I like to know how to create ebpf map with char array value I tried like this and this is full code for the ebpf program and this is my user function I assigned to perf_buffer_opts and this is the full code. so can anyone please tell what I am doing wrong why is saying invalid argument full userspace code
Tag: bpf
Can’t compile sample bpf program, bpf/bpf.h is missing
I’m trying to compile the sample bpf program in Linux source code. So I downloaded the current kernel source code and entered samples/bpf folder Then I tried to compile a sample program with gcc: And I’m unable to find bpf/bpf.h with apt-file What was wrong? Answer The Linux eBPF samples come with…
How to protect an eBPF firewall in traffic filter (tc-bpf)
I’m going to implement a firewall on the traffic control classifier(man 8 tc-bpf). The firewall is to filter outgoing traffic. But, there is one point which makes the task really hard. My userspace agent must know, is that filter(classifier) loaded and passing all outgoing traffic through itself or not.…
Capturing PTP packets with Linux raw socket
I want to implement a C program that captures all the Precision-Time-Protocol (PTP) frames on the Ethernet, so I created a raw socket and attached a filter for PTP, I use recvmsg() to read data from the socket. The first issue is that I wasn’t receiving any PTP frames so I commented out the filter but n…
bpftrace: uprobe target file does not exist or is not executable
I want to use bpftrace to trace functions inside libasan library, which is inside /usr/lib/x86_64-linux-gnu/. However sudo bpftrace -e ‘uretprobe:/usr/lib/x86_64-linux-gnu/libasan.so.4: __interceptor_malloc { printf(“pid: %d, malloc %pn”, pid, retval); }’ gives error: uprobe target fil…
bpf/bcc reports error when trying to access `struct rq`
This is my bpf program to profile a kernel function pick_next_task_fiar. It reports error as follow: My question why the bpf can not recognise the struct rq since I have already included the # include <linux/sched.h>. However, it does recognise the struct task_struct. These two structs are in the same h…