bpftool
bmc-cache
bpftool | bmc-cache | |
---|---|---|
2 | 2 | |
303 | 421 | |
6.6% | 0.0% | |
9.1 | 0.0 | |
7 days ago | over 2 years ago | |
C | C | |
GNU General Public License v3.0 or later | GNU Lesser General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bpftool
-
BPF for Hid Drivers
In the same way out-of-tree kernel modules are enforced to license themselves as GPL if they intend to use a lot (if not most) of the available functionality, eBPF programs fall under the same restrictions.
bpftool[0] allows to see which the programs are currently running in your system, their bpf asm instructions and whether they are GPL-compliant through `bpftool prog show`
Of course, we still need companies to actually release the source code of their eBPF programs somewhere for the promise to be fulfilled.
[0] https://github.com/libbpf/bpftool
-
How to tell what created/owns each BPF program running in my system ?
Your distro might not ship the newer version but source is available on Github so you don't have to pull the entire kernel repo to build it.
bmc-cache
What are some alternatives?
libbpf - Automated upstream mirror for libbpf stand-alone build.
tubular - BSD socket API on steroids
TripleCross - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
bpftune - bpftune uses BPF to auto-tune Linux systems
traffico - Shape your traffic the BPF way
p4c-xdp - Backend for the P4 compiler targeting XDP
pwru - Packet, where are you? -- eBPF-based Linux kernel networking debugger
loxilb-ebpf - loxilb ebpf sub-module
bpf-developer-tutorial - eBPF Developer Tutorial: Learning eBPF Step by Step with Examples
bpfcov - Source-code based coverage for eBPF programs actually running in the Linux kernel