Hacker News with Generative AI: eBPF

When eBPF pt_regs reads return garbage on the latest Linux kernels, blame Fred (tanelpoder.com)
TLDR; Starting from Linux kernel version 6.9 on x86_64, there’s a new config option CONFIG_X86_FRED enabled and it adds 16 bytes to the bottom of a task’s kernel stack area, so you’ll need to account for this extra padding in your “raw” kernel stack & pt_regs lookup code.
Linux Kernel, Kernel Development, x86_64, eBPF, Security
104 points by tanelpoder 6 days ago | 11 comments
List Any Linux Tracepoint with Their Arguments, Datatypes and Related Structs (tanelpoder.com)
This should be something useful for Linux kernel explorers and eBPF nerds!
Linux Kernel, eBPF, Programming, Debugging, System Programming
40 points by tanelpoder 34 days ago | 5 comments
Case Study: ByteDance Uses eBPF to Enhance Networking Performance (ebpf.foundation)
Bytedance, a global technology company operating a wide range of content platforms around the world at massive scale, faced significant challenges in ensuring performance and stability across its data centers.
Case Study, Networking, Performance, eBPF, ByteDance
178 points by ChrisArchitect 36 days ago | 26 comments
Harpoon: Trace syscalls from user-space functions, by using eBPF (github.com/alegrey91)
Harpoon aims to capture the syscalls (as if they were fishes) from the execution flow (the river) of a single user-defined function.
Security, Linux, Programming, eBPF, Debugging
8 points by thunderbong 78 days ago | 0 comments
A KeyLogger using eBPF written in Rust (github.com/pythops)
Capture keystrokes and store them in a queue in the kernel. Intercept DNS requests and inject the captured keystroes in the DNS payload then redirect the request designated remote server acting as a DNS proxy. On the remote server, extract the keys from the DNS payload and send a valid DNS response. Intercept the response and modify its source address so the initial request will complete successfully.
Security, Rust, eBPF, Networking, Keylogging
11 points by pythops 93 days ago | 0 comments
eBPF Security Threat Model [pdf] (github.com/ebpffoundation)
Security, eBPF, Threat Modeling
9 points by mooreds 96 days ago | 0 comments
eBPF Verifier Code Review – NCC Group [pdf] (nccgroup.com)
Security, Code Review, eBPF
14 points by ghostpepper 109 days ago | 0 comments
Kyanos: eBPF-based network issue analysis tool (github.com/hengyoush)
Kyanos is an eBPF-based network issue analysis tool that enables you to capture network requests, such as HTTP, Redis, and MySQL requests.
Network Analysis, eBPF, Open Source, Tools, Networking
194 points by lijunhao 111 days ago | 14 comments
Every boring problem found in eBPF (2022) (tmpout.sh)
You may be wondering, "if you're filling an article with caveats about BPF, why should I even bother trying to use it?" Great question, straw man. There are a number of things BPF is really, really, good at that you should consider.
eBPF, Operating Systems, Networking, Security, Performance
163 points by udev4096 125 days ago | 11 comments
TUI for sniffing network traffic using eBPF on Linux (github.com/pythops)
🕵️‍♂️ TUI for sniffing network traffic using eBPF on Linux
Network Security, Linux, eBPF, TUI, Open Source
11 points by pythops 179 days ago | 0 comments
Show HN: Goroutine Monitor Powered by eBPF (github.com/keisku)
gmon is a tool designed to monitor the creation and destruction of goroutines in a Go program, drawing inspiration from the presentation Real World Debugging with eBPF.
Go Programming, Debugging, Performance Monitoring, eBPF
75 points by keisku 180 days ago | 2 comments
Writing a system call tracer using eBPF (sh4dy.com)
System Calls, eBPF, Linux Kernel, Security, Programming
99 points by tim_sw 214 days ago | 2 comments
eBPF Offensive Capabilities – Get Ready for Next-Gen Malware (2023) (sysdig.com)
Security, Malware, eBPF, Networking
89 points by password4321 225 days ago | 13 comments
Instrumenting Python GIL with eBPF (coroot.com)
Python, Performance, eBPF, Monitoring, Debugging
118 points by lukastyrychtr 230 days ago | 33 comments
Instrumenting Python GIL with eBPF (coroot.com)
Python, Instrumentation, eBPF
19 points by avivallssa 237 days ago | 0 comments
Capturing Linux SSL/TLS plaintext without a CA certificate using eBPF (github.com/gojue)
Linux, Security, Networking, eBPF
183 points by walterbell 238 days ago | 70 comments
The coming eBPF revolution and why Kubernetes monitoring will never be the same (getanteon.com)
Kubernetes, Monitoring, eBPF, Revolution, Cloud
17 points by nickwritesit 240 days ago | 13 comments
How eBPF is shaping the future of Linux and platform engineering (infoworld.com)
Linux, Network Engineering, eBPF, Platform Engineering
10 points by cempaka 253 days ago | 1 comments
Bpftop: Dynamic real-time view of running eBPF programs (github.com/Netflix)
Networking, eBPF, Linux, Open Source, Performance Monitoring
31 points by tanelpoder 254 days ago | 2 comments
eBPF BCC to libbpf conversion guide (nakryiko.com)
eBPF, BCC, Linux Kernel, Networking, Performance Optimization
13 points by tanelpoder 269 days ago | 0 comments
Linux: Easy Keylogger with eBPF (2018) (blogspot.com)
Linux, Security, Keylogging, eBPF
13 points by mooreds 324 days ago | 1 comments