[Lug-nuts] BPF

I have this old computer, probably from 2015, I see the CPU was released in 2011. The mouse is acting up, and every few months, like 9 or 10, it crashes or reboots or something like that. I always investigate. It happened today (yes, I'm going to replace it. It's my unenclosed system and I have stuff hanging off itLOL. But it is probably time). I noticed some entries about loading and unloading BPF. At first, I read the Wikipedia article. I wish Jimmy would stop asking for money and just cavort with his "executive staff." But the section on security was interesting. Has anybody played with BPF? On this particular system, when it tries to load or unload the BPF, it gets a permission denied. For as far back as I have logs and it does this a few times a day. Usually about a second apart. For the entries around the crash, it tried to do this multiple times over the course of about 7 seconds. The system rebooted when it crashed BTW. In looking at another system, there are no permission denied errors. This sequence, load BPF then unload BPF about a second later, seems to run every day, just after midnight, right around logrotate. For as far back as I have logs, it runs just after midnight and at one other seemingly random time of day. Given what BPF does, this is kind of suspicious. But since it has been going on for awhile, I'm not going to do anything rash. It seems to be only in the logs for actual CPU, as opposed to VM's. Another curious fact is that the system that crashed and generates the permission denied errors has an AMD processor and the other systems I have are Intel. I plan to continue investigating, but I thought I would see if anyone had any thoughts that might prevent me from wasting a lot of time. -Gary