From cc93afb03679e7c41571fae2b65f67855f640b3d Mon Sep 17 00:00:00 2001
From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Date: Thu, 14 Mar 2024 16:36:45 +0100
Subject: [PATCH] run make update-metadata

Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
---
 doc/config_options.txt          | 14 +++++++++++++-
 lxd/metadata/configuration.json | 14 ++++++++++++--
 2 files changed, 25 insertions(+), 3 deletions(-)

diff --git a/doc/config_options.txt b/doc/config_options.txt
index 62ecbeb45ce2..43cddcfb758e 100644
--- a/doc/config_options.txt
+++ b/doc/config_options.txt
@@ -1791,9 +1791,21 @@ See {ref}`cluster-evacuate` for more information.
 ```{config:option} linux.kernel_modules instance-miscellaneous
 :condition: "container"
 :liveupdate: "yes"
-:shortdesc: "Kernel modules to load before starting the instance"
+:shortdesc: "Kernel modules to load or allow loading"
 :type: "string"
 Specify the kernel modules as a comma-separated list.
+
+The modules are loaded before the instance starts, or they can be loaded by a privileged user if {config:option}`instance-miscellaneous:linux.kernel_modules.load` is set to `dynamic`.
+```
+
+```{config:option} linux.kernel_modules.load instance-miscellaneous
+:condition: "container"
+:defaultdesc: "`boot`"
+:liveupdate: "no"
+:shortdesc: "How to load kernel modules"
+:type: "string"
+This option specifies how to load the kernel modules that are specified in {config:option}`instance-miscellaneous:linux.kernel_modules`.
+Possible values are `boot` (load the modules when booting the container) and `dynamic` (intercept the `finit_modules()` syscall and allow a privileged user in the container's user namespace to load the modules).
 ```
 
 ```{config:option} linux.sysctl.* instance-miscellaneous
diff --git a/lxd/metadata/configuration.json b/lxd/metadata/configuration.json
index 62b7dc2b7894..edd5d24b4044 100644
--- a/lxd/metadata/configuration.json
+++ b/lxd/metadata/configuration.json
@@ -2060,8 +2060,18 @@
 						"linux.kernel_modules": {
 							"condition": "container",
 							"liveupdate": "yes",
-							"longdesc": "Specify the kernel modules as a comma-separated list.",
-							"shortdesc": "Kernel modules to load before starting the instance",
+							"longdesc": "Specify the kernel modules as a comma-separated list.\n\nThe modules are loaded before the instance starts, or they can be loaded by a privileged user if {config:option}`instance-miscellaneous:linux.kernel_modules.load` is set to `dynamic`.",
+							"shortdesc": "Kernel modules to load or allow loading",
+							"type": "string"
+						}
+					},
+					{
+						"linux.kernel_modules.load": {
+							"condition": "container",
+							"defaultdesc": "`boot`",
+							"liveupdate": "no",
+							"longdesc": "This option specifies how to load the kernel modules that are specified in {config:option}`instance-miscellaneous:linux.kernel_modules`.\nPossible values are `boot` (load the modules when booting the container) and `dynamic` (intercept the `finit_modules()` syscall and allow a privileged user in the container's user namespace to load the modules).",
+							"shortdesc": "How to load kernel modules",
 							"type": "string"
 						}
 					},