Don’t miss eCHO tomorrow when I’ll be learning from Alan Maguire about how bpftune is using reinforcement learning to tune kernel parameters. Join us and bring your questions and ideas! It’s the last eCHO of 2023 too 🙋♀️#eBPF
"'"In this blog, we'll demonstrate how #eBPF can be practically used for function #tracing. […]
We'll begin by covering the basics of eBPF and #uprobes. Following that, we'll apply these concepts in a real-world example. […]
Our example involves a user-space program calling a function with randomized parameters. Our eBPF program will track how many times each parameter is called. […]"'"
Daniel Borkmann presents the new netkit Linux devices, a pair of virtual devices programmed by #eBPF.
This will replace veth devices in Cilium and bring container performance on par with the host. #LinuxPlumbers
In his talk, Masami Hiramatsu provides a nice overview of the various tracing #eBPF probes, what tracing mechanism they use, and what context they have.
He proposes to use ftrace_regs across the board, to reduce overhead. #LinuxPlumbers
At #LinuxPlumbers, Yusheng Zheng presents bpftime, by far the userspace #eBPF runtime with the largest kernel compatibility! This should help avoid the huge overhead of kernel uprobes.
Here's a concrete example of why I think #eBPF is the wave of the future.
This little script, written in the training wheels bpftrace language, monitors for shell executions on the system. It reports shell invocations and full command lines, and also alerts when service users (uid < 1000) invoke a shell. It also can be invoked in KILL MODE, which will murdalize those unauthorized shells.
This effectively stops most webshells in their tracks. It's not perfect, but as a demo of what's possible, I think pretty neat!
Off to Vienna 🇦🇹 for the first time tomorrow - I'll be speaking on Wednesday morning about #eBPF superpowers for cloud native at KCD Austria. Who will I see there?
considering its #computerphile I anticipate they will say a thing or two about what eBPF is, and then go tangent off into something entirely related for 20 minutes and call it a day, but lets see https://www.youtube.com/watch?v=J_EehoXLbIU
🎬 Going live in under half an hour, on eCHO this week Kev Sheldrake is joining me to show some networking enhancements to Tetragon. Come join us, #eBPF friends!
- it is not in #BPF, we cannot talk about it at netdev conf. […]```
/me wonders what this kind of argument should be called; "appeal to cool technology" maybe?
Source: "[RFC bpf-next 0/8] BPF 'force to MPTCP'"
<https://lore.kernel.org/mptcp/cover.1688616142.git.geliang.tang@suse.com/> #Linux #kernel #eBPF #LinuxKernel #MPTCP
Introducing bpftune, an automatic configurator that monitors your workloads and sets the correct [#Linux] #kernel parameter values! […] using #BPF […] pluggable infrastructure that is open to contributions. […]#eBPF#LinuxKernel
Learning about Ansible Ops with #GitLab OIDC security hands-on, and how folks are building developer experience cloud platforms (spontaneous talk today at 3pm that includes GitLab).
Practiced a lot for my #eBPF workshop @CloudLandFestival yesterday, while learning about Power BI and Azure monitoring. The eBPF workshop Linux VM froze in the middle, but we continued practicing in theory, and had a great time overall. Everyone can learn async, slides at https://go.gitlab.com/2rrbrh 🤗 (Kudos to @lizrice for the inspiration)
Prompted by the recent thread/inquiry by @Patricia with @HalvarFlake’s reply I went to see if somebody was now working on applying formal methods to the eBPF verifier. Turns out there are some folks at the University of Texas at Austin that released a paper titled “Formal Verification of the Linux Kernel eBPF Verifier Range Analysis”