Giter VIP home page Giter VIP logo

ebpf_studies's Introduction

eBPF studies

Testing, learning and coding ebpf

Content

About

The examples here shows how to use eBPF to variety of uses like: block a TCP request based on the process name and TCP port; audit process, files and other stuff; demonstrate the use of BPF maps and so forth.

Some of the code is based on the linux eBPF examples provided in the source tree (linux/samples/bpf/). Some can be used within the libbpf-bootstrap tree.

How to

The details for each source are described under its correspondent subfolder. Generally speaking, to use the code, just copy it to your local repo, depending on case. It will be faster and easier.

Requirements

You should have an up-to-date local copy of the Linux Kernel tree:

git clone https://github.com/torvalds/linux.git

An up-to-date local copy of the libbpf-bootstrap tree and the libbpf itself:

git clone https://github.com/libbpf/libbpf-bootstrap.git
git submodule update --init --recursive

Also make sure you have bpftools and cgroups in your system: To run these scripts you will need:

  • Kernel headers (ideally from a 5.7+ kernel):

     sudo apt-get install linux-headers-generic

Or it's equivalent to other Linux Distros

  • Installing clang and other dependencies:

     sudo apt install -y clang llvm golang make

Compiling

Each subfolder have it's own compiling instructions

without libbpf-bootstrap

The following example is based on the code within the cgroups folder

You may use the Makefile to compile the source code as simples as: make

Also, it's possible to compile the code using clang, as follow:

clang -O2 -Wall -target bpf -c basic_ebpf_cgroup.c -o basic_ebpf_cgroup.o

In the above example, the ELF object file will be named "basic_ebpf_cgroup.o", created from the eBPF program "basic_ebpf_cgroup.c". The "target" flag states that clang must create an object with eBPF bytecodes in mind.

with libbpf-bootstrap

The following example is based on the code within the ebpf_maps folder

For the code that use libbpf-bootstrap, just compile passing as argument the code do you want to compile: make example or make minimal

Testing

Each subfolder have it's own testing instructions

ebpf_studies's People

Contributors

pedrofausto avatar

Stargazers

Gregório G. avatar

Watchers

James Cloos avatar avatar Rahul Jadhav avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.