learn how to use BPF/eBPF

Related tags

Learning, Reference and Tutorials linux-bpf-learning
Overview

学习Linux BPF/eBPF 编程

打造学习BPF知识的中文社区。学习计划如下: bpf-learning-path

相关博文参考

实验环境准备

  • Linux操作系统,推荐使用最新稳定内核版本.

    本人自己的实验环境是Ubuntu 18.04标准版vagrant虚拟机,内核版本为4.15.0。可以从这里下载该vagrant虚拟机环境,已安装bcc工具集合:

    下载链接: https://pan.baidu.com/s/11dsEU6Yk6KGDGNor-fbsgQ 提取码: qvhc。 使用方式可以参考这篇文章

    以下命令如无特殊说明,均在Ubuntu环境下测试执行。

  • 预装clang、LLVM、iproute2、libelf-dev

    # for ubuntu
apt install clang llvm libelf-dev iproute2
# test clang
clang -v
# test llvm
llc --version
# test iproute2
ip link

  • bpftool命令行安装说明

    下载Linux内核源码,进行本地编译。

    # 确认内核版本
uname -r
# 找到对应内核版本的源代码
apt-cache search linux-source
apt install linux-source-5.3.0
apt install libelf-dev

cd /usr/src/linux-source-5.3.0
tar xjf linux-source-5.3.0.tar.bz2
cd linux-source-5.3.0/tools
make -C  bpf/bpftool/
cd bpf/bpftool/
./bpftool prog/net

目录说明

常见问题Q&A

1. 'asm/type.h' file not found

  • 错误现象

    在执行下面命令进行代码编译时,可能会遇到某些头文件找不到的错误:

    clang -I ./headers/ -O2 -target bpf -c tc-xdp-drop-tcp.c -o tc-xdp-drop-tcp.o

In file included from tc-xdp-drop-tcp.c:2:
In file included from /usr/include/linux/bpf.h:11:
/usr/include/linux/types.h:5:10: fatal error: 'asm/types.h' file not found
#include 
     
        ^~~~~~~~~~~~~
1 error generated.

  • 原因分析

    在源代码文件中引用了某些系统目录(一般为/usr/include/)下的头文件,而这些头文件没有出现在目标路径下,导致编译失败。

    如上述问题中的asm相关文件,asm全称Architecture Specific Macros,直译过来“与机器架构相关的宏文件”,顾名思义它是跟机器架构密切相关的,不同的架构x86、x64、arm实现是不一样的,而操作系统并没有提供/usr/include/asm/这样通用的目录,只提供了具体架构相关的目录,如/usr/include/x86_64-linux-gnu/asm/,因此无法找到引用。

  • 解决方案

    添加软链/usr/include/asm/,指向操作系统自带的asm目录:

    cd /usr/include
ln -s ./x86_64-linux-gnu/asm asm

2. 'bpf/bpf_helpers.h' file not found

  • 解决方案

    apt-get install libbpf-dev
# run `apt-file update` if needed
apt-file list libbpf-dev | grep bpf_helpers.h
# you will get the result like: libbpf-dev: /usr/include/bpf/bpf_helpers.h

参考材料

You might also like...
A reliable and easy to use CPP program header file for simplifying, code writing in cpp

CPP Custom Header This header file main purpose is to implement most famous and most used algorithm that are easy to implement but quite lengthy and t

Jitesh Kumar 1 Dec 22, 2021
C++ intrusive container templates. Abstract node links, no use of new/delete.

C-plus-plus-intrusive-container-templates C++ intrusive container templates. Abstract node links, no use of new/delete (AVL tree, singly-linked list,

Walt Karas 10 Nov 7, 2022
Tutorial how to use Travis CI with C++

travis_cpp_tutorial Branch master develop richel Tutorial how to use Travis CI with C++. View the tutorial (screen friendly) Download the PDF Want to

Richel Bilderbeek 176 Dec 8, 2022
Android 12 | Support BPF

Android 12 | Support BPF

初羽 3 Oct 26, 2021
fuzz the linux kernel bpf verifier

INTRODUCTION The idea comes from scannell's blog, Fuzzing for eBPF JIT bugs in the Linux kernel. It contains three parts: qemu fuzzlib ebpf sample gen

zerons 66 Nov 20, 2022
traces tcp requests in kernel. allow to set up IPs to filter dynamically using bpf-map.

ttcp cilium/ebpf/examples/tcprtt에다가 BPF_MAP_TYPE_HASH를 추가해서 srcAddr을 필터링하도록 수정함. 어플리케이션에는 Http API를 추가해서 필터링할 IP를 추가, 삭제, 조회할 수 있도록 함. Getting Startd

null 8 May 20, 2022
Learn basic elements in C++ and learn CMake

learn-cpp-cmake Learn basic elements in C++ and learn CMake This repo has code from several sources. If you think we have violated any copyright law o

mafiaboy009 6 Mar 1, 2022
Use eBPF to speed up your Service Mesh like crossing an Einstein-Rosen Bridge.

merbridge Use eBPF to speed up your Service Mesh like crossing an Einstein-Rosen Bridge. Usage You just only need to run the following command to your

null 533 Jan 7, 2023
Haxe bindings for raylib, a simple and easy-to-use library to learn videogame programming
Haxe bindings for raylib, a simple and easy-to-use library to learn videogame programming

Haxe bindings for raylib, a simple and easy-to-use library to learn videogame programming, Currently works only for windows but feel free the expand t

FSasquatch 36 Dec 16, 2022
A package to use Material side sheet into your Flutter project. Learn more about side sheet at Material.io
A package to use Material side sheet into your Flutter project. Learn more about side sheet at Material.io

Side Sheet A package to use Material side sheet into your Flutter project. Learn more about side sheet at Material.io Platform Support Android iOS Mac

Lalit Jarwal 6 Aug 25, 2022
CppThreadPool - The original intention of this project is to learn the new C++20 standard in use.

CppThreadPool Introduction The original intention of this project is to learn the new C++20 standard in use. Therefore, make sure your compiler suppor

Hello_World 2 Sep 27, 2022
Example program using eBPF to log data being based in using shell pipes

Example program using eBPF to log data being based in using shell pipes (|)

pat_h/to/file 35 Oct 21, 2022
Erlang interface to eBPF

ebpf Erlang eBPF library Overview ebpf facilitates basic interaction with the Linux eBPF system from Erlang.

null 48 Sep 16, 2022
libsinsp, libscap, the kernel module driver, and the eBPF driver sources

falcosecurity/libs As per the OSS Libraries Contribution Plan, this repository has been chosen to be the new home for libsinsp, libscap, the kernel mo

Falco 133 Dec 29, 2022
Basic eBPF examples in Golang using libbpfgo

libbpfgo-beginners Basic eBPF examples in Golang using libbpfgo. Accompanying slides from my talk at GOTOpia 2021 called Beginner's Guide to eBPF Prog

Liz Rice 166 Dec 28, 2022
Linux Application Level Firewall based on eBPF and NFQUEUE.
Linux Application Level Firewall based on eBPF and NFQUEUE.

eBPFSnitch eBPFSnitch is a Linux Application Level Firewall based on eBPF and NFQUEUE. It is inspired by OpenSnitch, and Douane, but utilizing modern

Harpo Roeder 665 Dec 29, 2022
In-kernel cache based on eBPF.

BMC BMC (BPF Memory Cache) is an in-kernel cache for memcached. It enables runtime, crash-safe extension of the Linux kernel to process specific memca

Orange 383 Dec 16, 2022
eBPF bytecode assembler and compiler

An eBPF bytecode assembler and compiler that * Assembles the bytecode to object code. * Compiles the bytecode to C macro preprocessors. Symbolic

Emil Masoumi 6 Jan 23, 2022
Example how to run eBPF probes without a usermode process using fentry

Pinning eBPF Probes Simple example to demonstrate how to pin kernel function and syscall probes. Overview From my reading of the kernel code, KProbe a

pat_h/to/file 3 Jun 7, 2021
Comments
  • ebpf的用途

    ebpf的用途

    大佬你好,我想在内核网络IO路径上对指定的数据结构(msghdr/iov_iter/iovec)做可靠性加固(假设是极端环境、软硬件不可靠的场景)。比如说在内核访问这些数据结构前需要验证下这些数据结构的正确性,是否可以用ebpf程序对这些数据结构做监测,一旦内核访问这些数据结构,就跳转到我的ebpf程序执行?望百忙中抽空指导下实现思路,不胜感激~ PS:不知道有没有群/微信可以加一下呢?想交流学习下

    opened by fordream11 4
  • ip link set dev 加载在内核出现问题

    ip link set dev 加载在内核出现问题

    你好 clang完.c没有问题,但是加载内核的时候出现12 bytes struct bpf_elf_map fixup performed due to size mismatch! ELF contains relo data for non ld64 instruction at offset 19! Compiler bug?!

    • Try to annotate functions with always_inline attribute! Error fetching program/map! 是什么情况呢
    opened by maquess 1
  • eBPF TC 程序获取 payload

    eBPF TC 程序获取 payload

    大佬你好,

    不知道你有没有尝试过在 tc 程序中获取网络数据包的 payload。

    一般根据 skb 的长度和各个协议包头的长度可以计算出有效的 payload 长度,现在我想利用 bpf_skb_load_bytes() 这个函数将 payload 拷贝到自己定义的 buffer 中,想着后续匹配下关键词什么的。

    结果一直绕不过 eBPF verifier 的校验,不知道大佬是否有相关经验可以分享?

    opened by cheneytianx 2
  • 加载网卡的时候出错

    加载网卡的时候出错

    运行的linux-bpf-learning/bpf/bpf-maps/examples-in-kernel/xdp_ip_tracker_kern.c,正常clang编译完成之后,加载在网卡上出现的错误,系统环境是linux,版本是Linux ubuntu 4.15.0-29-generic #31-Ubuntu SMP UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

    opened by maquess 2
Owner
Wen-Quan Li
The truth is out there
Wen-Quan Li
GitHub
Basic eBPF examples in Golang using libbpfgo

libbpfgo-beginners Basic eBPF examples in Golang using libbpfgo. Accompanying slides from my talk at GOTOpia 2021 called Beginner's Guide to eBPF Prog

Liz Rice 166 Dec 28, 2022
Step by step, learn to develop an operating system on RISC-V

This course is used to teach and demonstrate how to write a simple operating system kernel for the RISC-V platform from scratch.

null 373 Jan 3, 2023
📘 CHAPTER-6 📘 10 days of C++. Learn the basics of C++. Other topics will be covered in chapter-7

CPP-BOOK CHAPTER - 6: 10 days of C++. Learn the basics of C++. Other topics will be covered in the next chapter(premium) /* Multi-line Comment */ // S

CodeMacrocosm 10 Oct 29, 2022
I am planning to add a beginner friendly path for my Juniors to Learn DSA and I will try to provide solutions of every problem also. We can add codeChef Challenge solutions also

DSA-Path-And-Important-Questions I am planning to add a beginner friendly path for my Juniors to Learn DSA Are you a Newbie in programming and want to

Arpit Jain 35 Dec 8, 2022
C++ OpenGL 3D Game Tutorial Series - Learn to code an OpenGL 3D Game in C++ from scratch

C++ OpenGL 3D Game Tutorial Series is a YouTube Tutorial Series, whose purpose is to help all those who want to take their first steps in the game dev

PardCode 118 Dec 22, 2022
My projects while i learn C language.

Coding Exercises Projects that i made while i am learning C language. Exercise 1: prime-numbers.c It is a program that checks whether the given number

Berkay Şahin 2 Apr 12, 2022
A place where you can learn and practise various Problems and algorithms

Problem-Solving Problem solving is an art of solving some real time challenges. And this is a place to get started, you can find many problems to solv

Google DSC, GVP Chapter 10 Apr 22, 2022
A project uses for beginners, who wants to learn basic Cpp.

Learning Basic Cpp The basic project for who wants to learn Cpp. Notes: All the files are coded using Microsoft Visual Studio 2019. If you want to cod

null 1 Jan 28, 2022
A library of language lexers for use with Scintilla

README for Lexilla library. The Lexilla library contains a set of lexers and folders that provides support for programming, mark-up, and data languag

Scintilla 93 Jan 1, 2023
Welcome to my dungeon. Here, I keep all my configuration files in case I have a stroke and lose all my memory. You're very welcome to explore and use anything in this repository. Have fun!

Fr1nge's Dotfiles Welcome to my dungeon. Here, I keep all my configuration files in case I have a stroke an d lose all my memory. You're very welcome

Fr1nge 33 Oct 28, 2022