This folder contains projects for eBPF_hub.
see https://github.com/linuxkerneltravel/lmp_docs for how to generate website and usage.
libbpf probes to see if your sys fs exports the file /sys/kernel/btf/vmlinux
(from Kernel 5.5+) or if you have the ELF version in your system code
Please note the ELF file could exist without the BTF info in it. Your Kconfig should contain the options below
Compile options
CONFIG_DEBUG_INFO_BTF=y
CONFIG_DEBUG_INFO=y
Also, make sure that you have pahole 1.13 (or preferably 1.16+) during the kernel build (it comes from dwarves package). Without it, BTF won't be generated, and on older kernels you'd get only warning, but still would build kernel successfully
It's possible to run some tools in kernels that don't expose
/sys/kernel/btf/vmlinux
. For those cases,
BTFGen
and BTFHub can be used to
generate small BTF files for the most popular Linux distributions that
are shipped with the tools in order to provide the needed information to
perform the CO-RE relocations when loading the eBPF programs.
If you haven't cloned the
btfhub-archive repository, you
can run make and it'll clone it for you into the $HOME/.local/share
directory:
make ENABLE_MIN_CORE_BTFS=1 -j$(nproc)
If you have a local copy of such repository, you can pass it's location to avoid cloning it again:
make ENABLE_MIN_CORE_BTFS=1 BTF_HUB_ARCHIVE=<path_to_btfhub-archive> -j$(nproc)
The project can be a dir or a git submodule, with at lease the following files:
README,md
If you use eunomia-bpf, the project will be build automatically.
Tools are expected to follow a simple naming convention:
<tool>.bpf.c
contains BPF C code, which gets compiled into package.json
<tool>.h
can optionally contain types exported to userspace through pref event or ring buffer<tool>.bpf.h
can optionally contain any types and constants, shared by both BPF and userspace sides of a tool.You can check the template project for more details. all posts should have headers in the first 10 lines like this:
---
layout: post
title: sigsnoop
date: 2022-10-10 16:18
category: bpftools
author: yunwei37
tags: [bpftools, syscall, kprobe, tracepoint]
summary: Trace signals generated system wide, from syscalls and others.
---
left 2 lines blank after the header.
Most codes come from:
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。