAS_FRAGS;
-	/* move token into prog->aux, reuse taken refcnt */
+	err = security_bpf_prog_alloc(prog->aux);
-	prog->aux->token = token;
+	if (err)
-	token = NULL;
+		goto free_prog;
 	prog->aux->user = get_current_user();
 	prog->len = attr->insn_cnt;
@ -2771,12 +2709,12 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 	if (copy_from_bpfptr(prog->insns,
 			     make_bpfptr(attr->insns, uattr.is_kernel),
 			     bpf_prog_insn_size(prog)) != 0)
-		goto free_prog;
+		goto free_prog_sec;
 	/* copy eBPF program license from user space */
 	if (strncpy_from_bpfptr(license,
 				make_bpfptr(attr->license, uattr.is_kernel),
 				sizeof(license) - 1) < 0)
-		goto free_prog;
+		goto free_prog_sec;
 	license[sizeof(license) - 1] = 0;
 	/* eBPF programs must be GPL compatible to use GPL-ed functions */
@ -2790,29 +2728,25 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 	if (bpf_prog_is_dev_bound(prog->aux)) {
 		err = bpf_prog_dev_bound_init(prog, attr);
 		if (err)
-			goto free_prog;
+			goto free_prog_sec;
 	}
 	if (type == BPF_PROG_TYPE_EXT && dst_prog &&
 	    bpf_prog_is_dev_bound(dst_prog->aux)) {
 		err = bpf_prog_dev_bound_inherit(prog, dst_prog);
 		if (err)
-			goto free_prog;
+			goto free_prog_sec;
 	}
 	/* find program type: socket_filter vs tracing_filter */
 	err = find_prog_type(type, prog);
 	if (err < 0)
-		goto free_prog;
+		goto free_prog_sec;
 	prog->aux->load_time = ktime_get_boottime_ns();
 	err = bpf_obj_name_cpy(prog->aux->name, attr->prog_name,
 			       sizeof(attr->prog_name));
 	if (err < 0)
 		goto free_prog;
 	err = security_bpf_prog_load(prog, attr, token);
 	if (err)
 		goto free_prog_sec;
 	/* run eBPF verifier */
@ -2858,16 +2792,13 @@ static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size)
 	 */
 	__bpf_prog_put_noref(prog, prog->aux->real_func_cnt);
 	return err;
 free_prog_sec:
 	security_bpf_prog_free(prog);
 free_prog:
 	free_uid(prog->aux->user);
 	security_bpf_prog_free(prog->aux);
 free_prog:
 	if (prog->aux->attach_btf)
 		btf_put(prog->aux->attach_btf);
 	bpf_prog_free(prog);
 put_token:
 	bpf_token_put(token);
 	return err;
 }
@ -3857,7 +3788,7 @@ static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog,
 	case BPF_PROG_TYPE_SK_LOOKUP:
 		return attach_type == prog->expected_attach_type ? 0 : -EINVAL;
 	case BPF_PROG_TYPE_CGROUP_SKB:
-		if (!bpf_token_capable(prog->aux->token, CAP_NET_ADMIN))
+		if (!capable(CAP_NET_ADMIN))
 			/* cg-skb progs can be loaded by unpriv user.
 			 * check permissions at attach time.
 			 */
@ -4060,7 +3991,7 @@ static int bpf_prog_detach(const union bpf_attr *attr)
 static int bpf_prog_query(const union bpf_attr *attr,
 			  union bpf_attr __user *uattr)
 {
-	if (!bpf_net_capable())
+	if (!capable(CAP_NET_ADMIN))
 		return -EPERM;
 	if (CHECK_ATTR(BPF_PROG_QUERY))
 		return -EINVAL;
@ -4828,31 +4759,15 @@ static int bpf_obj_get_info_by_fd(const union bpf_attr *attr,
 	return err;
 }
-#define BPF_BTF_LOAD_LAST_FIELD btf_token_fd
+#define BPF_BTF_LOAD_LAST_FIELD btf_log_true_size
 static int bpf_btf_load(const union bpf_attr *attr, bpfptr_t uattr, __u32 uattr_size)
 {
 	struct bpf_token *token = NULL;
 	if (CHECK_ATTR(BPF_BTF_LOAD))
 		return -EINVAL;
-	if (attr->btf_token_fd) {
+	if (!bpf_capable())
 		token = bpf_token_get_from_fd(attr->btf_token_fd);
 		if (IS_ERR(token))
 			return PTR_ERR(token);
 		if (!bpf_token_allow_cmd(token, BPF_BTF_LOAD)) {
 			bpf_token_put(token);
 			token = NULL;
 		}
 	}
 	if (!bpf_token_capable(token, CAP_BPF)) {
 		bpf_token_put(token);
 		return -EPERM;
 	}
 	bpf_token_put(token);
 	return btf_new_fd(attr, uattr, uattr_size);
 }
@ -5470,20 +5385,6 @@ static int bpf_prog_bind_map(union bpf_attr *attr)
 	return ret;
 }
 #define BPF_TOKEN_CREATE_LAST_FIELD token_create.bpffs_fd
 static int token_create(union bpf_attr *attr)
 {
 	if (CHECK_ATTR(BPF_TOKEN_CREATE))
 		return -EINVAL;
 	/* no flags are supported yet */
 	if (attr->token_create.flags)
 		return -EINVAL;
 	return bpf_token_create(attr);
 }
 static int __sys_bpf(int cmd, bpfptr_t uattr, unsigned int size)
 {
 	union bpf_attr attr;
@ -5617,9 +5518,6 @@ static int __sys_bpf(int cmd, bpfptr_t uattr, unsigned int size)
 	case BPF_PROG_BIND_MAP:
 		err = bpf_prog_bind_map(&attr);
 		break;
 	case BPF_TOKEN_CREATE:
 		err = token_create(&attr);
 		break;
 	default:
 		err = -EINVAL;
 		break;
@ -5726,7 +5624,7 @@ static const struct bpf_func_proto bpf_sys_bpf_proto = {
 const struct bpf_func_proto * __weak
 tracing_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 {
-	return bpf_base_func_proto(func_id, prog);
+	return bpf_base_func_proto(func_id);
 }
 BPF_CALL_1(bpf_sys_close, u32, fd)
@ -5776,8 +5674,7 @@ syscall_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 {
 	switch (func_id) {
 	case BPF_FUNC_sys_bpf:
-		return !bpf_token_capable(prog->aux->token, CAP_PERFMON)
+		return !perfmon_capable() ? NULL : &bpf_sys_bpf_proto;
 		       ? NULL : &bpf_sys_bpf_proto;
 	case BPF_FUNC_btf_find_by_name_kind:
 		return &bpf_btf_find_by_name_kind_proto;
 	case BPF_FUNC_sys_close:
--- a/kernel/bpf/token.c
+++ b/kernel/bpf/token.c
@ -1,271 +0,0 @@
 #include <linux/bpf.h>
 #include <linux/vmalloc.h>
 #include <linux/fdtable.h>
 #include <linux/file.h>
 #include <linux/fs.h>
 #include <linux/kernel.h>
 #include <linux/idr.h>
 #include <linux/namei.h>
 #include <linux/user_namespace.h>
 #include <linux/security.h>
 bool bpf_token_capable(const struct bpf_token *token, int cap)
 {
 	/* BPF token allows ns_capable() level of capabilities, but only if
 	 * token's userns is *exactly* the same as current user's userns
 	 */
 	if (token && current_user_ns() == token->userns) {
 		if (ns_capable(token->userns, cap) ||
 		    (cap != CAP_SYS_ADMIN && ns_capable(token->userns, CAP_SYS_ADMIN)))
 			return security_bpf_token_capable(token, cap) == 0;
 	}
 	/* otherwise fallback to capable() checks */
 	return capable(cap) || (cap != CAP_SYS_ADMIN && capable(CAP_SYS_ADMIN));
 }
 void bpf_token_inc(struct bpf_token *token)
 {
 	atomic64_inc(&token->refcnt);
 }
 static void bpf_token_free(struct bpf_token *token)
 {
 	security_bpf_token_free(token);
 	put_user_ns(token->userns);
 	kvfree(token);
 }
 static void bpf_token_put_deferred(struct work_struct *work)
 {
 	struct bpf_token *token = container_of(work, struct bpf_token, work);
 	bpf_token_free(token);
 }
 void bpf_token_put(struct bpf_token *token)
 {
 	if (!token)
 		return;
 	if (!atomic64_dec_and_test(&token->refcnt))
 		return;
 	INIT_WORK(&token->work, bpf_token_put_deferred);
 	schedule_work(&token->work);
 }
 static int bpf_token_release(struct inode *inode, struct file *filp)
 {
 	struct bpf_token *token = filp->private_data;
 	bpf_token_put(token);
 	return 0;
 }
 static void bpf_token_show_fdinfo(struct seq_file *m, struct file *filp)
 {
 	struct bpf_token *token = filp->private_data;
 	u64 mask;
 	BUILD_BUG_ON(__MAX_BPF_CMD >= 64);
 	mask = (1ULL << __MAX_BPF_CMD) - 1;
 	if ((token->allowed_cmds & mask) == mask)
 		seq_printf(m, "allowed_cmds:\tany\n");
 	else
 		seq_printf(m, "allowed_cmds:\t0x%llx\n", token->allowed_cmds);
 	BUILD_BUG_ON(__MAX_BPF_MAP_TYPE >= 64);
 	mask = (1ULL << __MAX_BPF_MAP_TYPE) - 1;
 	if ((token->allowed_maps & mask) == mask)
 		seq_printf(m, "allowed_maps:\tany\n");
 	else
 		seq_printf(m, "allowed_maps:\t0x%llx\n", token->allowed_maps);
 	BUILD_BUG_ON(__MAX_BPF_PROG_TYPE >= 64);
 	mask = (1ULL << __MAX_BPF_PROG_TYPE) - 1;
 	if ((token->allowed_progs & mask) == mask)
 		seq_printf(m, "allowed_progs:\tany\n");
 	else
 		seq_printf(m, "allowed_progs:\t0x%llx\n", token->allowed_progs);
 	BUILD_BUG_ON(__MAX_BPF_ATTACH_TYPE >= 64);
 	mask = (1ULL << __MAX_BPF_ATTACH_TYPE) - 1;
 	if ((token->allowed_attachs & mask) == mask)
 		seq_printf(m, "allowed_attachs:\tany\n");
 	else
 		seq_printf(m, "allowed_attachs:\t0x%llx\n", token->allowed_attachs);
 }
 #define BPF_TOKEN_INODE_NAME "bpf-token"
 static const struct inode_operations bpf_token_iops = { };
 static const struct file_operations bpf_token_fops = {
 	.release	= bpf_token_release,
 	.show_fdinfo	= bpf_token_show_fdinfo,
 };
 int bpf_token_create(union bpf_attr *attr)
 {
 	struct bpf_mount_opts *mnt_opts;
 	struct bpf_token *token = NULL;
 	struct user_namespace *userns;
 	struct inode *inode;
 	struct file *file;
 	struct path path;
 	struct fd f;
 	umode_t mode;
 	int err, fd;
 	f = fdget(attr->token_create.bpffs_fd);
 	if (!f.file)
 		return -EBADF;
 	path = f.file->f_path;
 	path_get(&path);
 	fdput(f);
 	if (path.dentry != path.mnt->mnt_sb->s_root) {
 		err = -EINVAL;
 		goto out_path;
 	}
 	if (path.mnt->mnt_sb->s_op != &bpf_super_ops) {
 		err = -EINVAL;
 		goto out_path;
 	}
 	err = path_permission(&path, MAY_ACCESS);
 	if (err)
 		goto out_path;
 	userns = path.dentry->d_sb->s_user_ns;
 	/*
 	 * Enforce that creators of BPF tokens are in the same user
 	 * namespace as the BPF FS instance. This makes reasoning about
 	 * permissions a lot easier and we can always relax this later.
 	 */
 	if (current_user_ns() != userns) {
 		err = -EPERM;
 		goto out_path;
 	}
 	if (!ns_capable(userns, CAP_BPF)) {
 		err = -EPERM;
 		goto out_path;
 	}
 	mnt_opts = path.dentry->d_sb->s_fs_info;
 	if (mnt_opts->delegate_cmds == 0 &&
 	    mnt_opts->delegate_maps == 0 &&
 	    mnt_opts->delegate_progs == 0 &&
 	    mnt_opts->delegate_attachs == 0) {
 		err = -ENOENT; /* no BPF token delegation is set up */
 		goto out_path;
 	}
 	mode = S_IFREG | ((S_IRUSR | S_IWUSR) & ~current_umask());
 	inode = bpf_get_inode(path.mnt->mnt_sb, NULL, mode);
 	if (IS_ERR(inode)) {
 		err = PTR_ERR(inode);
 		goto out_path;
 	}
 	inode->i_op = &bpf_token_iops;
 	inode->i_fop = &bpf_token_fops;
 	clear_nlink(inode); /* make sure it is unlinked */
 	file = alloc_file_pseudo(inode, path.mnt, BPF_TOKEN_INODE_NAME, O_RDWR, &bpf_token_fops);
 	if (IS_ERR(file)) {
 		iput(inode);
 		err = PTR_ERR(file);
 		goto out_path;
 	}
 	token = kvzalloc(sizeof(*token), GFP_USER);
 	if (!token) {
 		err = -ENOMEM;
 		goto out_file;
 	}
 	atomic64_set(&token->refcnt, 1);
 	/* remember bpffs owning userns for future ns_capable() checks */
 	token->userns = get_user_ns(userns);
 	token->allowed_cmds = mnt_opts->delegate_cmds;
 	token->allowed_maps = mnt_opts->delegate_maps;
 	token->allowed_progs = mnt_opts->delegate_progs;
 	token->allowed_attachs = mnt_opts->delegate_attachs;
 	err = security_bpf_token_create(token, attr, &path);
 	if (err)
 		goto out_token;
 	fd = get_unused_fd_flags(O_CLOEXEC);
 	if (fd < 0) {
 		err = fd;
 		goto out_token;
 	}
 	file->private_data = token;
 	fd_install(fd, file);
 	path_put(&path);
 	return fd;
 out_token:
 	bpf_token_free(token);
 out_file:
 	fput(file);
 out_path:
 	path_put(&path);
 	return err;
 }
 struct bpf_token *bpf_token_get_from_fd(u32 ufd)
 {
 	struct fd f = fdget(ufd);
 	struct bpf_token *token;
 	if (!f.file)
 		return ERR_PTR(-EBADF);
 	if (f.file->f_op != &bpf_token_fops) {
 		fdput(f);
 		return ERR_PTR(-EINVAL);
 	}
 	token = f.file->private_data;
 	bpf_token_inc(token);
 	fdput(f);
 	return token;
 }
 bool bpf_token_allow_cmd(const struct bpf_token *token, enum bpf_cmd cmd)
 {
 	/* BPF token can be used only within exactly the same userns in which
 	 * it was created
 	 */
 	if (!token || current_user_ns() != token->userns)
 		return false;
 	if (!(token->allowed_cmds & (1ULL << cmd)))
 		return false;
 	return security_bpf_token_cmd(token, cmd) == 0;
 }
 bool bpf_token_allow_map_type(const struct bpf_token *token, enum bpf_map_type type)
 {
 	if (!token || type >= __MAX_BPF_MAP_TYPE)
 		return false;
 	return token->allowed_maps & (1ULL << type);
 }
 bool bpf_token_allow_prog_type(const struct bpf_token *token,
 			       enum bpf_prog_type prog_type,
 			       enum bpf_attach_type attach_type)
 {
 	if (!token || prog_type >= __MAX_BPF_PROG_TYPE || attach_type >= __MAX_BPF_ATTACH_TYPE)
 		return false;
 	return (token->allowed_progs & (1ULL << prog_type)) &&
 	       (token->allowed_attachs & (1ULL << attach_type));
 }
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@ -20594,12 +20594,7 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3
 	env->prog = *prog;
 	env->ops = bpf_verifier_ops[env->prog->type];
 	env->fd_array = make_bpfptr(attr->fd_array, uattr.is_kernel);
-
+	is_priv = bpf_capable();
 	env->allow_ptr_leaks = bpf_allow_ptr_leaks(env->prog->aux->token);
 	env->allow_uninit_stack = bpf_allow_uninit_stack(env->prog->aux->token);
 	env->bypass_spec_v1 = bpf_bypass_spec_v1(env->prog->aux->token);
 	env->bypass_spec_v4 = bpf_bypass_spec_v4(env->prog->aux->token);
 	env->bpf_capable = is_priv = bpf_token_capable(env->prog->aux->token, CAP_BPF);
 	bpf_get_btf_vmlinux();
@ -20631,6 +20626,12 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3
 	if (attr->prog_flags & BPF_F_ANY_ALIGNMENT)
 		env->strict_alignment = false;
 	env->allow_ptr_leaks = bpf_allow_ptr_leaks();
 	env->allow_uninit_stack = bpf_allow_uninit_stack();
 	env->bypass_spec_v1 = bpf_bypass_spec_v1();
 	env->bypass_spec_v4 = bpf_bypass_spec_v4();
 	env->bpf_capable = bpf_capable();
 	if (is_priv)
 		env->test_state_freq = attr->prog_flags & BPF_F_TEST_STATE_FREQ;
 	env->test_reg_invariants = attr->prog_flags & BPF_F_TEST_REG_INVARIANTS;
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@ -1629,7 +1629,7 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_trace_vprintk:
 		return bpf_get_trace_vprintk_proto();
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
--- a/net/core/filter.c
+++ b/net/core/filter.c
@ -87,7 +87,7 @@
 #include "dev.h"
 static const struct bpf_func_proto *
-bpf_sk_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog);
+bpf_sk_base_func_proto(enum bpf_func_id func_id);
 int copy_bpf_fprog_from_user(struct sock_fprog *dst, sockptr_t src, int len)
 {
@ -7862,7 +7862,7 @@ sock_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_ktime_get_coarse_ns:
 		return &bpf_ktime_get_coarse_ns_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
@ -7955,7 +7955,7 @@ sock_addr_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 			return NULL;
 		}
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -7974,7 +7974,7 @@ sk_filter_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_perf_event_output:
 		return &bpf_skb_event_output_proto;
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8161,7 +8161,7 @@ tc_cls_act_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 #endif
 #endif
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8220,7 +8220,7 @@ xdp_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 #endif
 #endif
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 #if IS_MODULE(CONFIG_NF_CONNTRACK) && IS_ENABLED(CONFIG_DEBUG_INFO_BTF_MODULES)
@ -8281,7 +8281,7 @@ sock_ops_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		return &bpf_tcp_sock_proto;
 #endif /* CONFIG_INET */
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8323,7 +8323,7 @@ sk_msg_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		return &bpf_get_cgroup_classid_curr_proto;
 #endif
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8367,7 +8367,7 @@ sk_skb_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 		return &bpf_skc_lookup_tcp_proto;
 #endif
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8378,7 +8378,7 @@ flow_dissector_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_skb_load_bytes:
 		return &bpf_flow_dissector_load_bytes_proto;
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8405,7 +8405,7 @@ lwt_out_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_skb_under_cgroup:
 		return &bpf_skb_under_cgroup_proto;
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -8580,7 +8580,7 @@ static bool cg_skb_is_valid_access(int off, int size,
 		return false;
 	case bpf_ctx_range(struct __sk_buff, data):
 	case bpf_ctx_range(struct __sk_buff, data_end):
-		if (!bpf_token_capable(prog->aux->token, CAP_BPF))
+		if (!bpf_capable())
 			return false;
 		break;
 	}
@ -8592,7 +8592,7 @@ static bool cg_skb_is_valid_access(int off, int size,
 		case bpf_ctx_range_till(struct __sk_buff, cb[0], cb[4]):
 			break;
 		case bpf_ctx_range(struct __sk_buff, tstamp):
-			if (!bpf_token_capable(prog->aux->token, CAP_BPF))
+			if (!bpf_capable())
 				return false;
 			break;
 		default:
@ -11236,7 +11236,7 @@ sk_reuseport_func_proto(enum bpf_func_id func_id,
 	case BPF_FUNC_ktime_get_coarse_ns:
 		return &bpf_ktime_get_coarse_ns_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
@ -11418,7 +11418,7 @@ sk_lookup_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_sk_release:
 		return &bpf_sk_release_proto;
 	default:
-		return bpf_sk_base_func_proto(func_id, prog);
+		return bpf_sk_base_func_proto(func_id);
 	}
 }
@ -11752,7 +11752,7 @@ const struct bpf_func_proto bpf_sock_from_file_proto = {
 };
 static const struct bpf_func_proto *
-bpf_sk_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
+bpf_sk_base_func_proto(enum bpf_func_id func_id)
 {
 	const struct bpf_func_proto *func;
@ -11781,10 +11781,10 @@ bpf_sk_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 	case BPF_FUNC_ktime_get_coarse_ns:
 		return &bpf_ktime_get_coarse_ns_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
-	if (!bpf_token_capable(prog->aux->token, CAP_PERFMON))
+	if (!perfmon_capable())
 		return NULL;
 	return func;
--- a/net/ipv4/bpf_tcp_ca.c
+++ b/net/ipv4/bpf_tcp_ca.c
@ -191,7 +191,7 @@ bpf_tcp_ca_get_func_proto(enum bpf_func_id func_id,
 	case BPF_FUNC_ktime_get_coarse_ns:
 		return &bpf_ktime_get_coarse_ns_proto;
 	default:
-		return bpf_base_func_proto(func_id, prog);
+		return bpf_base_func_proto(func_id);
 	}
 }
--- a/net/netfilter/nf_bpf_link.c
+++ b/net/netfilter/nf_bpf_link.c
@ -314,7 +314,7 @@ static bool nf_is_valid_access(int off, int size, enum bpf_access_type type,
 static const struct bpf_func_proto *
 bpf_nf_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 {
-	return bpf_base_func_proto(func_id, prog);
+	return bpf_base_func_proto(func_id);
 }
 const struct bpf_verifier_ops netfilter_verifier_ops = {
--- a/security/security.c
+++ b/security/security.c
@ -5167,87 +5167,29 @@ int security_bpf_prog(struct bpf_prog *prog)
 }
 /**
- * security_bpf_map_create() - Check if BPF map creation is allowed
+ * security_bpf_map_alloc() - Allocate a bpf map LSM blob
- * @map: BPF map object
+ * @map: bpf map
 * @attr: BPF syscall attributes used to create BPF map
 * @token: BPF token used to grant user access
 *
- * Do a check when the kernel creates a new BPF map. This is also the
+ * Initialize the security field inside bpf map.
 * point where LSM blob is allocated for LSMs that need them.
 *
 * Return: Returns 0 on success, error on failure.
 */
-int security_bpf_map_create(struct bpf_map *map, union bpf_attr *attr,
+int security_bpf_map_alloc(struct bpf_map *map)
 			    struct bpf_token *token)
 {
-	return call_int_hook(bpf_map_create, 0, map, attr, token);
+	return call_int_hook(bpf_map_alloc_security, 0, map);
 }
 /**
- * security_bpf_prog_load() - Check if loading of BPF program is allowed
+ * security_bpf_prog_alloc() - Allocate a bpf program LSM blob
- * @prog: BPF program object
+ * @aux: bpf program aux info struct
 * @attr: BPF syscall attributes used to create BPF program
 * @token: BPF token used to grant user access to BPF subsystem
 *
- * Perform an access control check when the kernel loads a BPF program and
+ * Initialize the security field inside bpf program.
 * allocates associated BPF program object. This hook is also responsible for
 * allocating any required LSM state for the BPF program.
 *
 * Return: Returns 0 on success, error on failure.
 */
-int security_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr,
+int security_bpf_prog_alloc(struct bpf_prog_aux *aux)
 			   struct bpf_token *token)
 {
-	return call_int_hook(bpf_prog_load, 0, prog, attr, token);
+	return call_int_hook(bpf_prog_alloc_security, 0, aux);
 }
 /**
 * security_bpf_token_create() - Check if creating of BPF token is allowed
 * @token: BPF token object
 * @attr: BPF syscall attributes used to create BPF token
 * @path: path pointing to BPF FS mount point from which BPF token is created
 *
 * Do a check when the kernel instantiates a new BPF token object from BPF FS
 * instance. This is also the point where LSM blob can be allocated for LSMs.
 *
 * Return: Returns 0 on success, error on failure.
 */
 int security_bpf_token_create(struct bpf_token *token, union bpf_attr *attr,
 			      struct path *path)
 {
 	return call_int_hook(bpf_token_create, 0, token, attr, path);
 }
 /**
 * security_bpf_token_cmd() - Check if BPF token is allowed to delegate
 * requested BPF syscall command
 * @token: BPF token object
 * @cmd: BPF syscall command requested to be delegated by BPF token
 *
 * Do a check when the kernel decides whether provided BPF token should allow
 * delegation of requested BPF syscall command.
 *
 * Return: Returns 0 on success, error on failure.
 */
 int security_bpf_token_cmd(const struct bpf_token *token, enum bpf_cmd cmd)
 {
 	return call_int_hook(bpf_token_cmd, 0, token, cmd);
 }
 /**
 * security_bpf_token_capable() - Check if BPF token is allowed to delegate
 * requested BPF-related capability
 * @token: BPF token object
 * @cap: capabilities requested to be delegated by BPF token
 *
 * Do a check when the kernel decides whether provided BPF token should allow
 * delegation of requested BPF-related capabilities.
 *
 * Return: Returns 0 on success, error on failure.
 */
 int security_bpf_token_capable(const struct bpf_token *token, int cap)
 {
 	return call_int_hook(bpf_token_capable, 0, token, cap);
 }
 /**
@ -5258,29 +5200,18 @@ int security_bpf_token_capable(const struct bpf_token *token, int cap)
 */
 void security_bpf_map_free(struct bpf_map *map)
 {
-	call_void_hook(bpf_map_free, map);
+	call_void_hook(bpf_map_free_security, map);
 }
 /**
- * security_bpf_prog_free() - Free a BPF program's LSM blob
+ * security_bpf_prog_free() - Free a bpf program's LSM blob
- * @prog: BPF program struct
+ * @aux: bpf program aux info struct
 *
- * Clean up the security information stored inside BPF program.
+ * Clean up the security information stored inside bpf prog.
 */
-void security_bpf_prog_free(struct bpf_prog *prog)
+void security_bpf_prog_free(struct bpf_prog_aux *aux)
 {
-	call_void_hook(bpf_prog_free, prog);
+	call_void_hook(bpf_prog_free_security, aux);
 }
 /**
 * security_bpf_token_free() - Free a BPF token's LSM blob
 * @token: BPF token struct
 *
 * Clean up the security information stored inside BPF token.
 */
 void security_bpf_token_free(struct bpf_token *token)
 {
 	call_void_hook(bpf_token_free, token);
 }
 #endif /* CONFIG_BPF_SYSCALL */
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@ -6783,8 +6783,7 @@ static int selinux_bpf_prog(struct bpf_prog *prog)
 			    BPF__PROG_RUN, NULL);
 }
-static int selinux_bpf_map_create(struct bpf_map *map, union bpf_attr *attr,
+static int selinux_bpf_map_alloc(struct bpf_map *map)
 				  struct bpf_token *token)
 {
 	struct bpf_security_struct *bpfsec;
@ -6806,8 +6805,7 @@ static void selinux_bpf_map_free(struct bpf_map *map)
 	kfree(bpfsec);
 }
-static int selinux_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr,
+static int selinux_bpf_prog_alloc(struct bpf_prog_aux *aux)
 				 struct bpf_token *token)
 {
 	struct bpf_security_struct *bpfsec;
@ -6816,39 +6814,16 @@ static int selinux_bpf_prog_load(struct bpf_prog *prog, union bpf_attr *attr,
 		return -ENOMEM;
 	bpfsec->sid = current_sid();
-	prog->aux->security = bpfsec;
+	aux->security = bpfsec;
 	return 0;
 }
-static void selinux_bpf_prog_free(struct bpf_prog *prog)
+static void selinux_bpf_prog_free(struct bpf_prog_aux *aux)
 {
-	struct bpf_security_struct *bpfsec = prog->aux->security;
+	struct bpf_security_struct *bpfsec = aux->security;
-	prog->aux->security = NULL;
+	aux->security = NULL;
 	kfree(bpfsec);
 }
 static int selinux_bpf_token_create(struct bpf_token *token, union bpf_attr *attr,
 				    struct path *path)
 {
 	struct bpf_security_struct *bpfsec;
 	bpfsec = kzalloc(sizeof(*bpfsec), GFP_KERNEL);
 	if (!bpfsec)
 		return -ENOMEM;
 	bpfsec->sid = current_sid();
 	token->security = bpfsec;
 	return 0;
 }
 static void selinux_bpf_token_free(struct bpf_token *token)
 {
 	struct bpf_security_struct *bpfsec = token->security;
 	token->security = NULL;
 	kfree(bpfsec);
 }
 #endif
@ -7204,9 +7179,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = {
 	LSM_HOOK_INIT(bpf, selinux_bpf),
 	LSM_HOOK_INIT(bpf_map, selinux_bpf_map),
 	LSM_HOOK_INIT(bpf_prog, selinux_bpf_prog),
-	LSM_HOOK_INIT(bpf_map_free, selinux_bpf_map_free),
+	LSM_HOOK_INIT(bpf_map_free_security, selinux_bpf_map_free),
-	LSM_HOOK_INIT(bpf_prog_free, selinux_bpf_prog_free),
+	LSM_HOOK_INIT(bpf_prog_free_security, selinux_bpf_prog_free),
 	LSM_HOOK_INIT(bpf_token_free, selinux_bpf_token_free),
 #endif
 #ifdef CONFIG_PERF_EVENTS
@ -7263,9 +7237,8 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = {
 	LSM_HOOK_INIT(audit_rule_init, selinux_audit_rule_init),
 #endif
 #ifdef CONFIG_BPF_SYSCALL
-	LSM_HOOK_INIT(bpf_map_create, selinux_bpf_map_create),
+	LSM_HOOK_INIT(bpf_map_alloc_security, selinux_bpf_map_alloc),
-	LSM_HOOK_INIT(bpf_prog_load, selinux_bpf_prog_load),
+	LSM_HOOK_INIT(bpf_prog_alloc_security, selinux_bpf_prog_alloc),
 	LSM_HOOK_INIT(bpf_token_create, selinux_bpf_token_create),
 #endif
 #ifdef CONFIG_PERF_EVENTS
 	LSM_HOOK_INIT(perf_event_alloc, selinux_perf_event_alloc),
--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@ -847,36 +847,6 @@ union bpf_iter_link_info {
 *		Returns zero on success. On error, -1 is returned and *errno*
 *		is set appropriately.
 *
 * BPF_TOKEN_CREATE
 *	Description
 *		Create BPF token with embedded information about what
 *		BPF-related functionality it allows:
 *		- a set of allowed bpf() syscall commands;
 *		- a set of allowed BPF map types to be created with
 *		BPF_MAP_CREATE command, if BPF_MAP_CREATE itself is allowed;
 *		- a set of allowed BPF program types and BPF program attach
 *		types to be loaded with BPF_PROG_LOAD command, if
 *		BPF_PROG_LOAD itself is allowed.
 *
 *		BPF token is created (derived) from an instance of BPF FS,
 *		assuming it has necessary delegation mount options specified.
 *		This BPF token can be passed as an extra parameter to various
 *		bpf() syscall commands to grant BPF subsystem functionality to
 *		unprivileged processes.
 *
 *		When created, BPF token is "associated" with the owning
 *		user namespace of BPF FS instance (super block) that it was
 *		derived from, and subsequent BPF operations performed with
 *		BPF token would be performing capabilities checks (i.e.,
 *		CAP_BPF, CAP_PERFMON, CAP_NET_ADMIN, CAP_SYS_ADMIN) within
 *		that user namespace. Without BPF token, such capabilities
 *		have to be granted in init user namespace, making bpf()
 *		syscall incompatible with user namespace, for the most part.
 *
 *	Return
 *		A new file descriptor (a nonnegative integer), or -1 if an
 *		error occurred (in which case, *errno* is set appropriately).
 *
 * NOTES
 *	eBPF objects (maps and programs) can be shared between processes.
 *
@ -931,8 +901,6 @@ enum bpf_cmd {
 	BPF_ITER_CREATE,
 	BPF_LINK_DETACH,
 	BPF_PROG_BIND_MAP,
 	BPF_TOKEN_CREATE,
 	__MAX_BPF_CMD,
 };
 enum bpf_map_type {
@ -983,7 +951,6 @@ enum bpf_map_type {
 	BPF_MAP_TYPE_BLOOM_FILTER,
 	BPF_MAP_TYPE_USER_RINGBUF,
 	BPF_MAP_TYPE_CGRP_STORAGE,
 	__MAX_BPF_MAP_TYPE
 };
 /* Note that tracing related programs such as
@ -1028,7 +995,6 @@ enum bpf_prog_type {
 	BPF_PROG_TYPE_SK_LOOKUP,
 	BPF_PROG_TYPE_SYSCALL, /* a program that can execute syscalls */
 	BPF_PROG_TYPE_NETFILTER,
 	__MAX_BPF_PROG_TYPE
 };
 enum bpf_attach_type {
@ -1437,7 +1403,6 @@ union bpf_attr {
 		 * to using 5 hash functions).
 		 */
 		__u64	map_extra;
 		__u32	map_token_fd;
 	};
 	struct { /* anonymous struct used by BPF_MAP_*_ELEM commands */
@ -1507,7 +1472,6 @@ union bpf_attr {
 		 * truncated), or smaller (if log buffer wasn't filled completely).
 		 */
 		__u32		log_true_size;
 		__u32		prog_token_fd;
 	};
 	struct { /* anonymous struct used by BPF_OBJ_* commands */
@ -1620,7 +1584,6 @@ union bpf_attr {
 		 * truncated), or smaller (if log buffer wasn't filled completely).
 		 */
 		__u32		btf_log_true_size;
 		__u32		btf_token_fd;
 	};
 	struct {
@ -1751,11 +1714,6 @@ union bpf_attr {
 		__u32		flags;		/* extra flags */
 	} prog_bind_map;
 	struct { /* struct used by BPF_TOKEN_CREATE command */
 		__u32		flags;
 		__u32		bpffs_fd;
 	} token_create;
 } __attribute__((aligned(8)));
 /* The description below is an attempt at providing documentation to eBPF
--- a/tools/lib/bpf/Build
+++ b/tools/lib/bpf/Build
@ -1,4 +1,4 @@
 libbpf-y := libbpf.o bpf.o nlattr.o btf.o libbpf_errno.o str_error.o \
 	    netlink.o bpf_prog_linfo.o libbpf_probes.o hashmap.o \
 	    btf_dump.o ringbuf.o strset.o linker.o gen_loader.o relo_core.o \
-	    usdt.o zip.o elf.o features.o
+	    usdt.o zip.o elf.o
--- a/tools/lib/bpf/bpf.c
+++ b/tools/lib/bpf/bpf.c
@ -103,7 +103,7 @@ int sys_bpf_prog_load(union bpf_attr *attr, unsigned int size, int attempts)
 *   [0] https://lore.kernel.org/bpf/20201201215900.3569844-1-guro@fb.com/
 *   [1] d05512618056 ("bpf: Add bpf_ktime_get_coarse_ns helper")
 */
-int probe_memcg_account(int token_fd)
+int probe_memcg_account(void)
 {
 	const size_t attr_sz = offsetofend(union bpf_attr, attach_btf_obj_fd);
 	struct bpf_insn insns[] = {
@ -120,7 +120,6 @@ int probe_memcg_account(int token_fd)
 	attr.insns = ptr_to_u64(insns);
 	attr.insn_cnt = insn_cnt;
 	attr.license = ptr_to_u64("GPL");
 	attr.prog_token_fd = token_fd;
 	prog_fd = sys_bpf_fd(BPF_PROG_LOAD, &attr, attr_sz);
 	if (prog_fd >= 0) {
@ -147,7 +146,7 @@ int bump_rlimit_memlock(void)
 	struct rlimit rlim;
 	/* if kernel supports memcg-based accounting, skip bumping RLIMIT_MEMLOCK */
-	if (memlock_bumped || feat_supported(NULL, FEAT_MEMCG_ACCOUNT))
+	if (memlock_bumped || kernel_supports(NULL, FEAT_MEMCG_ACCOUNT))
 		return 0;
 	memlock_bumped = true;
@ -170,7 +169,7 @@ int bpf_map_create(enum bpf_map_type map_type,
 		   __u32 max_entries,
 		   const struct bpf_map_create_opts *opts)
 {
-	const size_t attr_sz = offsetofend(union bpf_attr, map_token_fd);
+	const size_t attr_sz = offsetofend(union bpf_attr, map_extra);
 	union bpf_attr attr;
 	int fd;
@ -182,7 +181,7 @@ int bpf_map_create(enum bpf_map_type map_type,
 		return libbpf_err(-EINVAL);
 	attr.map_type = map_type;
-	if (map_name && feat_supported(NULL, FEAT_PROG_NAME))
+	if (map_name && kernel_supports(NULL, FEAT_PROG_NAME))
 		libbpf_strlcpy(attr.map_name, map_name, sizeof(attr.map_name));
 	attr.key_size = key_size;
 	attr.value_size = value_size;
@ -199,8 +198,6 @@ int bpf_map_create(enum bpf_map_type map_type,
 	attr.numa_node = OPTS_GET(opts, numa_node, 0);
 	attr.map_ifindex = OPTS_GET(opts, map_ifindex, 0);
 	attr.map_token_fd = OPTS_GET(opts, token_fd, 0);
 	fd = sys_bpf_fd(BPF_MAP_CREATE, &attr, attr_sz);
 	return libbpf_err_errno(fd);
 }
@ -235,7 +232,7 @@ int bpf_prog_load(enum bpf_prog_type prog_type,
 		  const struct bpf_insn *insns, size_t insn_cnt,
 		  struct bpf_prog_load_opts *opts)
 {
-	const size_t attr_sz = offsetofend(union bpf_attr, prog_token_fd);
+	const size_t attr_sz = offsetofend(union bpf_attr, log_true_size);
 	void *finfo = NULL, *linfo = NULL;
 	const char *func_info, *line_info;
 	__u32 log_size, log_level, attach_prog_fd, attach_btf_obj_fd;
@ -264,9 +261,8 @@ int bpf_prog_load(enum bpf_prog_type prog_type,
 	attr.prog_flags = OPTS_GET(opts, prog_flags, 0);
 	attr.prog_ifindex = OPTS_GET(opts, prog_ifindex, 0);
 	attr.kern_version = OPTS_GET(opts, kern_version, 0);
 	attr.prog_token_fd = OPTS_GET(opts, token_fd, 0);
-	if (prog_name && feat_supported(NULL, FEAT_PROG_NAME))
+	if (prog_name && kernel_supports(NULL, FEAT_PROG_NAME))
 		libbpf_strlcpy(attr.prog_name, prog_name, sizeof(attr.prog_name));
 	attr.license = ptr_to_u64(license);
@ -1186,7 +1182,7 @@ int bpf_raw_tracepoint_open(const char *name, int prog_fd)
 int bpf_btf_load(const void *btf_data, size_t btf_size, struct bpf_btf_load_opts *opts)
 {
-	const size_t attr_sz = offsetofend(union bpf_attr, btf_token_fd);
+	const size_t attr_sz = offsetofend(union bpf_attr, btf_log_true_size);
 	union bpf_attr attr;
 	char *log_buf;
 	size_t log_size;
@ -1211,8 +1207,6 @@ int bpf_btf_load(const void *btf_data, size_t btf_size, struct bpf_btf_load_opts
 	attr.btf = ptr_to_u64(btf_data);
 	attr.btf_size = btf_size;
 	attr.btf_token_fd = OPTS_GET(opts, token_fd, 0);
 	/* log_level == 0 and log_buf != NULL means "try loading without
 	 * log_buf, but retry with log_buf and log_level=1 on error", which is
 	 * consistent across low-level and high-level BTF and program loading
@ -1293,20 +1287,3 @@ int bpf_prog_bind_map(int prog_fd, int map_fd,
 	ret = sys_bpf(BPF_PROG_BIND_MAP, &attr, attr_sz);
 	return libbpf_err_errno(ret);
 }
 int bpf_token_create(int bpffs_fd, struct bpf_token_create_opts *opts)
 {
 	const size_t attr_sz = offsetofend(union bpf_attr, token_create);
 	union bpf_attr attr;
 	int fd;
 	if (!OPTS_VALID(opts, bpf_token_create_opts))
 		return libbpf_err(-EINVAL);
 	memset(&attr, 0, attr_sz);
 	attr.token_create.bpffs_fd = bpffs_fd;
 	attr.token_create.flags = OPTS_GET(opts, flags, 0);
 	fd = sys_bpf_fd(BPF_TOKEN_CREATE, &attr, attr_sz);
 	return libbpf_err_errno(fd);
 }
--- a/tools/lib/bpf/bpf.h
+++ b/tools/lib/bpf/bpf.h
@ -51,11 +51,8 @@ struct bpf_map_create_opts {
 	__u32 numa_node;
 	__u32 map_ifindex;
 	__u32 token_fd;
 	size_t :0;
 };
-#define bpf_map_create_opts__last_field token_fd
+#define bpf_map_create_opts__last_field map_ifindex
 LIBBPF_API int bpf_map_create(enum bpf_map_type map_type,
 			      const char *map_name,
@ -105,10 +102,9 @@ struct bpf_prog_load_opts {
 	 * If kernel doesn't support this feature, log_size is left unchanged.
 	 */
 	__u32 log_true_size;
 	__u32 token_fd;
 	size_t :0;
 };
-#define bpf_prog_load_opts__last_field token_fd
+#define bpf_prog_load_opts__last_field log_true_size
 LIBBPF_API int bpf_prog_load(enum bpf_prog_type prog_type,
 			     const char *prog_name, const char *license,
@ -134,10 +130,9 @@ struct bpf_btf_load_opts {
 	 * If kernel doesn't support this feature, log_size is left unchanged.
 	 */
 	__u32 log_true_size;
 	__u32 token_fd;
 	size_t :0;
 };
-#define bpf_btf_load_opts__last_field token_fd
+#define bpf_btf_load_opts__last_field log_true_size
 LIBBPF_API int bpf_btf_load(const void *btf_data, size_t btf_size,
 			    struct bpf_btf_load_opts *opts);
@ -645,30 +640,6 @@ struct bpf_test_run_opts {
 LIBBPF_API int bpf_prog_test_run_opts(int prog_fd,
 				      struct bpf_test_run_opts *opts);
 struct bpf_token_create_opts {
 	size_t sz; /* size of this struct for forward/backward compatibility */
 	__u32 flags;
 	size_t :0;
 };
 #define bpf_token_create_opts__last_field flags
 /**
 * @brief **bpf_token_create()** creates a new instance of BPF token derived
 * from specified BPF FS mount point.
 *
 * BPF token created with this API can be passed to bpf() syscall for
 * commands like BPF_PROG_LOAD, BPF_MAP_CREATE, etc.
 *
 * @param bpffs_fd FD for BPF FS instance from which to derive a BPF token
 * instance.
 * @param opts optional BPF token creation options, can be NULL
 *
 * @return BPF token FD > 0, on success; negative error code, otherwise (errno
 * is also set to the error code)
 */
 LIBBPF_API int bpf_token_create(int bpffs_fd,
 				struct bpf_token_create_opts *opts);
 #ifdef __cplusplus
 } /* extern "C" */
 #endif
--- a/tools/lib/bpf/btf.c
+++ b/tools/lib/bpf/btf.c
@ -1317,9 +1317,7 @@ struct btf *btf__parse_split(const char *path, struct btf *base_btf)
 static void *btf_get_raw_data(const struct btf *btf, __u32 *size, bool swap_endian);
-int btf_load_into_kernel(struct btf *btf,
+int btf_load_into_kernel(struct btf *btf, char *log_buf, size_t log_sz, __u32 log_level)
 			 char *log_buf, size_t log_sz, __u32 log_level,
 			 int token_fd)
 {
 	LIBBPF_OPTS(bpf_btf_load_opts, opts);
 	__u32 buf_sz = 0, raw_size;
@ -1369,7 +1367,6 @@ int btf_load_into_kernel(struct btf *btf,
 		opts.log_level = log_level;
 	}
 	opts.token_fd = token_fd;
 	btf->fd = bpf_btf_load(raw_data, raw_size, &opts);
 	if (btf->fd < 0) {
 		/* time to turn on verbose mode and try again */
@ -1397,7 +1394,7 @@ int btf_load_into_kernel(struct btf *btf,
 int btf__load_into_kernel(struct btf *btf)
 {
-	return btf_load_into_kernel(btf, NULL, 0, 0, 0);
+	return btf_load_into_kernel(btf, NULL, 0, 0);
 }
 int btf__fd(const struct btf *btf)
--- a/tools/lib/bpf/elf.c
+++ b/tools/lib/bpf/elf.c
@ -11,6 +11,8 @@
 #include "libbpf_internal.h"
 #include "str_error.h"
 #define STRERR_BUFSIZE  128
 /* A SHT_GNU_versym section holds 16-bit words. This bit is set if
 * the symbol is hidden and can only be seen when referenced using an
 * explicit version number. This is a GNU extension.
--- a/tools/lib/bpf/features.c
+++ b/tools/lib/bpf/features.c
@ -1,478 +0,0 @@
 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
 /* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
 #include <linux/kernel.h>
 #include <linux/filter.h>
 #include "bpf.h"
 #include "libbpf.h"
 #include "libbpf_common.h"
 #include "libbpf_internal.h"
 #include "str_error.h"
 static inline __u64 ptr_to_u64(const void *ptr)
 {
 	return (__u64)(unsigned long)ptr;
 }
 static int probe_fd(int fd)
 {
 	if (fd >= 0)
 		close(fd);
 	return fd >= 0;
 }
 static int probe_kern_prog_name(int token_fd)
 {
 	const size_t attr_sz = offsetofend(union bpf_attr, prog_name);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	union bpf_attr attr;
 	int ret;
 	memset(&attr, 0, attr_sz);
 	attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
 	attr.license = ptr_to_u64("GPL");
 	attr.insns = ptr_to_u64(insns);
 	attr.insn_cnt = (__u32)ARRAY_SIZE(insns);
 	attr.prog_token_fd = token_fd;
 	libbpf_strlcpy(attr.prog_name, "libbpf_nametest", sizeof(attr.prog_name));
 	/* make sure loading with name works */
 	ret = sys_bpf_prog_load(&attr, attr_sz, PROG_LOAD_ATTEMPTS);
 	return probe_fd(ret);
 }
 static int probe_kern_global_data(int token_fd)
 {
 	char *cp, errmsg[STRERR_BUFSIZE];
 	struct bpf_insn insns[] = {
 		BPF_LD_MAP_VALUE(BPF_REG_1, 0, 16),
 		BPF_ST_MEM(BPF_DW, BPF_REG_1, 0, 42),
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	LIBBPF_OPTS(bpf_map_create_opts, map_opts, .token_fd = token_fd);
 	LIBBPF_OPTS(bpf_prog_load_opts, prog_opts, .token_fd = token_fd);
 	int ret, map, insn_cnt = ARRAY_SIZE(insns);
 	map = bpf_map_create(BPF_MAP_TYPE_ARRAY, "libbpf_global", sizeof(int), 32, 1, &map_opts);
 	if (map < 0) {
 		ret = -errno;
 		cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
 		pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
 			__func__, cp, -ret);
 		return ret;
 	}
 	insns[0].imm = map;
 	ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, &prog_opts);
 	close(map);
 	return probe_fd(ret);
 }
 static int probe_kern_btf(int token_fd)
 {
 	static const char strs[] = "\0int";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_btf_func(int token_fd)
 {
 	static const char strs[] = "\0int\0x\0a";
 	/* void x(int a) {} */
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* FUNC_PROTO */                                /* [2] */
 		BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
 		BTF_PARAM_ENC(7, 1),
 		/* FUNC x */                                    /* [3] */
 		BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0), 2),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_btf_func_global(int token_fd)
 {
 	static const char strs[] = "\0int\0x\0a";
 	/* static void x(int a) {} */
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* FUNC_PROTO */                                /* [2] */
 		BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
 		BTF_PARAM_ENC(7, 1),
 		/* FUNC x BTF_FUNC_GLOBAL */                    /* [3] */
 		BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, BTF_FUNC_GLOBAL), 2),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_btf_datasec(int token_fd)
 {
 	static const char strs[] = "\0x\0.data";
 	/* static int a; */
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* VAR x */                                     /* [2] */
 		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
 		BTF_VAR_STATIC,
 		/* DATASEC val */                               /* [3] */
 		BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
 		BTF_VAR_SECINFO_ENC(2, 0, 4),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_btf_float(int token_fd)
 {
 	static const char strs[] = "\0float";
 	__u32 types[] = {
 		/* float */
 		BTF_TYPE_FLOAT_ENC(1, 4),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_btf_decl_tag(int token_fd)
 {
 	static const char strs[] = "\0tag";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* VAR x */                                     /* [2] */
 		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
 		BTF_VAR_STATIC,
 		/* attr */
 		BTF_TYPE_DECL_TAG_ENC(1, 2, -1),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_btf_type_tag(int token_fd)
 {
 	static const char strs[] = "\0tag";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),		/* [1] */
 		/* attr */
 		BTF_TYPE_TYPE_TAG_ENC(1, 1),				/* [2] */
 		/* ptr */
 		BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_PTR, 0, 0), 2),	/* [3] */
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 static int probe_kern_array_mmap(int token_fd)
 {
 	LIBBPF_OPTS(bpf_map_create_opts, opts,
 		.map_flags = BPF_F_MMAPABLE,
 		.token_fd = token_fd,
 	);
 	int fd;
 	fd = bpf_map_create(BPF_MAP_TYPE_ARRAY, "libbpf_mmap", sizeof(int), sizeof(int), 1, &opts);
 	return probe_fd(fd);
 }
 static int probe_kern_exp_attach_type(int token_fd)
 {
 	LIBBPF_OPTS(bpf_prog_load_opts, opts,
 		.expected_attach_type = BPF_CGROUP_INET_SOCK_CREATE,
 		.token_fd = token_fd,
 	);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int fd, insn_cnt = ARRAY_SIZE(insns);
 	/* use any valid combination of program type and (optional)
 	 * non-zero expected attach type (i.e., not a BPF_CGROUP_INET_INGRESS)
 	 * to see if kernel supports expected_attach_type field for
 	 * BPF_PROG_LOAD command
 	 */
 	fd = bpf_prog_load(BPF_PROG_TYPE_CGROUP_SOCK, NULL, "GPL", insns, insn_cnt, &opts);
 	return probe_fd(fd);
 }
 static int probe_kern_probe_read_kernel(int token_fd)
 {
 	LIBBPF_OPTS(bpf_prog_load_opts, opts, .token_fd = token_fd);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_REG(BPF_REG_1, BPF_REG_10),	/* r1 = r10 (fp) */
 		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, -8),	/* r1 += -8 */
 		BPF_MOV64_IMM(BPF_REG_2, 8),		/* r2 = 8 */
 		BPF_MOV64_IMM(BPF_REG_3, 0),		/* r3 = 0 */
 		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_probe_read_kernel),
 		BPF_EXIT_INSN(),
 	};
 	int fd, insn_cnt = ARRAY_SIZE(insns);
 	fd = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, &opts);
 	return probe_fd(fd);
 }
 static int probe_prog_bind_map(int token_fd)
 {
 	char *cp, errmsg[STRERR_BUFSIZE];
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	LIBBPF_OPTS(bpf_map_create_opts, map_opts, .token_fd = token_fd);
 	LIBBPF_OPTS(bpf_prog_load_opts, prog_opts, .token_fd = token_fd);
 	int ret, map, prog, insn_cnt = ARRAY_SIZE(insns);
 	map = bpf_map_create(BPF_MAP_TYPE_ARRAY, "libbpf_det_bind", sizeof(int), 32, 1, &map_opts);
 	if (map < 0) {
 		ret = -errno;
 		cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
 		pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
 			__func__, cp, -ret);
 		return ret;
 	}
 	prog = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, &prog_opts);
 	if (prog < 0) {
 		close(map);
 		return 0;
 	}
 	ret = bpf_prog_bind_map(prog, map, NULL);
 	close(map);
 	close(prog);
 	return ret >= 0;
 }
 static int probe_module_btf(int token_fd)
 {
 	static const char strs[] = "\0int";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
 	};
 	struct bpf_btf_info info;
 	__u32 len = sizeof(info);
 	char name[16];
 	int fd, err;
 	fd = libbpf__load_raw_btf((char *)types, sizeof(types), strs, sizeof(strs), token_fd);
 	if (fd < 0)
 		return 0; /* BTF not supported at all */
 	memset(&info, 0, sizeof(info));
 	info.name = ptr_to_u64(name);
 	info.name_len = sizeof(name);
 	/* check that BPF_OBJ_GET_INFO_BY_FD supports specifying name pointer;
 	 * kernel's module BTF support coincides with support for
 	 * name/name_len fields in struct bpf_btf_info.
 	 */
 	err = bpf_btf_get_info_by_fd(fd, &info, &len);
 	close(fd);
 	return !err;
 }
 static int probe_perf_link(int token_fd)
 {
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	LIBBPF_OPTS(bpf_prog_load_opts, opts, .token_fd = token_fd);
 	int prog_fd, link_fd, err;
 	prog_fd = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL",
 				insns, ARRAY_SIZE(insns), &opts);
 	if (prog_fd < 0)
 		return -errno;
 	/* use invalid perf_event FD to get EBADF, if link is supported;
 	 * otherwise EINVAL should be returned
 	 */
 	link_fd = bpf_link_create(prog_fd, -1, BPF_PERF_EVENT, NULL);
 	err = -errno; /* close() can clobber errno */
 	if (link_fd >= 0)
 		close(link_fd);
 	close(prog_fd);
 	return link_fd < 0 && err == -EBADF;
 }
 static int probe_uprobe_multi_link(int token_fd)
 {
 	LIBBPF_OPTS(bpf_prog_load_opts, load_opts,
 		.expected_attach_type = BPF_TRACE_UPROBE_MULTI,
 		.token_fd = token_fd,
 	);
 	LIBBPF_OPTS(bpf_link_create_opts, link_opts);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int prog_fd, link_fd, err;
 	unsigned long offset = 0;
 	prog_fd = bpf_prog_load(BPF_PROG_TYPE_KPROBE, NULL, "GPL",
 				insns, ARRAY_SIZE(insns), &load_opts);
 	if (prog_fd < 0)
 		return -errno;
 	/* Creating uprobe in '/' binary should fail with -EBADF. */
 	link_opts.uprobe_multi.path = "/";
 	link_opts.uprobe_multi.offsets = &offset;
 	link_opts.uprobe_multi.cnt = 1;
 	link_fd = bpf_link_create(prog_fd, -1, BPF_TRACE_UPROBE_MULTI, &link_opts);
 	err = -errno; /* close() can clobber errno */
 	if (link_fd >= 0)
 		close(link_fd);
 	close(prog_fd);
 	return link_fd < 0 && err == -EBADF;
 }
 static int probe_kern_bpf_cookie(int token_fd)
 {
 	struct bpf_insn insns[] = {
 		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_attach_cookie),
 		BPF_EXIT_INSN(),
 	};
 	LIBBPF_OPTS(bpf_prog_load_opts, opts, .token_fd = token_fd);
 	int ret, insn_cnt = ARRAY_SIZE(insns);
 	ret = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, &opts);
 	return probe_fd(ret);
 }
 static int probe_kern_btf_enum64(int token_fd)
 {
 	static const char strs[] = "\0enum64";
 	__u32 types[] = {
 		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_ENUM64, 0, 0), 8),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs), token_fd));
 }
 typedef int (*feature_probe_fn)(int /* token_fd */);
 static struct kern_feature_cache feature_cache;
 static struct kern_feature_desc {
 	const char *desc;
 	feature_probe_fn probe;
 } feature_probes[__FEAT_CNT] = {
 	[FEAT_PROG_NAME] = {
 		"BPF program name", probe_kern_prog_name,
 	},
 	[FEAT_GLOBAL_DATA] = {
 		"global variables", probe_kern_global_data,
 	},
 	[FEAT_BTF] = {
 		"minimal BTF", probe_kern_btf,
 	},
 	[FEAT_BTF_FUNC] = {
 		"BTF functions", probe_kern_btf_func,
 	},
 	[FEAT_BTF_GLOBAL_FUNC] = {
 		"BTF global function", probe_kern_btf_func_global,
 	},
 	[FEAT_BTF_DATASEC] = {
 		"BTF data section and variable", probe_kern_btf_datasec,
 	},
 	[FEAT_ARRAY_MMAP] = {
 		"ARRAY map mmap()", probe_kern_array_mmap,
 	},
 	[FEAT_EXP_ATTACH_TYPE] = {
 		"BPF_PROG_LOAD expected_attach_type attribute",
 		probe_kern_exp_attach_type,
 	},
 	[FEAT_PROBE_READ_KERN] = {
 		"bpf_probe_read_kernel() helper", probe_kern_probe_read_kernel,
 	},
 	[FEAT_PROG_BIND_MAP] = {
 		"BPF_PROG_BIND_MAP support", probe_prog_bind_map,
 	},
 	[FEAT_MODULE_BTF] = {
 		"module BTF support", probe_module_btf,
 	},
 	[FEAT_BTF_FLOAT] = {
 		"BTF_KIND_FLOAT support", probe_kern_btf_float,
 	},
 	[FEAT_PERF_LINK] = {
 		"BPF perf link support", probe_perf_link,
 	},
 	[FEAT_BTF_DECL_TAG] = {
 		"BTF_KIND_DECL_TAG support", probe_kern_btf_decl_tag,
 	},
 	[FEAT_BTF_TYPE_TAG] = {
 		"BTF_KIND_TYPE_TAG support", probe_kern_btf_type_tag,
 	},
 	[FEAT_MEMCG_ACCOUNT] = {
 		"memcg-based memory accounting", probe_memcg_account,
 	},
 	[FEAT_BPF_COOKIE] = {
 		"BPF cookie support", probe_kern_bpf_cookie,
 	},
 	[FEAT_BTF_ENUM64] = {
 		"BTF_KIND_ENUM64 support", probe_kern_btf_enum64,
 	},
 	[FEAT_SYSCALL_WRAPPER] = {
 		"Kernel using syscall wrapper", probe_kern_syscall_wrapper,
 	},
 	[FEAT_UPROBE_MULTI_LINK] = {
 		"BPF multi-uprobe link support", probe_uprobe_multi_link,
 	},
 };
 bool feat_supported(struct kern_feature_cache *cache, enum kern_feature_id feat_id)
 {
 	struct kern_feature_desc *feat = &feature_probes[feat_id];
 	int ret;
 	/* assume global feature cache, unless custom one is provided */
 	if (!cache)
 		cache = &feature_cache;
 	if (READ_ONCE(cache->res[feat_id]) == FEAT_UNKNOWN) {
 		ret = feat->probe(cache->token_fd);
 		if (ret > 0) {
 			WRITE_ONCE(cache->res[feat_id], FEAT_SUPPORTED);
 		} else if (ret == 0) {
 			WRITE_ONCE(cache->res[feat_id], FEAT_MISSING);
 		} else {
 			pr_warn("Detection of kernel %s support failed: %d\n", feat->desc, ret);
 			WRITE_ONCE(cache->res[feat_id], FEAT_MISSING);
 		}
 	}
 	return READ_ONCE(cache->res[feat_id]) == FEAT_SUPPORTED;
 }
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@ -59,8 +59,6 @@
 #define BPF_FS_MAGIC		0xcafe4a11
 #endif
 #define BPF_FS_DEFAULT_PATH "/sys/fs/bpf"
 #define BPF_INSN_SZ (sizeof(struct bpf_insn))
 /* vsprintf() in __base_pr() uses nonliteral format string. It may break
@ -695,10 +693,6 @@ struct bpf_object {
 	struct usdt_manager *usdt_man;
 	struct kern_feature_cache *feat_cache;
 	char *token_path;
 	int token_fd;
 	char path[];
 };
@ -2198,7 +2192,7 @@ static int build_map_pin_path(struct bpf_map *map, const char *path)
 	int err;
 	if (!path)
-		path = BPF_FS_DEFAULT_PATH;
+		path = "/sys/fs/bpf";
 	err = pathname_concat(buf, sizeof(buf), path, bpf_map__name(map));
 	if (err)
@ -3285,7 +3279,7 @@ static int bpf_object__sanitize_and_load_btf(struct bpf_object *obj)
 	} else {
 		/* currently BPF_BTF_LOAD only supports log_level 1 */
 		err = btf_load_into_kernel(kern_btf, obj->log_buf, obj->log_size,
-					   obj->log_level ? 1 : 0, obj->token_fd);
+					   obj->log_level ? 1 : 0);
 	}
 	if (sanitize) {
 		if (!err) {
@ -4608,63 +4602,6 @@ int bpf_map__set_max_entries(struct bpf_map *map, __u32 max_entries)
 	return 0;
 }
 static int bpf_object_prepare_token(struct bpf_object *obj)
 {
 	const char *bpffs_path;
 	int bpffs_fd = -1, token_fd, err;
 	bool mandatory;
 	enum libbpf_print_level level;
 	/* token is already set up */
 	if (obj->token_fd > 0)
 		return 0;
 	/* token is explicitly prevented */
 	if (obj->token_fd < 0) {
 		pr_debug("object '%s': token is prevented, skipping...\n", obj->name);
 		/* reset to zero to avoid extra checks during map_create and prog_load steps */
 		obj->token_fd = 0;
 		return 0;
 	}
 	mandatory = obj->token_path != NULL;
 	level = mandatory ? LIBBPF_WARN : LIBBPF_DEBUG;
 	bpffs_path = obj->token_path ?: BPF_FS_DEFAULT_PATH;
 	bpffs_fd = open(bpffs_path, O_DIRECTORY, O_RDWR);
 	if (bpffs_fd < 0) {
 		err = -errno;
 		__pr(level, "object '%s': failed (%d) to open BPF FS mount at '%s'%s\n",
 		     obj->name, err, bpffs_path,
 		     mandatory ? "" : ", skipping optional step...");
 		return mandatory ? err : 0;
 	}
 	token_fd = bpf_token_create(bpffs_fd, 0);
 	close(bpffs_fd);
 	if (token_fd < 0) {
 		if (!mandatory && token_fd == -ENOENT) {
 			pr_debug("object '%s': BPF FS at '%s' doesn't have BPF token delegation set up, skipping...\n",
 				 obj->name, bpffs_path);
 			return 0;
 		}
 		__pr(level, "object '%s': failed (%d) to create BPF token from '%s'%s\n",
 		     obj->name, token_fd, bpffs_path,
 		     mandatory ? "" : ", skipping optional step...");
 		return mandatory ? token_fd : 0;
 	}
 	obj->feat_cache = calloc(1, sizeof(*obj->feat_cache));
 	if (!obj->feat_cache) {
 		close(token_fd);
 		return -ENOMEM;
 	}
 	obj->token_fd = token_fd;
 	obj->feat_cache->token_fd = token_fd;
 	return 0;
 }
 static int
 bpf_object__probe_loading(struct bpf_object *obj)
 {
@ -4674,7 +4611,6 @@ bpf_object__probe_loading(struct bpf_object *obj)
 		BPF_EXIT_INSN(),
 	};
 	int ret, insn_cnt = ARRAY_SIZE(insns);
 	LIBBPF_OPTS(bpf_prog_load_opts, opts, .token_fd = obj->token_fd);
 	if (obj->gen_loader)
 		return 0;
@ -4684,9 +4620,9 @@ bpf_object__probe_loading(struct bpf_object *obj)
 		pr_warn("Failed to bump RLIMIT_MEMLOCK (err = %d), you might need to do it explicitly!\n", ret);
 	/* make sure basic loading works */
-	ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, &opts);
+	ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, NULL);
 	if (ret < 0)
-		ret = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, &opts);
+		ret = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, NULL);
 	if (ret < 0) {
 		ret = errno;
 		cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
@ -4701,18 +4637,462 @@ bpf_object__probe_loading(struct bpf_object *obj)
 	return 0;
 }
 static int probe_fd(int fd)
 {
 	if (fd >= 0)
 		close(fd);
 	return fd >= 0;
 }
 static int probe_kern_prog_name(void)
 {
 	const size_t attr_sz = offsetofend(union bpf_attr, prog_name);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	union bpf_attr attr;
 	int ret;
 	memset(&attr, 0, attr_sz);
 	attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
 	attr.license = ptr_to_u64("GPL");
 	attr.insns = ptr_to_u64(insns);
 	attr.insn_cnt = (__u32)ARRAY_SIZE(insns);
 	libbpf_strlcpy(attr.prog_name, "libbpf_nametest", sizeof(attr.prog_name));
 	/* make sure loading with name works */
 	ret = sys_bpf_prog_load(&attr, attr_sz, PROG_LOAD_ATTEMPTS);
 	return probe_fd(ret);
 }
 static int probe_kern_global_data(void)
 {
 	char *cp, errmsg[STRERR_BUFSIZE];
 	struct bpf_insn insns[] = {
 		BPF_LD_MAP_VALUE(BPF_REG_1, 0, 16),
 		BPF_ST_MEM(BPF_DW, BPF_REG_1, 0, 42),
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int ret, map, insn_cnt = ARRAY_SIZE(insns);
 	map = bpf_map_create(BPF_MAP_TYPE_ARRAY, "libbpf_global", sizeof(int), 32, 1, NULL);
 	if (map < 0) {
 		ret = -errno;
 		cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
 		pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
 			__func__, cp, -ret);
 		return ret;
 	}
 	insns[0].imm = map;
 	ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, NULL);
 	close(map);
 	return probe_fd(ret);
 }
 static int probe_kern_btf(void)
 {
 	static const char strs[] = "\0int";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_btf_func(void)
 {
 	static const char strs[] = "\0int\0x\0a";
 	/* void x(int a) {} */
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* FUNC_PROTO */                                /* [2] */
 		BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
 		BTF_PARAM_ENC(7, 1),
 		/* FUNC x */                                    /* [3] */
 		BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0), 2),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_btf_func_global(void)
 {
 	static const char strs[] = "\0int\0x\0a";
 	/* static void x(int a) {} */
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* FUNC_PROTO */                                /* [2] */
 		BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
 		BTF_PARAM_ENC(7, 1),
 		/* FUNC x BTF_FUNC_GLOBAL */                    /* [3] */
 		BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, BTF_FUNC_GLOBAL), 2),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_btf_datasec(void)
 {
 	static const char strs[] = "\0x\0.data";
 	/* static int a; */
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* VAR x */                                     /* [2] */
 		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
 		BTF_VAR_STATIC,
 		/* DATASEC val */                               /* [3] */
 		BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
 		BTF_VAR_SECINFO_ENC(2, 0, 4),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_btf_float(void)
 {
 	static const char strs[] = "\0float";
 	__u32 types[] = {
 		/* float */
 		BTF_TYPE_FLOAT_ENC(1, 4),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_btf_decl_tag(void)
 {
 	static const char strs[] = "\0tag";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
 		/* VAR x */                                     /* [2] */
 		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
 		BTF_VAR_STATIC,
 		/* attr */
 		BTF_TYPE_DECL_TAG_ENC(1, 2, -1),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_btf_type_tag(void)
 {
 	static const char strs[] = "\0tag";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),		/* [1] */
 		/* attr */
 		BTF_TYPE_TYPE_TAG_ENC(1, 1),				/* [2] */
 		/* ptr */
 		BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_PTR, 0, 0), 2),	/* [3] */
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_array_mmap(void)
 {
 	LIBBPF_OPTS(bpf_map_create_opts, opts, .map_flags = BPF_F_MMAPABLE);
 	int fd;
 	fd = bpf_map_create(BPF_MAP_TYPE_ARRAY, "libbpf_mmap", sizeof(int), sizeof(int), 1, &opts);
 	return probe_fd(fd);
 }
 static int probe_kern_exp_attach_type(void)
 {
 	LIBBPF_OPTS(bpf_prog_load_opts, opts, .expected_attach_type = BPF_CGROUP_INET_SOCK_CREATE);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int fd, insn_cnt = ARRAY_SIZE(insns);
 	/* use any valid combination of program type and (optional)
 	 * non-zero expected attach type (i.e., not a BPF_CGROUP_INET_INGRESS)
 	 * to see if kernel supports expected_attach_type field for
 	 * BPF_PROG_LOAD command
 	 */
 	fd = bpf_prog_load(BPF_PROG_TYPE_CGROUP_SOCK, NULL, "GPL", insns, insn_cnt, &opts);
 	return probe_fd(fd);
 }
 static int probe_kern_probe_read_kernel(void)
 {
 	struct bpf_insn insns[] = {
 		BPF_MOV64_REG(BPF_REG_1, BPF_REG_10),	/* r1 = r10 (fp) */
 		BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, -8),	/* r1 += -8 */
 		BPF_MOV64_IMM(BPF_REG_2, 8),		/* r2 = 8 */
 		BPF_MOV64_IMM(BPF_REG_3, 0),		/* r3 = 0 */
 		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_probe_read_kernel),
 		BPF_EXIT_INSN(),
 	};
 	int fd, insn_cnt = ARRAY_SIZE(insns);
 	fd = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, NULL);
 	return probe_fd(fd);
 }
 static int probe_prog_bind_map(void)
 {
 	char *cp, errmsg[STRERR_BUFSIZE];
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int ret, map, prog, insn_cnt = ARRAY_SIZE(insns);
 	map = bpf_map_create(BPF_MAP_TYPE_ARRAY, "libbpf_det_bind", sizeof(int), 32, 1, NULL);
 	if (map < 0) {
 		ret = -errno;
 		cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
 		pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
 			__func__, cp, -ret);
 		return ret;
 	}
 	prog = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, NULL);
 	if (prog < 0) {
 		close(map);
 		return 0;
 	}
 	ret = bpf_prog_bind_map(prog, map, NULL);
 	close(map);
 	close(prog);
 	return ret >= 0;
 }
 static int probe_module_btf(void)
 {
 	static const char strs[] = "\0int";
 	__u32 types[] = {
 		/* int */
 		BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
 	};
 	struct bpf_btf_info info;
 	__u32 len = sizeof(info);
 	char name[16];
 	int fd, err;
 	fd = libbpf__load_raw_btf((char *)types, sizeof(types), strs, sizeof(strs));
 	if (fd < 0)
 		return 0; /* BTF not supported at all */
 	memset(&info, 0, sizeof(info));
 	info.name = ptr_to_u64(name);
 	info.name_len = sizeof(name);
 	/* check that BPF_OBJ_GET_INFO_BY_FD supports specifying name pointer;
 	 * kernel's module BTF support coincides with support for
 	 * name/name_len fields in struct bpf_btf_info.
 	 */
 	err = bpf_btf_get_info_by_fd(fd, &info, &len);
 	close(fd);
 	return !err;
 }
 static int probe_perf_link(void)
 {
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int prog_fd, link_fd, err;
 	prog_fd = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL",
 				insns, ARRAY_SIZE(insns), NULL);
 	if (prog_fd < 0)
 		return -errno;
 	/* use invalid perf_event FD to get EBADF, if link is supported;
 	 * otherwise EINVAL should be returned
 	 */
 	link_fd = bpf_link_create(prog_fd, -1, BPF_PERF_EVENT, NULL);
 	err = -errno; /* close() can clobber errno */
 	if (link_fd >= 0)
 		close(link_fd);
 	close(prog_fd);
 	return link_fd < 0 && err == -EBADF;
 }
 static int probe_uprobe_multi_link(void)
 {
 	LIBBPF_OPTS(bpf_prog_load_opts, load_opts,
 		.expected_attach_type = BPF_TRACE_UPROBE_MULTI,
 	);
 	LIBBPF_OPTS(bpf_link_create_opts, link_opts);
 	struct bpf_insn insns[] = {
 		BPF_MOV64_IMM(BPF_REG_0, 0),
 		BPF_EXIT_INSN(),
 	};
 	int prog_fd, link_fd, err;
 	unsigned long offset = 0;
 	prog_fd = bpf_prog_load(BPF_PROG_TYPE_KPROBE, NULL, "GPL",
 				insns, ARRAY_SIZE(insns), &load_opts);
 	if (prog_fd < 0)
 		return -errno;
 	/* Creating uprobe in '/' binary should fail with -EBADF. */
 	link_opts.uprobe_multi.path = "/";
 	link_opts.uprobe_multi.offsets = &offset;
 	link_opts.uprobe_multi.cnt = 1;
 	link_fd = bpf_link_create(prog_fd, -1, BPF_TRACE_UPROBE_MULTI, &link_opts);
 	err = -errno; /* close() can clobber errno */
 	if (link_fd >= 0)
 		close(link_fd);
 	close(prog_fd);
 	return link_fd < 0 && err == -EBADF;
 }
 static int probe_kern_bpf_cookie(void)
 {
 	struct bpf_insn insns[] = {
 		BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_attach_cookie),
 		BPF_EXIT_INSN(),
 	};
 	int ret, insn_cnt = ARRAY_SIZE(insns);
 	ret = bpf_prog_load(BPF_PROG_TYPE_KPROBE, NULL, "GPL", insns, insn_cnt, NULL);
 	return probe_fd(ret);
 }
 static int probe_kern_btf_enum64(void)
 {
 	static const char strs[] = "\0enum64";
 	__u32 types[] = {
 		BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_ENUM64, 0, 0), 8),
 	};
 	return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
 					     strs, sizeof(strs)));
 }
 static int probe_kern_syscall_wrapper(void);
 enum kern_feature_result {
 	FEAT_UNKNOWN = 0,
 	FEAT_SUPPORTED = 1,
 	FEAT_MISSING = 2,
 };
 typedef int (*feature_probe_fn)(void);
 static struct kern_feature_desc {
 	const char *desc;
 	feature_probe_fn probe;
 	enum kern_feature_result res;
 } feature_probes[__FEAT_CNT] = {
 	[FEAT_PROG_NAME] = {
 		"BPF program name", probe_kern_prog_name,
 	},
 	[FEAT_GLOBAL_DATA] = {
 		"global variables", probe_kern_global_data,
 	},
 	[FEAT_BTF] = {
 		"minimal BTF", probe_kern_btf,
 	},
 	[FEAT_BTF_FUNC] = {
 		"BTF functions", probe_kern_btf_func,
 	},
 	[FEAT_BTF_GLOBAL_FUNC] = {
 		"BTF global function", probe_kern_btf_func_global,
 	},
 	[FEAT_BTF_DATASEC] = {
 		"BTF data section and variable", probe_kern_btf_datasec,
 	},
 	[FEAT_ARRAY_MMAP] = {
 		"ARRAY map mmap()", probe_kern_array_mmap,
 	},
 	[FEAT_EXP_ATTACH_TYPE] = {
 		"BPF_PROG_LOAD expected_attach_type attribute",
 		probe_kern_exp_attach_type,
 	},
 	[FEAT_PROBE_READ_KERN] = {
 		"bpf_probe_read_kernel() helper", probe_kern_probe_read_kernel,
 	},
 	[FEAT_PROG_BIND_MAP] = {
 		"BPF_PROG_BIND_MAP support", probe_prog_bind_map,
 	},
 	[FEAT_MODULE_BTF] = {
 		"module BTF support", probe_module_btf,
 	},
 	[FEAT_BTF_FLOAT] = {
 		"BTF_KIND_FLOAT support", probe_kern_btf_float,
 	},
 	[FEAT_PERF_LINK] = {
 		"BPF perf link support", probe_perf_link,
 	},
 	[FEAT_BTF_DECL_TAG] = {
 		"BTF_KIND_DECL_TAG support", probe_kern_btf_decl_tag,
 	},
 	[FEAT_BTF_TYPE_TAG] = {
 		"BTF_KIND_TYPE_TAG support", probe_kern_btf_type_tag,
 	},
 	[FEAT_MEMCG_ACCOUNT] = {
 		"memcg-based memory accounting", probe_memcg_account,
 	},
 	[FEAT_BPF_COOKIE] = {
 		"BPF cookie support", probe_kern_bpf_cookie,
 	},
 	[FEAT_BTF_ENUM64] = {
 		"BTF_KIND_ENUM64 support", probe_kern_btf_enum64,
 	},
 	[FEAT_SYSCALL_WRAPPER] = {
 		"Kernel using syscall wrapper", probe_kern_syscall_wrapper,
 	},
 	[FEAT_UPROBE_MULTI_LINK] = {
 		"BPF multi-uprobe link support", probe_uprobe_multi_link,
 	},
 };
 bool kernel_supports(const struct bpf_object *obj, enum kern_feature_id feat_id)
 {
 	struct kern_feature_desc *feat = &feature_probes[feat_id];
 	int ret;
 	if (obj && obj->gen_loader)
 		/* To generate loader program assume the latest kernel
 		 * to avoid doing extra prog_load, map_create syscalls.
 		 */
 		return true;
-	if (obj->token_fd)
+	if (READ_ONCE(feat->res) == FEAT_UNKNOWN) {
-		return feat_supported(obj->feat_cache, feat_id);
+		ret = feat->probe();
 		if (ret > 0) {
 			WRITE_ONCE(feat->res, FEAT_SUPPORTED);
 		} else if (ret == 0) {
 			WRITE_ONCE(feat->res, FEAT_MISSING);
 		} else {
 			pr_warn("Detection of kernel %s support failed: %d\n", feat->desc, ret);
 			WRITE_ONCE(feat->res, FEAT_MISSING);
 		}
 	}
-	return feat_supported(NULL, feat_id);
+	return READ_ONCE(feat->res) == FEAT_SUPPORTED;
 }
 static bool map_is_reuse_compat(const struct bpf_map *map, int map_fd)
@ -4831,7 +5211,6 @@ static int bpf_object__create_map(struct bpf_object *obj, struct bpf_map *map, b
 	create_attr.map_flags = def->map_flags;
 	create_attr.numa_node = map->numa_node;
 	create_attr.map_extra = map->map_extra;
 	create_attr.token_fd = obj->token_fd;
 	if (bpf_map__is_struct_ops(map))
 		create_attr.btf_vmlinux_value_type_id = map->btf_vmlinux_value_type_id;
@ -6667,7 +7046,6 @@ static int bpf_object_load_prog(struct bpf_object *obj, struct bpf_program *prog
 	load_attr.attach_btf_id = prog->attach_btf_id;
 	load_attr.kern_version = kern_version;
 	load_attr.prog_ifindex = prog->prog_ifindex;
 	load_attr.token_fd = obj->token_fd;
 	/* specify func_info/line_info only if kernel supports them */
 	btf_fd = bpf_object__btf_fd(obj);
@ -7129,10 +7507,10 @@ static int bpf_object_init_progs(struct bpf_object *obj, const struct bpf_object
 static struct bpf_object *bpf_object_open(const char *path, const void *obj_buf, size_t obj_buf_sz,
 					  const struct bpf_object_open_opts *opts)
 {
-	const char *obj_name, *kconfig, *btf_tmp_path, *token_path;
+	const char *obj_name, *kconfig, *btf_tmp_path;
 	struct bpf_object *obj;
 	char tmp_name[64];
-	int err, token_fd;
+	int err;
 	char *log_buf;
 	size_t log_size;
 	__u32 log_level;
@ -7166,28 +7544,6 @@ static struct bpf_object *bpf_object_open(const char *path, const void *obj_buf,
 	if (log_size && !log_buf)
 		return ERR_PTR(-EINVAL);
 	token_path = OPTS_GET(opts, bpf_token_path, NULL);
 	token_fd = OPTS_GET(opts, bpf_token_fd, -1);
 	/* non-empty token path can't be combined with invalid token FD */
 	if (token_path && token_path[0] != '\0' && token_fd < 0)
 		return ERR_PTR(-EINVAL);
 	/* empty token path can't be combined with valid token FD */
 	if (token_path && token_path[0] == '\0' && token_fd > 0)
 		return ERR_PTR(-EINVAL);
 	/* if user didn't specify bpf_token_path/bpf_token_fd explicitly,
 	 * check if LIBBPF_BPF_TOKEN_PATH envvar was set and treat it as
 	 * bpf_token_path option
 	 */
 	if (token_fd == 0 && !token_path)
 		token_path = getenv("LIBBPF_BPF_TOKEN_PATH");
 	/* empty token_path is equivalent to invalid token_fd */
 	if (token_path && token_path[0] == '\0') {
 		token_path = NULL;
 		token_fd = -1;
 	}
 	if (token_path && strlen(token_path) >= PATH_MAX)
 		return ERR_PTR(-ENAMETOOLONG);
 	obj = bpf_object__new(path, obj_buf, obj_buf_sz, obj_name);
 	if (IS_ERR(obj))
 		return obj;
@ -7196,19 +7552,6 @@ static struct bpf_object *bpf_object_open(const char *path, const void *obj_buf,
 	obj->log_size = log_size;
 	obj->log_level = log_level;
 	obj->token_fd = token_fd <= 0 ? token_fd : dup_good_fd(token_fd);
 	if (token_fd > 0 && obj->token_fd < 0) {
 		err = -errno;
 		goto out;
 	}
 	if (token_path) {
 		obj->token_path = strdup(token_path);
 		if (!obj->token_path) {
 			err = -ENOMEM;
 			goto out;
 		}
 	}
 	btf_tmp_path = OPTS_GET(opts, btf_custom_path, NULL);
 	if (btf_tmp_path) {
 		if (strlen(btf_tmp_path) >= PATH_MAX) {
@ -7719,8 +8062,7 @@ static int bpf_object_load(struct bpf_object *obj, int extra_log_level, const ch
 	if (obj->gen_loader)
 		bpf_gen__init(obj->gen_loader, extra_log_level, obj->nr_programs, obj->nr_maps);
-	err = bpf_object_prepare_token(obj);
+	err = bpf_object__probe_loading(obj);
 	err = err ? : bpf_object__probe_loading(obj);
 	err = err ? : bpf_object__load_vmlinux_btf(obj, false);
 	err = err ? : bpf_object__resolve_externs(obj, obj->kconfig);
 	err = err ? : bpf_object__sanitize_and_load_btf(obj);
@ -8257,11 +8599,6 @@ void bpf_object__close(struct bpf_object *obj)
 	}
 	zfree(&obj->programs);
 	zfree(&obj->feat_cache);
 	zfree(&obj->token_path);
 	if (obj->token_fd > 0)
 		close(obj->token_fd);
 	free(obj);
 }
@ -10275,7 +10612,7 @@ static const char *arch_specific_syscall_pfx(void)
 #endif
 }
-int probe_kern_syscall_wrapper(int token_fd)
+static int probe_kern_syscall_wrapper(void)
 {
 	char syscall_name[64];
 	const char *ksys_pfx;
--- a/tools/lib/bpf/libbpf.h
+++ b/tools/lib/bpf/libbpf.h
@ -177,45 +177,10 @@ struct bpf_object_open_opts {
 	 * logs through its print callback.
 	 */
 	__u32 kernel_log_level;
 	/* FD of a BPF token instantiated by user through bpf_token_create()
 	 * API. BPF object will keep dup()'ed FD internally, so passed token
 	 * FD can be closed after BPF object/skeleton open step.
 	 *
 	 * Setting bpf_token_fd to negative value disables libbpf's automatic
 	 * attempt to create BPF token from default BPF FS mount point
 	 * (/sys/fs/bpf), in case this default behavior is undesirable.
 	 *
 	 * If bpf_token_path and bpf_token_fd are not specified, libbpf will
 	 * consult LIBBPF_BPF_TOKEN_PATH environment variable. If set, it will
 	 * be taken as a value of bpf_token_path option and will force libbpf
 	 * to either create BPF token from provided custom BPF FS path, or
 	 * will disable implicit BPF token creation, if envvar value is an
 	 * empty string.
 	 *
 	 * bpf_token_path and bpf_token_fd are mutually exclusive and only one
 	 * of those options should be set. Either of them overrides
 	 * LIBBPF_BPF_TOKEN_PATH envvar.
 	 */
 	int bpf_token_fd;
 	/* Path to BPF FS mount point to derive BPF token from.
 	 *
 	 * Created BPF token will be used for all bpf() syscall operations
 	 * that accept BPF token (e.g., map creation, BTF and program loads,
 	 * etc) automatically within instantiated BPF object.
 	 *
 	 * Setting bpf_token_path option to empty string disables libbpf's
 	 * automatic attempt to create BPF token from default BPF FS mount
 	 * point (/sys/fs/bpf), in case this default behavior is undesirable.
 	 *
 	 * bpf_token_path and bpf_token_fd are mutually exclusive and only one
 	 * of those options should be set. Either of them overrides
 	 * LIBBPF_BPF_TOKEN_PATH envvar.
 	 */
 	const char *bpf_token_path;
 	size_t :0;
 };
-#define bpf_object_open_opts__last_field bpf_token_path
+#define bpf_object_open_opts__last_field kernel_log_level
 /**
 * @brief **bpf_object__open()** creates a bpf_object by opening
--- a/tools/lib/bpf/libbpf.map
+++ b/tools/lib/bpf/libbpf.map
@ -401,7 +401,6 @@ LIBBPF_1.3.0 {
 		bpf_program__attach_netkit;
 		bpf_program__attach_tcx;
 		bpf_program__attach_uprobe_multi;
 		bpf_token_create;
 		ring__avail_data_size;
 		ring__consume;
 		ring__consumer_pos;
--- a/tools/lib/bpf/libbpf_internal.h
+++ b/tools/lib/bpf/libbpf_internal.h
@ -360,32 +360,15 @@ enum kern_feature_id {
 	__FEAT_CNT,
 };
-enum kern_feature_result {
+int probe_memcg_account(void);
 	FEAT_UNKNOWN = 0,
 	FEAT_SUPPORTED = 1,
 	FEAT_MISSING = 2,
 };
 struct kern_feature_cache {
 	enum kern_feature_result res[__FEAT_CNT];
 	int token_fd;
 };
 bool feat_supported(struct kern_feature_cache *cache, enum kern_feature_id feat_id);
 bool kernel_supports(const struct bpf_object *obj, enum kern_feature_id feat_id);
 int probe_kern_syscall_wrapper(int token_fd);
 int probe_memcg_account(int token_fd);
 int bump_rlimit_memlock(void);
 int parse_cpu_mask_str(const char *s, bool **mask, int *mask_sz);
 int parse_cpu_mask_file(const char *fcpu, bool **mask, int *mask_sz);
 int libbpf__load_raw_btf(const char *raw_types, size_t types_len,
-			 const char *str_sec, size_t str_len,
+			 const char *str_sec, size_t str_len);
-			 int token_fd);
+int btf_load_into_kernel(struct btf *btf, char *log_buf, size_t log_sz, __u32 log_level);
 int btf_load_into_kernel(struct btf *btf,
 			 char *log_buf, size_t log_sz, __u32 log_level,
 			 int token_fd);
 struct btf *btf_get_from_fd(int btf_fd, struct btf *base_btf);
 void btf_get_kernel_prefix_kind(enum bpf_attach_type attach_type,
@ -549,17 +532,6 @@ static inline bool is_ldimm64_insn(struct bpf_insn *insn)
 	return insn->code == (BPF_LD | BPF_IMM | BPF_DW);
 }
 /* Unconditionally dup FD, ensuring it doesn't use [0, 2] range.
 * Original FD is not closed or altered in any other way.
 * Preserves original FD value, if it's invalid (negative).
 */
 static inline int dup_good_fd(int fd)
 {
 	if (fd < 0)
 		return fd;
 	return fcntl(fd, F_DUPFD_CLOEXEC, 3);
 }
 /* if fd is stdin, stdout, or stderr, dup to a fd greater than 2
 * Takes ownership of the fd passed in, and closes it if calling
 * fcntl(fd, F_DUPFD_CLOEXEC, 3).
@ -571,7 +543,7 @@ static inline int ensure_good_fd(int fd)
 	if (fd < 0)
 		return fd;
 	if (fd < 3) {
-		fd = dup_good_fd(fd);
+		fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
 		saved_errno = errno;
 		close(old_fd);
 		errno = saved_errno;
--- a/tools/lib/bpf/libbpf_probes.c
+++ b/tools/lib/bpf/libbpf_probes.c
@ -219,8 +219,7 @@ int libbpf_probe_bpf_prog_type(enum bpf_prog_type prog_type, const void *opts)
 }
 int libbpf__load_raw_btf(const char *raw_types, size_t types_len,
-			 const char *str_sec, size_t str_len,
+			 const char *str_sec, size_t str_len)
 			 int token_fd)
 {
 	struct btf_header hdr = {
 		.magic = BTF_MAGIC,
@ -230,7 +229,6 @@ int libbpf__load_raw_btf(const char *raw_types, size_t types_len,
 		.str_off = types_len,
 		.str_len = str_len,
 	};
 	LIBBPF_OPTS(bpf_btf_load_opts, opts, .token_fd = token_fd);
 	int btf_fd, btf_len;
 	__u8 *raw_btf;
@ -243,7 +241,7 @@ int libbpf__load_raw_btf(const char *raw_types, size_t types_len,
 	memcpy(raw_btf + hdr.hdr_len, raw_types, hdr.type_len);
 	memcpy(raw_btf + hdr.hdr_len + hdr.type_len, str_sec, hdr.str_len);
-	btf_fd = bpf_btf_load(raw_btf, btf_len, &opts);
+	btf_fd = bpf_btf_load(raw_btf, btf_len, NULL);
 	free(raw_btf);
 	return btf_fd;
@ -273,7 +271,7 @@ static int load_local_storage_btf(void)
 	};
 	return libbpf__load_raw_btf((char *)types, sizeof(types),
-				     strs, sizeof(strs), 0);
+				     strs, sizeof(strs));
 }
 static int probe_map_create(enum bpf_map_type map_type)
--- a/tools/lib/bpf/str_error.h
+++ b/tools/lib/bpf/str_error.h
@ -2,8 +2,5 @@
 #ifndef __LIBBPF_STR_ERROR_H
 #define __LIBBPF_STR_ERROR_H
 #define STRERR_BUFSIZE  128
 char *libbpf_strerror_r(int err, char *dst, int len);
 #endif /* __LIBBPF_STR_ERROR_H */
--- a/tools/testing/selftests/bpf/prog_tests/libbpf_probes.c
+++ b/tools/testing/selftests/bpf/prog_tests/libbpf_probes.c
@ -30,8 +30,6 @@ void test_libbpf_probe_prog_types(void)
 		if (prog_type == BPF_PROG_TYPE_UNSPEC)
 			continue;
 		if (strcmp(prog_type_name, "__MAX_BPF_PROG_TYPE") == 0)
 			continue;
 		if (!test__start_subtest(prog_type_name))
 			continue;
@ -70,8 +68,6 @@ void test_libbpf_probe_map_types(void)
 		if (map_type == BPF_MAP_TYPE_UNSPEC)
 			continue;
 		if (strcmp(map_type_name, "__MAX_BPF_MAP_TYPE") == 0)
 			continue;
 		if (!test__start_subtest(map_type_name))
 			continue;
--- a/tools/testing/selftests/bpf/prog_tests/libbpf_str.c
+++ b/tools/testing/selftests/bpf/prog_tests/libbpf_str.c
@ -132,9 +132,6 @@ static void test_libbpf_bpf_map_type_str(void)
 		const char *map_type_str;
 		char buf[256];
 		if (map_type == __MAX_BPF_MAP_TYPE)
 			continue;
 		map_type_name = btf__str_by_offset(btf, e->name_off);
 		map_type_str = libbpf_bpf_map_type_str(map_type);
 		ASSERT_OK_PTR(map_type_str, map_type_name);
@ -189,9 +186,6 @@ static void test_libbpf_bpf_prog_type_str(void)
 		const char *prog_type_str;
 		char buf[256];
 		if (prog_type == __MAX_BPF_PROG_TYPE)
 			continue;
 		prog_type_name = btf__str_by_offset(btf, e->name_off);
 		prog_type_str = libbpf_bpf_prog_type_str(prog_type);
 		ASSERT_OK_PTR(prog_type_str, prog_type_name);
--- a/tools/testing/selftests/bpf/prog_tests/token.c
+++ b/tools/testing/selftests/bpf/prog_tests/token.c
--- a/tools/testing/selftests/bpf/progs/priv_map.c
+++ b/tools/testing/selftests/bpf/progs/priv_map.c
@ -1,13 +0,0 @@
 // SPDX-License-Identifier: GPL-2.0
 /* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
 #include "vmlinux.h"
 #include <bpf/bpf_helpers.h>
 char _license[] SEC("license") = "GPL";
 struct {
 	__uint(type, BPF_MAP_TYPE_QUEUE);
 	__uint(max_entries, 1);
 	__type(value, __u32);
 } priv_map SEC(".maps");
--- a/tools/testing/selftests/bpf/progs/priv_prog.c
+++ b/tools/testing/selftests/bpf/progs/priv_prog.c
@ -1,13 +0,0 @@
 // SPDX-License-Identifier: GPL-2.0
 /* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
 #include "vmlinux.h"
 #include <bpf/bpf_helpers.h>
 char _license[] SEC("license") = "GPL";
 SEC("kprobe")
 int kprobe_prog(void *ctx)
 {
 	return 1;
 }