Hacker News

An eBPF overview, part 2: Machine and bytecode(collabora.com)

95 pointsmfilion posted 11 days ago7 Comments
7 Comments:
ngcc_hk said 11 days ago:

Not very clear “index” or links. Or no dates of other parts available (and update to link to them).

But interesting subject.

ncmncm said 10 days ago:

I want to use eBPF to run packet inspection and capture on my NIC, but the library functions accessible from eBPF don't include access to a nanosecond-resolution clock counter, or to efficient DMA to host procesd memory, needed for the job. Is anybody working on that?

qdog said 10 days ago:

bpf_ktime_get_ns() returns nanoseconds, is it not adequate?

I can't really speak to the use of dma and memory, I haven't really looked at that.

ncmncm said 10 days ago:

Thank you, I don't recall finding this when I studied it last.

ilovecaching said 11 days ago:

The ebpf train is really starting to eat Linux from the inside out, and the use cases appear limitless at the point. Only question now is where will ebpf end.

naasking said 11 days ago:

It's funny how everything old is new again. I remember reading a paper in the late 90s about the Pebble kernel which supported a safe bytecode with which you could extend its runtime behaviour.

This might be it:

https://www.usenix.org/conference/workshop-embedded-systems/...

ungamedplayer said 10 days ago:

The first remote kernel exploits. Will signal the beginning of the end.