Highest Voted 'libbpf' Questions

0

votes

1 answer

Implementing bpftrace histogram in libbpf

I am implementing bpftrace's histogram in libbpf. struct { __uint(type, BPF_MAP_TYPE_HASH); __uint(max_entries, 1024); __type(key, u64); __type(value, u64); } latency_map SEC(".maps"); u64 bin = log2(latency); void *read =…

bpf libbpf bpftrace

asked Jun 12 '23 at 01:35

mq7

1,125
2
11
21

0

votes

1 answer

How to use atomic operations with user-space variable in BPF?

I am trying to do a CAS with __sync_val_compare_and_swap in my eBPF code. As this operation needs to be atomic I cannot use bpf_probe_read_user. With a regular kernel variable __sync_val_compare_and_swap works with no issue. However when using a…

linux-kernel ebpf bpf compare-and-swap libbpf

asked Jun 09 '23 at 16:02

Victor

9
4

0

votes

1 answer

How to initialize eBPF tail call program array map statically

this is a clone repo I had https://github.com/vincentmli/XDPeriments/blob/master/Cookies/xdp_dns_cookies_kern.c and i am trying to initialize the tail call program array map statically instead of running user space eBPF loader to populate the…

c linux ebpf xdp-bpf libbpf

asked May 16 '23 at 19:13

99Linux

176
1
2
12

0

votes

0 answers

Libbpf eBPF fails to attach, bpftrace succeeds

I am currently experimenting with BPF, both by libbpf and bpftrace. So far I've found some differences that I need help understanding. For this specific case I am trying to instrument, authelia authentication and authorization server written in go.…

linux-kernel ebpf bpf libbpf bpftrace

asked May 02 '23 at 16:23

nela

429
5
13

0

votes

1 answer

Sharing ebpf maps between 2 interface

I'm currently using 2 interfaces and 1 program, im trying to share the maps between the 2 programs, but I have no idea how to do that. I have looked on the internet and found people explaining how to do it, but I don't know how to apply it to the…

ebpf bpf xdp-bpf libbpf

asked Mar 24 '23 at 08:52

Fyu Sub

1
1

0

votes

0 answers

Trace 'Accept' system call with eBPF and calculate the wallclock time between 'accept' and 'close' of a PID

I am trying to measure the time it takes for a particular process to accept a connection using the 'accept' system call and close the connection. To accomplish this, I want to use eBPF to trace the 'accept' system call and calculate the wallclock…

c ebpf bpf libbpf

asked Feb 22 '23 at 05:20

Ajith

45
1
7

0

votes

1 answer

eBPF verifier error in reading map value struct with a __u64 element

I'm trying to use an eBPF map which looks like this: struct { __uint(type, BPF_MAP_TYPE_HASH); __uint(max_entries, MAX_ENTRIES); __type(key, u32); __type(value, struct sock_info *); } lookup SEC(".maps"); and sock_info is defined as…

ebpf libbpf

asked Feb 21 '23 at 00:03

Aditya

3
3

0

votes

1 answer

No member named 'si' in 'struct pt_regs'

I am trying to compile the following eBPF code, #include "vmlinux.h" #include #include SEC("kprobe/do_sys_openat2") int kprobe__do_sys_openat2(struct pt_regs *ctx) { char file_name[256]; …

c linux makefile ebpf libbpf

asked Jan 13 '23 at 11:06

imawful

69
5

0

votes

2 answers

string matching in bpf programs

I am writing a bpf program in which i need to match prefix of filename in openat syscall. Since we cannot link libc, and there is no such builtin function, i wrote one myself. #define MAX_FILE_NAME_LENGTH 128 #define LOG_DIR "/my/prefix" #define…

ebpf bpf libbpf

asked Jan 09 '23 at 13:30

weima

4,653
6
34
55

0

votes

0 answers

libbpf: gnu/stub-32.h required on amd64 when building bpf program

I am trying to write some uprobes for tracing nginx and am struggling to build the bpf program. More specifically, when including nginx header files in order to parse data, the build does not register my 64-bit architecture and wants to include…

c linux ubuntu ebpf libbpf

asked Dec 06 '22 at 10:20

nela

429
5
13

0

votes

0 answers

unknown func bpf_probe_read#4 in XDP&eBPF program

I write a tool with eBPF, which will read the specified packet with XDP. I once compile and run it successfully in 5.04 kernel edition. But when I run it in kernel 4.19, it could be compiled, but error in load and verify. The error message is : 372:…

ebpf xdp-bpf libbpf

asked Nov 10 '22 at 09:33

Shang Dong

21
2

0

votes

1 answer

How to access BPF map from userspace that was created in kernel space

I am a complete novice at anything ebpf but trying out some random ideas to get some knowledge. I wanted to have an eBPF module that could filter some packets based on an allowed list of CIDR. A userspace application should be able to update the…

c++ ebpf libbpf

asked Oct 26 '22 at 17:00

incubus

681
1
5
21

0

votes

1 answer

libbpf: CO-RE program fexit cannot log event on specific function

I want to create a program that logs a message when net_ns_net_exit function in the kernel is called. SEC("fexit/net_ns_net_exit") int BPF_PROG(net_ns_net_exit, struct net *net, long ret) #endif { __u64 netns_inum = BPF_CORE_READ(net, ns.inum); …

ebpf bpf libbpf

asked Oct 20 '22 at 17:38

luu

1

0

votes

1 answer

eBPF : How to get syscall id using raw_tracepoint/sys_exit

I’d like to use raw_tracepoint with libbpf to record syscalls . Is there any way to get syscall_id using bpf raw tracepoint program SEC("raw_tracepoint/sys_exit") ? I tried to search the documents about raw tracepoints and tracepoints, but I…

linux ebpf libbpf

asked Oct 04 '22 at 00:46

SUMAN KUMARI

1

0

votes

1 answer

eBPF Validation error when trying to hash a string (process name)

Hi I am trying to generate a 32bit hash for the full process name in ebpf. These process names can be long and will not fit on the stack hence the "heap" per cpu array. I am currently using libbpf bootstrap as a prototype from here:…

linux-kernel ebpf libbpf

asked Aug 17 '22 at 00:49

onedsc

1
2

Questions tagged [libbpf]