GitXplorerGitXplorer
m

hello-libbpfgo

public
149 stars
25 forks
7 issues

Commits

List of commits on branch master.
Verified
9439876f77270bf46f874a4066c1ce1e33a049d3

chore(deps): Bump golang.org/x/sys from 0.20.0 to 0.26.0 (#24)

ddependabot[bot] committed 2 months ago
Verified
67e1b3d50316506f314f9cc4a66f72164822469f

Bump github.com/florianl/go-tc from 0.4.3 to 0.4.4 (#21)

ddependabot[bot] committed 2 months ago
Unverified
e8d9b9b8aacad1c8ee3d247ae7fa7457ed42f734

add 43-tcx-ingress-hello and 44-tcx-egress-hello

mmozillazg committed 2 months ago
Unverified
d19c9b2c2150aba4c505ee2996481332b1a5285c

add 41-raw-tracepoint-args-with-macro and 42-btf-raw-tracepoint-args-with-macro

mmozillazg committed 2 months ago
Unverified
fbe87f1952e800ac1c9ca74cca990b5c0b98d835

fix table

mmozillazg committed 3 months ago
Unverified
33c99b54b332f26d0b8240d9fc1e510d91c5c3b6

40: add 40-lsm-block-path_unlink

mmozillazg committed 3 months ago

README

The README file for this repository.

hello-libbpfgo

|Build examples|

Examples for libbpf, aquasecurity/libbpfgo <https://github.com/aquasecurity/libbpfgo>__ and cilium/ebpf <https://github.com/cilium/ebpf>__.

setup develop env

.. code-block:: shell

$ vagrant up

Program Types

Examples by program type:

+-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | Program Type | Attach Type | ELF Section Name | Examples | +===========================================+========================================+==================================+===========================================+ | BPF_PROG_TYPE_CGROUP_DEVICE | BPF_CGROUP_DEVICE | cgroup/dev | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_CGROUP_SKB | | cgroup/skb | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET_EGRESS | cgroup_skb/egress | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET_INGRESS | cgroup_skb/ingress | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_CGROUP_SOCKOPT | BPF_CGROUP_GETSOCKOPT | cgroup/getsockopt | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_SETSOCKOPT | cgroup/setsockopt | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_CGROUP_SOCK_ADDR | BPF_CGROUP_INET4_BIND | cgroup/bind4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET4_CONNECT | cgroup/connect4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET4_GETPEERNAME | cgroup/getpeername4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET4_GETSOCKNAME | cgroup/getsockname4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET6_BIND | cgroup/bind6 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET6_CONNECT | cgroup/connect6 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET6_GETPEERNAME | cgroup/getpeername6 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET6_GETSOCKNAME | cgroup/getsockname6 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_UDP4_RECVMSG | cgroup/recvmsg4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_UDP4_SENDMSG | cgroup/sendmsg4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_UDP6_RECVMSG | cgroup/recvmsg6 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_UDP6_SENDMSG | cgroup/sendmsg6 | | | +----------------------------------------+----------------------------------+-------------------------------------------+ | | BPF_CGROUP_UNIX_CONNECT | cgroup/connect_unix | | | +----------------------------------------+----------------------------------+-------------------------------------------+ | | BPF_CGROUP_UNIX_SENDMSG | cgroup/sendmsg_unix | | | +----------------------------------------+----------------------------------+-------------------------------------------+ | | BPF_CGROUP_UNIX_RECVMSG | cgroup/recvmsg_unix | | | +----------------------------------------+----------------------------------+-------------------------------------------+ | | BPF_CGROUP_UNIX_GETPEERNAME | cgroup/getpeername_unix | | | +----------------------------------------+----------------------------------+-------------------------------------------+ | | BPF_CGROUP_UNIX_GETSOCKNAME | cgroup/getsockname_unix | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_CGROUP_SOCK | BPF_CGROUP_INET4_POST_BIND | cgroup/post_bind4 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET6_POST_BIND | cgroup/post_bind6 | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET_SOCK_CREATE | cgroup/sock_create | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | cgroup/sock | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_CGROUP_INET_SOCK_RELEASE | cgroup/sock_release | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_CGROUP_SYSCTL | BPF_CGROUP_SYSCTL | cgroup/sysctl | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_EXT | | freplace+ | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_FLOW_DISSECTOR | BPF_FLOW_DISSECTOR | flow_dissector | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_KPROBE | | kprobe+ |28_ 29_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | kretprobe+ |28_ 29_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | ksyscall+ |30_ 31_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | kretsyscall+ |30_ 31_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | uprobe+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | uprobe.s+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | uretprobe+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | uretprobe.s+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | usdt+ | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TRACE_KPROBE_MULTI | kprobe.multi+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | kretprobe.multi+ | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_LIRC_MODE2 | BPF_LIRC_MODE2 | lirc_mode2 | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_LSM | BPF_LSM_CGROUP | lsm_cgroup+ | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_LSM_MAC | lsm+ |26_ 40_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | lsm.s+ | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_LWT_IN | | lwt_in | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_LWT_OUT | | lwt_out | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_LWT_SEG6LOCAL | | lwt_seg6local | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_LWT_XMIT | | lwt_xmit | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_NETFILTER | | netfilter | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_PERF_EVENT | | perf_event | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE | | raw_tp.w+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | raw_tracepoint.w+ | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_RAW_TRACEPOINT | | raw_tp+ |12_ 13_ 41_ |

  •                                       +                                        +----------------------------------+                                           +

| | | raw_tracepoint+ | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SCHED_ACT | | action | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SCHED_CLS | | classifier |21_ 25_ |

  •                                       +                                        +----------------------------------+                                           +

| | | tc | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_NETKIT_PRIMARY | netkit/primary | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_NETKIT_PEER | netkit/peer | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TCX_INGRESS | tc/ingress |43_ |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TCX_EGRESS | tc/egress |44_ |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TCX_INGRESS | tcx/ingress |43_ |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TCX_EGRESS | tcx/egress |44_ | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SK_LOOKUP | BPF_SK_LOOKUP | sk_lookup | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SK_MSG | BPF_SK_MSG_VERDICT | sk_msg | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SK_REUSEPORT | BPF_SK_REUSEPORT_SELECT_OR_MIGRATE | sk_reuseport/migrate | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_SK_REUSEPORT_SELECT | sk_reuseport | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SK_SKB | | sk_skb | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_SK_SKB_STREAM_PARSER | sk_skb/stream_parser | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_SK_SKB_STREAM_VERDICT | sk_skb/stream_verdict | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SOCKET_FILTER | | socket |18_ 19_ 20_ 39_ | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SOCK_OPS | BPF_CGROUP_SOCK_OPS | sockops | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_STRUCT_OPS | | struct_ops+ | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_SYSCALL | | syscall | | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_TRACEPOINT | | tp+ |04_ 07_ 14_ |

  •                                       +                                        +----------------------------------+`35`_ `36`_ `37`_                          +

| | | tracepoint+ |38_ | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_TRACING | BPF_MODIFY_RETURN | fmod_ret+ | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | fmod_ret.s+ | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TRACE_FENTRY | fentry+ |32_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | fentry.s+ | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TRACE_FEXIT | fexit+ |32_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | fexit.s+ | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TRACE_ITER | iter+ |34_ |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | iter.s+ | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_TRACE_RAW_TP | tp_btf+ |16_ 17_ 42_ | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+ | BPF_PROG_TYPE_XDP | BPF_XDP_CPUMAP | xdp.frags/cpumap | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | xdp/cpumap | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_XDP_DEVMAP | xdp.frags/devmap | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | xdp/devmap | |

  •                                       +----------------------------------------+----------------------------------+-------------------------------------------+

| | BPF_XDP | xdp.frags | |

  •                                       +                                        +----------------------------------+-------------------------------------------+

| | | xdp |33_ | +-------------------------------------------+----------------------------------------+----------------------------------+-------------------------------------------+

.. |Build examples| image:: https://github.com/mozillazg/hello-libbpfgo/actions/workflows/build.yml/badge.svg?branch=master :target: https://github.com/mozillazg/hello-libbpfgo/actions/workflows/build.yml

.. _04: 04-tracepoint .. _07: 07-tracepoint-args .. _12: 12-raw-tracepoint-args .. _13: 13-raw-tracepoint-args-sched_switch .. _14: 14-tracepoint-args-sched_switch .. _16: 16-btf-raw-tracepoint-args .. _17: 17-btf-raw-tracepoint-args-sched_switch .. _18: 18-socket-filter-capture-icmp-traffic-kernel-parse .. _19: 19-socket-filter-capture-icmp-traffic-userspace-parse .. _20: 20-socket-filter-capture-icmp-traffic-kernel-parse-without-llvm-load .. _21: 21-tc-parse-packet-with-bpf_skb_load_bytes .. _25: 25-tc-parse-packet-with-direct-memory-access .. _26: 26-lsm-path_chmod .. _28: 28-kprobe-hello .. _29: 29-kprobe-hello-with-macro .. _30: 30-ksyscall-hello .. _31: 31-ksyscall-hello-with-macro .. _32: 32-fentry-hello .. _33: 33-xdp-hello .. _34: 34-iter-task-hello .. _35: 35-tracepoint-args-use-custom-struct .. _36: 36-tracepoint-args-sched_switch-use-custom-struct .. _37: 37-tracepoint-sched_process_exec .. _38: 38-raw-tracepoint-sched_wakeup .. _39: 39-socket-filter-tcp .. _40: 40-lsm-block-path_unlink .. _41: 41-raw-tracepoint-args-with-macro .. _42: 42-btf-raw-tracepoint-args-with-macro .. _43: 43-tcx-ingress-hello .. _44: 44-tcx-egress-hello

https://mozillazg.com/tag/libbpf.html