bpftool
bpf-developer-tutorial
bpftool | bpf-developer-tutorial | |
---|---|---|
3 | 8 | |
312 | 1,957 | |
9.3% | 5.7% | |
9.1 | 8.5 | |
20 days ago | 3 months ago | |
C | C | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bpftool
-
BPF for Hid Drivers
In the same way out-of-tree kernel modules are enforced to license themselves as GPL if they intend to use a lot (if not most) of the available functionality, eBPF programs fall under the same restrictions.
bpftool[0] allows to see which the programs are currently running in your system, their bpf asm instructions and whether they are GPL-compliant through `bpftool prog show`
Of course, we still need companies to actually release the source code of their eBPF programs somewhere for the promise to be fulfilled.
[0] https://github.com/libbpf/bpftool
-
How to tell what created/owns each BPF program running in my system ?
Your distro might not ship the newer version but source is available on Github so you don't have to pull the entire kernel repo to build it.
bpf-developer-tutorial
-
eBPF Tutorial by Example 9: Capturing Scheduling Latency and Recording as Histogram
Complete source code can be found at: https://github.com/eunomia-bpf/bpf-developer-tutorial/tree/main/src/9-runqlat
-
The Secure Path Forward for eBPF runtime: Challenges and Innovations
We are github.com/eunomia-bpf, build open source projects to make eBPF easier to use, and exploring new technologies, toolchains and runtimes related to eBPF. For those interested in eBPF technology, check out our tutorial code repository at https://github.com/eunomia-bpf/bpf-developer-tutorial and our tutorials at https://eunomia.dev/tutorials/ for practical understanding and practice. The original text of this article is from https://eunomia.dev/blogs/ebpf-security, welcome to star and follow us.
-
eBPF Tutorial by Example: Learning eBPF Step by Step with Tools
GitHub Repo: https://github.com/eunomia-bpf/bpf-developer-tutorial
Github repo: https://github.com/eunomia-bpf/bpf-developer-tutorial
-
Exploring Seven-Layer Protocol Tracing with eBPF: HTTP and Beyond via Socket Filters and Syscall Tracing
Through this article, readers can gain a deep understanding of how to use eBPF technology for tracing seven-layer protocols, particularly HTTP traffic. This knowledge will help enhance the monitoring and analysis of network traffic, thereby improving application performance and security. If you're interested in learning more about eBPF and its practical applications, you can visit our tutorial code repository at https://github.com/eunomia-bpf/bpf-developer-tutorial or our website at https://eunomia.dev/tutorials/ for more examples and complete tutorials.
-
eBPF Practical Tutorial: Capturing SSL/TLS Plain Text Data Using uprobe
You can find the complete source code here: https://github.com/eunomia-bpf/bpf-developer-tutorial/tree/main/src/30-sslsniff
What are some alternatives?
libbpf - Automated upstream mirror for libbpf stand-alone build.
wasm-bpf - WebAssembly library, toolchain and runtime for eBPF programs
TripleCross - A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
traffico - Shape your traffic the BPF way
bmc-cache - In-kernel cache based on eBPF.
xdp-tutorial - XDP tutorial
bpftune - bpftune uses BPF to auto-tune Linux systems
pwru - Packet, where are you? -- eBPF-based Linux kernel networking debugger
bcc - BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more