Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Foreword Preface
Conventions Used in This Book Using Code Examples O’Reilly Online Learning How to Contact Us Acknowledgments
1. Introduction
BPF’s History Architecture Conclusion
2. Running Your First BPF Programs
Writing BPF Programs BPF Program Types
Socket Filter Programs Kprobe Programs Tracepoint Programs XDP Programs Perf Event Programs Cgroup Socket Programs Cgroup Open Socket Programs Socket Option Programs Socket Map Programs Cgroup Device Programs Socket Message Delivery Programs Raw Tracepoint Programs Cgroup Socket Address Programs Socket Reuseport Programs Flow Dissection Programs Other BPF Programs
The BPF Verifier BPF Type Format BPF Tail Calls Conclusion
3. BPF Maps
Creating BPF Maps
ELF Conventions to Create BPF Maps
Working with BFP Maps
Updating Elements in a BPF Map Reading Elements from a BPF Map Removing an Element from a BPF Map Iterating Over Elements in a BPF Map Looking Up and Deleting Elements Concurrent Access to Map Elements
Types of BPF Maps
Hash-Table Maps Array Maps Program Array Maps Perf Events Array Maps Per-CPU Hash Maps Per-CPU Array Maps Stack Trace Maps Cgroup Array Maps LRU Hash and Per-CPU Hash Maps LPM Trie Maps Array of Maps and Hash of Maps Device Map Maps CPU Map Maps Open Socket Maps Socket Array and Hash Maps Cgroup Storage and Per-CPU Storage Maps Reuseport Socket Maps Queue Maps Stack Maps
The BPF Virtual Filesystem Conclusion
4. Tracing with BPF
Probes
Kernel Probes
Kprobes Kretprobes
Tracepoints User-Space Probes
Uprobes Uretprobes
User Statically Defined Tracepoints
USDTs bindings for other languages
Visualizing Tracing Data
Flame Graphs Histograms Perf Events
Conclusion
5. BPF Utilities
BPFTool
Installation Feature Display Inspecting BPF Programs Inspecting BPF Maps Inspecting Programs Attached to Specific Interfaces Loading Commands in Batch Mode Displaying BTF Information
BPFTrace
Installation Language Reference Filtering Dynamic Mapping
kubectl-trace
Installation Inspecting Kubernetes Nodes
eBPF Exporter
Installation Exporting Metrics from BPF
Conclusion
6. Linux Networking and BPF
BPF and Packet Filtering
tcpdump and BPF Expressions Packet Filtering for Raw Sockets
The BPF program Load and attach to a network interface
BPF-Based Traffic Control Classifier
Terminology
Queueing disciplines Classful qdiscs, filters, and classes Classless qdiscs
Traffic Control Classifier Program Using cls_bpf
Notes on act_bpf and how cls_bpf is different
Differences Between Traffic Control and XDP
Conclusion
7. Express Data Path
XDP Programs Overview
Operation Modes
Native XDP Offloaded XDP Generic XDP
The Packet Processor
XDP result codes (packet processor actions)
XDP and iproute2 as a Loader
XDP and BCC Testing XDP Programs
XDP Testing Using the Python Unit Testing Framework
XDP Use Cases
Monitoring DDoS Mitigation Load Balancing Firewalling
Conclusion
8. Linux Kernel Security, Capabilities, and Seccomp
Capabilities Seccomp
Seccomp Errors Seccomp BPF Filter Example
BPF LSM Hooks Conclusion
9. Real-World Use Cases
Sysdig eBPF God Mode Flowmill
Index
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion