eBPF Summit 2024

Blog page

ReleaseExternal

Journey to libbpf 1.0

The road to libbpf 1.0 was long, but we've finally arrived! What's new in libbpf 1.0. Main breaking changes. New and exciting features. And great lengths libbpf goes to ensure best user experience when dealing with a complicated world of BPF.

Read more
How-ToExternal

Process Behaviour Anomaly Detection Using eBPF and Unsupervised-Learning Autoencoders

In this post I’m going to describe how to use eBPF syscall tracing in a creative way in order to detect process behaviour anomalies at runtime using an unsupervised learning model called autoencoder.

Read more
CommunityExternal

Intro to eBPF

eBPF is VERY powerful because it's so ingrained where all the magic happens (the Linux kernel). eBPF lets you write custom code in the kernel.

Read more
How-ToExternal

5G Visibility Using eBPF Technology

eBPF is a powerful tool to use in cloud-native environments. This post discusses the basic features of eBPF and how it can be leverage for observability

Read more
CommunityExternal

eBPF — Divulging The Hidden Super Power

If you are a performance engineer/network engineer or even security engineer, the chance of you encountering eBPF technology in the future is very high. eBPF now has a huge community of users, including big players like Meta, Google, Cloudflare, and Netflix all using this tech in their daily operations.

Read more
TechnologyExternal

Differentiate three types of eBPF redirections

There are three types of eBPF redirection fashions in Linux kernel that may confuse developers often: bpf_redirect_peer(), bpf_redirect_neighbor(), and bpf_redirect(). This post helps to clarify them by digging into the code in history order, and also discusses usages & related problems in real world.

Read more
TechnologyExternal

A story about AF_XDP, network namespaces and a cookie

A crash in a development version of flowtrackd (the daemon that powers our Advanced TCP Protection) highlighted the fact that libxdp (and specifically the AF_XDP part) was not Linux network namespace aware. This blogpost describes the debugging journey to find the bug, as well as a fix.

Read more
TechnologyExternal

Linux tracing/profiling 基础:符号表、调用栈、perf /bpftrace 示例等

整理一些 tracing/profiling 笔记,目前内容主要来自 Practical Linux tracing 系列几篇文章。

Read more
TechnologyExternal

Live-patching security vulnerabilities inside the Linux kernel with eBPF Linux Security Module

Learn how to patch Linux security vulnerabilities without rebooting the hardware and how to tighten the security of your Linux operating system with eBPF Linux Security Module

Read more
How-ToExternal

Production ready eBPF, or how we fixed the BSD socket API

We are open sourcing the production tooling we’ve built for the sk_lookup hook we contributed to the Linux kernel, called tubular.

Read more