BPF 支持多种事件源,其中可以简单分为几类,系统调用(Syscalls),网络事件,追踪点(Tracepoints),kprobes和uprobes,性能计数器(Perf Events),cgroup事件,XDP(eXpress Data Path),LSM(Linux Security Modules)钩子,用户自定义追踪点(USDT - User Statically Defined Tracing)。由于篇幅关系,我们不能介绍每一个事件源的具...
bool "Enable BPF LSM Instrumentation" depends on BPF_EVENTS depends on BPF_SYSCALL depends on SECURITY depends on BPF_JIT help Enables instrumentation of the security hooks with BPF programs for implementing dynamic MAC and Audit Policies. If you are unsure how to answer this question, answer N...
This PR adds BPF instrumentation forlsm/path_unlink Which issue(s) this PR fixes: None Does this PR have test? Yes. Special notes for your reviewer: Does this PR introduce a user-facing change? Hi@mhils. Thanks for your PR. I'm waiting for akubernetes-sigsmember to verify that this ...
that was first added to Linux 3.15. BCC makes BPF programs easier to write, with kernel instrumentation in C (and includes a C wrapper around LLVM), and front-ends in Python and lua. It is suited for many tasks, including performance analysis and network traffic control....
slide 26: PROTIP: HOOK THE LSM Most of the relevant functions we care about are already passing through the LSM (with good context), let’s Kprobe there (if we can’t find a tracepoint) as it will be more stable: /include/linux/security.h slide 27: The end end. ...
config BPF_LSM bool "Enable BPF LSM Instrumentation" depends on BPF_EVENTS depends on BPF_SYSCALL depends on SECURITY depends on BPF_JIT help Enables instrumentation of the security hooks with BPF programs for implementing dynamic MAC and Audit Policies. If you are unsure how to answer this qu...
main .github imgs src 0-introduce 1-helloworld .config .gitignore README.md README.zh.md minimal.bpf.c 10-hardirqs 11-bootstrap 12-profile 13-tcpconnlat 14-tcpstates 15-javagc 16-memleak 17-biopattern 18-further-reading 19-lsm-connect ...
bpf_lsm.h bpf_trace.h bpf_types.h bpf_verifier.h bpfilter.h brcmphy.h bsearch.h bsg-lib.h bsg.h btf.h btf_ids.h btree-128.h btree-type.h btree.h btrfs.h buffer_head.h bug.h build-salt.h build_bug.h buildid.h bvec.h c2port.h cache.h cacheinfo.h ca...
bpf_lsm.h bpf_mem_alloc.h bpf_mprog.h bpf_trace.h bpf_types.h bpf_verifier.h bpfptr.h brcmphy.h bsearch.h bsg-lib.h bsg.h btf.h btf_ids.h btree-128.h btree-type.h btree.h btrfs.h buffer_head.h bug.h build-salt.h build_bug.h buildid.h bvec.h c2p...
lsm_hook_defs.h lsm_hooks.h lz4.h lzo.h mISDNdsp.h mISDNhw.h mISDNif.h mailbox_client.h mailbox_controller.h maple.h marvell_phy.h math.h math64.h mbcache.h mbus.h mc146818rtc.h mc6821.h mcb.h mdev.h mdio-bitbang.h mdio-gpio.h mdio-mux.h mdio.h ...